7d7845acb5
Some checks failed
linux-aarch64-cpu-gcc / linux-gcc-aarch64 (Release) (push) Waiting to run
linux-arm-gcc / linux-gcc-arm (Debug) (push) Waiting to run
linux-arm-gcc / linux-gcc-arm (Release) (push) Waiting to run
linux-arm-gcc / linux-gcc-armhf (Debug) (push) Waiting to run
linux-arm-gcc / linux-gcc-armhf (Release) (push) Waiting to run
linux-mips-gcc / linux-gcc-mipsel (Debug) (push) Waiting to run
linux-mips-gcc / linux-gcc-mipsel (Release) (push) Waiting to run
linux-mips64-gcc / linux-gcc-mips64el (Debug) (push) Waiting to run
linux-mips64-gcc / linux-gcc-mips64el (Release) (push) Waiting to run
linux-riscv64-gcc / linux-gcc-riscv64 (Debug) (push) Waiting to run
linux-riscv64-gcc / linux-gcc-riscv64 (Release) (push) Waiting to run
linux-x64-clang / linux-clang (Debug) (push) Waiting to run
linux-x64-clang / linux-clang (Release) (push) Waiting to run
linux-x64-gcc / linux-gcc (Debug) (push) Waiting to run
linux-x64-gcc / linux-gcc (Release) (push) Waiting to run
linux-x86-gcc / linux-gcc (Debug) (push) Waiting to run
linux-x86-gcc / linux-gcc (Release) (push) Waiting to run
android / build (push) Failing after 7m1s
linux-aarch64-cpu-gcc / linux-gcc-aarch64 (Debug) (push) Has been cancelled
10710 lines
294 KiB
Plaintext
10710 lines
294 KiB
Plaintext
_ _ ____ _
|
||
___| | | | _ \| |
|
||
/ __| | | | |_) | |
|
||
| (__| |_| | _ <| |___
|
||
\___|\___/|_| \_\_____|
|
||
|
||
Changelog
|
||
|
||
Version 8.8.0 (22 May 2024)
|
||
|
||
Daniel Stenberg (22 May 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- THANKS: add contributors from 8.8.0
|
||
|
||
Nathan Moinvaziri (21 May 2024)
|
||
|
||
- url: remove duplicate call to Curl_conncache_remove_conn when pruning
|
||
|
||
- remove unnecessary prunedead struct from prune_dead_connections
|
||
- rename extract_if_dead to prune_if_dead for clarity
|
||
|
||
Closes #13710
|
||
|
||
Joseph Chen (21 May 2024)
|
||
|
||
- curl_setup.h: add support for IAR compiler
|
||
|
||
Closes #13728
|
||
|
||
Stephen Farrell (21 May 2024)
|
||
|
||
- docs/ECH: typo/clarification
|
||
|
||
Closes #13727
|
||
|
||
Viktor Szakats (21 May 2024)
|
||
|
||
- hash: delete unused debug function
|
||
|
||
It had no use in the curl codebase and was also protected by the macro
|
||
`AGGRESSIVE_TEST` (renamed in 2020), also with no local reference.
|
||
|
||
Added in ca6e77083768858aa34207f8c5dce38b3c05336d (2002-11-11)
|
||
|
||
Closes #13729
|
||
|
||
Stefan Eissing (21 May 2024)
|
||
|
||
- content_encoding: reject transfer-encoding after chunked
|
||
|
||
reject a response that applies a transfer-encoding after a 'chunked'
|
||
encoding. RFC 9112 ch. 6.1 required chunked to be the final encoding.
|
||
|
||
Closes #13733
|
||
|
||
- http: HEAD response body tolerance
|
||
|
||
- as reported in #13725, some servers wrongly send body bytes in
|
||
responses to a HEAD request. This used to be tolerated in curl
|
||
8.4 and before and leads to failed transfers in newer versions.
|
||
- restore previous behaviour for HTTP/1.1 and HTTP/2:
|
||
* 1.1: do not add 'Transfer-Encoding' writers from HEAD
|
||
responses. RFC 9112 says they do not apply.
|
||
* 2: when the transfer expects 'no_body', to not report stream
|
||
resets as error when all response headers have been received.
|
||
|
||
Reported-by: Jeroen Ooms
|
||
Fixes #13725
|
||
Closes #13732
|
||
|
||
Viktor Szakats (20 May 2024)
|
||
|
||
- tests: fix TFTP test 2305 on Windows
|
||
|
||
Ref: #13692
|
||
Closes #13724
|
||
|
||
Jay Satiro (20 May 2024)
|
||
|
||
- openssl: revert keylog_callback support for LibreSSL
|
||
|
||
- Revert to the legacy TLS 1.2 key logging code for LibreSSL.
|
||
|
||
- Document SSLKEYLOGFILE for LibreSSL is TLS 1.2 max.
|
||
|
||
Prior to this change if the user specified a filename in the
|
||
SSLKEYLOGFILE environment variable and was using LibreSSL 3.5.0+ then
|
||
an empty file would be created and no keys would be logged.
|
||
|
||
This is effectively a revert of e43474b4 which changed openssl.c to use
|
||
SSL_CTX_set_keylog_callback for LibreSSL 3.5.0+. Unfortunately LibreSSL
|
||
added that function only as a stub that doesn't actually do anything.
|
||
|
||
Reported-by: Gonçalo Carvalho
|
||
|
||
Fixes https://github.com/curl/curl/issues/13672
|
||
Closes https://github.com/curl/curl/pull/13682
|
||
|
||
renovate[bot] (19 May 2024)
|
||
|
||
- GHA: pin dependencies
|
||
|
||
Closes #13712
|
||
|
||
Viktor Szakats (19 May 2024)
|
||
|
||
- appveyor: drop unnecessary `--clean-first` cmake option
|
||
|
||
In CI all machines are fresh on startup, making the `clean` operation
|
||
unnecessary. This can save some time/energy for each job run.
|
||
|
||
Closes #13707
|
||
|
||
- cmake: merge two `if(BUILD_TESTING)` branches
|
||
|
||
Closes #13708
|
||
|
||
Tatsuhiro Tsujikawa (19 May 2024)
|
||
|
||
- GHA: bump nghttp2 to v1.62.1
|
||
|
||
Use gcc-12 explicitly to compile C++20 source files.
|
||
|
||
Closes #13702
|
||
|
||
Viktor Szakats (19 May 2024)
|
||
|
||
- GHA: add NetBSD, OpenBSD, FreeBSD/arm64 and OmniOS jobs
|
||
|
||
Add these jobs to GHA:
|
||
- NetBSD, cmake-unity, clang, OpenSSL, x86_64, with tests, w/o python,
|
||
no parallelism (was flaky sometimes)
|
||
- OpenBSD, cmake-unity, clang, LibreSSL, x86_64, with tests,
|
||
with python, -j8, TFTP results ignored due to #13623.
|
||
- FreeBSD, cmake-unity and autotools, clang, OpenSSL, arm64
|
||
(Tests disabled for arm64, because they are slow. It's available for
|
||
x86_64 with python, -j12.)
|
||
Configuration matches our existing Cirrus CI one.
|
||
- OmniOS, autotools, gcc, OpenSSL, x86_64, with tests, -j12.
|
||
|
||
All build with websockets and examples.
|
||
|
||
Closes #13583
|
||
|
||
- GHA: disable TFTP test on native Windows
|
||
|
||
Some TFTP tests seem to enter into a loop and maybe hang?
|
||
|
||
E.g. 1007, 1009, 1238
|
||
|
||
Try fixing it by skipping all TFTP tests.
|
||
|
||
Ref: https://github.com/curl/curl/actions/runs/9141987545/job/25137038249?pr=
|
||
13698
|
||
|
||
Also drop mingw-w64 test exclusions copy-pasted from MSYS jobs.
|
||
|
||
Possibly related: cffbcc3110c1eda2e333f9cfe2e269154618793a #5364
|
||
|
||
Close #13699
|
||
|
||
renovate[bot] (18 May 2024)
|
||
|
||
- GHA: pin dependencies
|
||
|
||
Closes #13691
|
||
|
||
Viktor Szakats (18 May 2024)
|
||
|
||
- cmake: do not pass linker flags to the static library tool
|
||
|
||
Do not add linker flags to the global CMake static library tool (aka
|
||
"static linker") (e.g. `ar`) flags list. They don't mix well. This was
|
||
only done after successfully detecting GSSAPI.
|
||
|
||
Linker flags seen on Old Linux CI:
|
||
```
|
||
-- |GSS_LINKER_FLAGS|-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/lib/x86_64-li
|
||
nux-gnu/heimdal|
|
||
-- |CMAKE_STATIC_LINKER_FLAGS| -Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/lib
|
||
/x86_64-linux-gnu/heimdal|
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/9138988036/job/25130791712#ste
|
||
p:6:85
|
||
|
||
Causing:
|
||
```
|
||
/usr/bin/ar qc libcurltool.a -Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/lib/
|
||
x86_64-linux-gnu/heimdal
|
||
CMakeFiles/curltool.dir/slist_wc.c.o CMakeFiles/curltool.dir/tool_binmode.c
|
||
.o CMakeFiles/curltool.dir/tool_bname.c.o
|
||
[...]
|
||
CMakeFiles/curltool.dir/tool_writeout_json.c.o CMakeFiles/curltool.dir/tool
|
||
_xattr.c.o CMakeFiles/curltool.dir/var.c.o
|
||
CMakeFiles/curltool.dir/__/lib/base64.c.o CMakeFiles/curltool.dir/__/lib/dy
|
||
nbuf.c.o
|
||
/usr/bin/ar: invalid option -- 'W'
|
||
Usage: /usr/bin/ar [emulation options] [-]{dmpqrstx}[abcDfilMNoPsSTuvV] [--pl
|
||
ugin <name>] [member-name] [count] archive-file file...
|
||
/usr/bin/ar -M [<mri-script]
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/9138988036/job/25130791712#ste
|
||
p:9:125
|
||
|
||
This problem is invisible at the moment because of another bug (#13698)
|
||
that misses building unit tests when not using either the
|
||
`ENABLE_DEBUG=ON` or `ENABLE_CURLDEBUG=ON` options (to set
|
||
`-DCURLDEBUG`):
|
||
```
|
||
test 1300 SKIPPED: curl lacks unittest support
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/9135571781/job/25123104557#ste
|
||
p:9:2883
|
||
|
||
With that fixed, this becomes the next issue.
|
||
|
||
It's possible this bug also required an older CMake version and/or
|
||
a specific OS environment which uses linker flags in GSSAPI that are not
|
||
playing well with `ar` options, to reproduce.
|
||
|
||
Follow-up to 558814e16d84aa202c5ccc0c8108a9d728e77a58 (2014-09-25)
|
||
Ref: #13698
|
||
Closes #13697
|
||
|
||
- GHA: ignore flaky test2302 results on Windows
|
||
|
||
WebSockets:
|
||
```
|
||
TESTFAIL: These test cases failed: 2302
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/9139155361/job/25131144383?pr=
|
||
13689#step:14:9892
|
||
|
||
Follow-up to 36fd2dd6ee874726c628e67fcf6415a2e52bfe29 #13599
|
||
Ref: #13692
|
||
Closes #13696
|
||
|
||
- GHA: add MSYS, mingw-w64, Cygwin jobs
|
||
|
||
- re-implement autotools MSYS and Cygwin AppVeyor jobs in GHA.
|
||
Now build with SSL and PSL to improve test coverage.
|
||
- re-implement MSYS2 mingw-w64 gcc 13 AppVeyor job in GHA.
|
||
`CMake, mingw-w64, gcc 13, Debug, x64, Schannel, Static, Unicode`
|
||
- add new cmake Cygwin job (build-only).
|
||
- enable `-j14` parallelism when running tests.
|
||
- delete the 5 migrated jobs from AppVeyor CI.
|
||
- add 2 build-only mingw-w64 builds, gcc Release and clang OpenSSL.
|
||
- also enable brotli, libssh2, nghttp2 for more test coverage.
|
||
|
||
These jobs offer better performance, more flexibility and
|
||
parallelization compared to the AppVeyor ones they replace. It also
|
||
offloads AppVeyor, allowing to iterate faster. They also appear more
|
||
reliable than e.g. Azure Windows jobs, where runners are prone to fail
|
||
[1].
|
||
|
||
Closes #13599
|
||
|
||
[1]:
|
||
`Exit code 143 returned from process: file name 'C:\Windows\system32\docker.E
|
||
XE',
|
||
arguments 'exec -i 6b13a669c6dfe7fb9f59414369872fd64d61c7182f880c3d39c135cb
|
||
4c115c8f
|
||
C:\__a\externals\node\bin\node.exe C:\__w\_temp\containerHandlerInvoker.js'.`
|
||
|
||
Stefan Eissing (17 May 2024)
|
||
|
||
- pytest: fixes for recent python, add FTP tests
|
||
|
||
Fixes:
|
||
- in uds tests, abort also silently on os errors
|
||
- be conservative on the h3 goaway duration
|
||
- detect curl debug build and use in checks
|
||
- fix caddy version check for slight difference under linux
|
||
- set caddy default path fitting for linux
|
||
- fix deprecation warnings in valid time checks
|
||
|
||
FTP tests:
|
||
- add '--with-test-vsftpd=path' to configure
|
||
- use vsftpd default path suitable for linux
|
||
- add test_30 with plain FTP tests
|
||
- add test_31 with --ssl-reqd FTP tests
|
||
- add vsftpd to linux GHA for pytest workflows
|
||
|
||
Closes #13661
|
||
|
||
- rustls: fix handshake done handling
|
||
|
||
- rustls report it has finished the TLS handshake *before*
|
||
all relevant data has been sent off, e.g. it FINISHED message
|
||
- On connections the send data immediately, this was never noticed
|
||
as the FINISHED in rustls buffers was send with the app data
|
||
- On passive FTP connections, curl does not send any data after
|
||
the handshake, leaving FINISHED unsent and the server never
|
||
responded as it was waiting on this.
|
||
|
||
Closes #13686
|
||
|
||
Daniel Stenberg (17 May 2024)
|
||
|
||
- x509asn1: return error on missing OID
|
||
|
||
to avoid crash when dereferencing a NULL pointer.
|
||
|
||
Reported-by: Trzik on github
|
||
Patch-by: Trzik on github
|
||
Fixes #13684
|
||
Closes #13685
|
||
|
||
- CURLOPT_WRITEFUNCTION.md: fix the callback proto in the example
|
||
|
||
Reported-by: Michael Litwak
|
||
Fixes #13681
|
||
Closes #13687
|
||
|
||
Viktor Szakats (17 May 2024)
|
||
|
||
- src: tidy up types, add necessary casts
|
||
|
||
Cherry-picked from #13489
|
||
Closes #13614
|
||
|
||
- lib: fix compiler warnings (gcc)
|
||
|
||
Seen when setting `ENABLE_DEBUG=ON` and `-DDEBUGBUILD` for mingw-w64
|
||
gcc 13.2.0 CMake unity builds in 'Release' configurations.
|
||
|
||
```
|
||
curl/lib/curl_gethostname.c:71:5: error: 'strncpy' specified bound 1025 equal
|
||
s destination size [-Werror=stringop-truncation]
|
||
71 | strncpy(name, force_hostname, namelen);
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
In file included from curl/_bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity
|
||
_0_c.c:175:
|
||
In function 'hostcache_timestamp_remove',
|
||
inlined from 'Curl_hash_clean_with_criterium' at curl/lib/hash.c:265:19,
|
||
inlined from 'Curl_hash_clean_with_criterium' at curl/lib/hash.c:247:1,
|
||
inlined from 'hostcache_prune' at curl/lib/hostip.c:228:3,
|
||
inlined from 'Curl_hostcache_prune' at curl/lib/hostip.c:256:21:
|
||
curl/lib/hostip.c:205:12: error: 'now' may be used uninitialized [-Werror=may
|
||
be-uninitialized]
|
||
205 | time_t age = prune->now - c->timestamp;
|
||
| ^~~
|
||
curl/lib/hostip.c: In function 'Curl_hostcache_prune':
|
||
curl/lib/hostip.c:241:10: note: 'now' was declared here
|
||
241 | time_t now;
|
||
| ^~~
|
||
In function 'hostcache_timestamp_remove',
|
||
inlined from 'fetch_addr' at curl/lib/hostip.c:310:8:
|
||
curl/lib/hostip.c:205:23: error: 'user.now' may be used uninitialized [-Werro
|
||
r=maybe-uninitialized]
|
||
205 | time_t age = prune->now - c->timestamp;
|
||
| ~~~~~^~~~~
|
||
curl/lib/hostip.c: In function 'fetch_addr':
|
||
curl/lib/hostip.c:304:33: note: 'user' declared here
|
||
304 | struct hostcache_prune_data user;
|
||
| ^~~~
|
||
In file included from curl/_bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity
|
||
_0_c.c:40:
|
||
curl/lib/cf-socket.c: In function 'cf_socket_send':
|
||
curl/lib/cf-socket.c:1294:10: error: 'c' may be used uninitialized [-Werror=m
|
||
aybe-uninitialized]
|
||
1294 | if(c >= ((100-ctx->wblock_percent)*256/100)) {
|
||
| ~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
curl/lib/cf-socket.c:1292:19: note: 'c' was declared here
|
||
1292 | unsigned char c;
|
||
| ^
|
||
In file included from curl/_bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity
|
||
_0_c.c:364:
|
||
In function 'tftp_state_timeout',
|
||
inlined from 'tftp_multi_statemach' at curl/lib/tftp.c:1230:27:
|
||
curl/lib/tftp.c:1208:5: error: 'current' may be used uninitialized [-Werror=m
|
||
aybe-uninitialized]
|
||
1208 | if(current > state->rx_time + state->retry_time) {
|
||
| ^
|
||
curl/lib/tftp.c: In function 'tftp_multi_statemach':
|
||
curl/lib/tftp.c:1192:10: note: 'current' was declared here
|
||
1192 | time_t current;
|
||
| ^~~~~~~
|
||
```
|
||
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/49792835/job/91c8dj5
|
||
qb36spfe0#L112
|
||
Ref: https://github.com/curl/curl/actions/runs/9082968838/job/24960616145#ste
|
||
p:12:62
|
||
|
||
Ref: #13592
|
||
Closes #13643
|
||
|
||
Andrew (16 May 2024)
|
||
|
||
- wakeup_create: use FD_CLOEXEC/SOCK_CLOEXEC
|
||
|
||
for `pipe()`/`socketpair()`
|
||
|
||
Fixes #13618
|
||
Closes #13625
|
||
|
||
Stefan Eissing (16 May 2024)
|
||
|
||
- rustls: fix partial send handling
|
||
|
||
When TLS bytes could not completely sent off, the amount of plain bytes
|
||
already added to rustls were forgotten. This lead to send those byte
|
||
duplicate, corrupting the request send to the server.
|
||
|
||
Closes #13676
|
||
|
||
- pytest: add DELETE tests, check server version
|
||
|
||
- add tests for DELETE working
|
||
- check apache version in keepalive test
|
||
- fix some comments
|
||
|
||
Closes #13679
|
||
|
||
Juliusz Sosinowicz (16 May 2024)
|
||
|
||
- vquic-tls: use correct cert name check API for wolfSSL
|
||
|
||
wolfSSL_X509_check_host checks the peer name against the alt names and
|
||
the common name.
|
||
|
||
Fixes #13487
|
||
Closes #13680
|
||
|
||
Viktor Szakats (16 May 2024)
|
||
|
||
- cmake: initialize `BUILD_TESTING` before first use
|
||
|
||
Before this patch `BUILD_TESTING` was used once, then initialized, then
|
||
used again. This caused the `curlu` library not being built when relying
|
||
on an implicit `BUILD_TESTING=ON` setting, and ending up with a link
|
||
error when building the `testdeps` target.
|
||
|
||
It did not cause issues when `BUILD_TESTING` was explicitly set.
|
||
|
||
Move the initialization before the first use to fix it.
|
||
|
||
Regression from aace27b0965c10394544d1dacc9c2cb2fe0de3d3 #12287
|
||
Closes #13668
|
||
|
||
Daniel Stenberg (16 May 2024)
|
||
|
||
- libtest: 2308 verifies CURLE_WRITE_ERROR after write callback error
|
||
|
||
Verifies that the issue in #13669 actually is fixed. This return code is
|
||
what the CURLOPT_WRITEFUNCTION manpage documents should be returned.
|
||
|
||
This code is mostly from the
|
||
Source-written-by: Trumeet on github
|
||
Closes #13671
|
||
|
||
Antoine Bollengier (16 May 2024)
|
||
|
||
- socketpair: fix compilation when USE_UNIX_SOCKETS is not defined
|
||
|
||
Closes #13666
|
||
|
||
Stefan Eissing (16 May 2024)
|
||
|
||
- rustsls: fix error code on receive
|
||
|
||
- use CURLE_RECV_ERROR instead of CURLE_READ_ERROR when receiving
|
||
data fails.
|
||
|
||
Closes #13670
|
||
|
||
Max Dymond (16 May 2024)
|
||
|
||
- ci: disable Renovate dashboard
|
||
|
||
The Renovate dashboard insists on an open issue,
|
||
which is a problem. Disable the dashboard. Status
|
||
can still be seen at https://developer.mend.io/github/curl/curl.
|
||
|
||
Fixes #13630
|
||
Closes #13673
|
||
|
||
Daniel Stenberg (16 May 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
renovate[bot] (16 May 2024)
|
||
|
||
- GHA: update awslabs/aws-lc to v1.27.0
|
||
|
||
Closes #13667
|
||
|
||
Daniel Stenberg (15 May 2024)
|
||
|
||
- curl_easy_pause.md: use correct defines in example
|
||
|
||
Spotted-by: Harry Sintonen
|
||
Closes #13664
|
||
|
||
Viktor Szakats (15 May 2024)
|
||
|
||
- appveyor: more tidy-ups
|
||
|
||
- use `--disable` when calling `curl --version`. Just in case.
|
||
|
||
- use single-quotes for a constant.
|
||
|
||
Closes #13662
|
||
|
||
- reuse: migrate standalone license file to dep5
|
||
|
||
Follow-up to 73a36021207284ad2b4340ffde34a51b0ba4d47a
|
||
Closes #13660
|
||
|
||
- appveyor: guard against crash-build with VS2008
|
||
|
||
The combination of `-DDEBUGBUILD`, a shared `curl.exe`, and the VS2008
|
||
compiler creates a `curl.exe` segfaulting on startup:
|
||
|
||
```
|
||
+ _bld/src/curl.exe --version
|
||
./appveyor.sh: line 122: 793 Segmentation fault "${curl}" --version
|
||
Command exited with code 139
|
||
```
|
||
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/49817266/job/651iy6q
|
||
n1e238pqj#L191
|
||
|
||
Add job that triggers the issue and add the necessary logic to skip
|
||
running the affected `curl.exe`.
|
||
|
||
Ref: #13592
|
||
Closes #13654
|
||
|
||
renovate[bot] (15 May 2024)
|
||
|
||
- GHA: pin dependencies
|
||
|
||
Closes #13628
|
||
|
||
Orgad Shaneh (15 May 2024)
|
||
|
||
- socket: remove redundant call to getsockname
|
||
|
||
The result "add" is unused.
|
||
|
||
Closes #13655
|
||
|
||
renovate[bot] (15 May 2024)
|
||
|
||
- CI: renovate updates
|
||
|
||
- GHA: update actions/checkout action to v4
|
||
- GHA: update wolfSSL/wolfssh to v1.4.17
|
||
- GHA: update wolfSSL/wolfssl to v5.7.0
|
||
- Update the regex config in renovate.json
|
||
|
||
Closes #13632
|
||
Closes #13641
|
||
Closes #13658
|
||
Closes #13659
|
||
|
||
Max Dymond (15 May 2024)
|
||
|
||
- ci: fix renovate config for WolfSSL/WolfSSH tagging scheme
|
||
|
||
WolfSSL/WolfSSH use a different versioning scheme;
|
||
stable builds end with `-stable`. Renovate requires
|
||
some extra configuration to extract the version
|
||
from these types of tags.
|
||
|
||
Closes #13644
|
||
|
||
- ci: set semantic type as CI and include digests as CI operations
|
||
|
||
Replace "chore" with "ci" for renovate's semantic
|
||
type, and include digests with "pin" and
|
||
"pinDigest" as ci operations.
|
||
|
||
Closes #13644
|
||
|
||
Daniel Stenberg (15 May 2024)
|
||
|
||
- DEPRECATE.md: TLS libraries without 1.3 support
|
||
|
||
curl drops support for TLS libraries without TLS 1.3 capability after
|
||
May 2025.
|
||
|
||
It requires that a curl build using the library should be able to
|
||
negotiate and use TLS 1.3, or else it is not good enough. We support a
|
||
vast amount of other TLS libraries that are likely to satisfy users
|
||
better.
|
||
|
||
Closes #13544
|
||
|
||
- Revert "ci: update nghttp2/nghttp2 to v1.62.0"
|
||
|
||
This reverts commit 14f2c767555b7598d7783ccd9093670b84d28488.
|
||
|
||
We need to also upgrade the C++ compiler for that bump to work.
|
||
|
||
Closes #13656
|
||
|
||
renovate[bot] (15 May 2024)
|
||
|
||
- Dockerfile: update debian digest to 911821c
|
||
|
||
Closes #13629
|
||
|
||
- ci: update gnutls/gnutls to v3.8.5
|
||
|
||
Closes #13640
|
||
|
||
- ci: update awslabs/aws-lc to v1.26.0
|
||
|
||
Closes #13647
|
||
|
||
- ci: update cloudflare/quiche to v0.21.0
|
||
|
||
Closes #13648
|
||
|
||
- ci: update libressl-portable/portable to v3.9.2
|
||
|
||
Closes #13649
|
||
|
||
- ci: update nghttp2/nghttp2 to v1.62.0
|
||
|
||
Closes #13650
|
||
|
||
- ci: update ngtcp2/nghttp3 to v1.3.0
|
||
|
||
Closes #13651
|
||
|
||
- ci: update ngtcp2/ngtcp2 to v1.5.0
|
||
|
||
Closes #13652
|
||
|
||
Max Dymond (14 May 2024)
|
||
|
||
- ci: handle git submodules for mbedTLS
|
||
|
||
- ci: reconfigure renovate
|
||
|
||
- set prefix for github actions updates to be gha:
|
||
- set prefix for other renovate actions to be ci:
|
||
- disable debian updates in linux-old.yml
|
||
|
||
Viktor Szakats (14 May 2024)
|
||
|
||
- tidy-up: whitespace [ci skip]
|
||
|
||
- warnless: delete orphan declarations
|
||
|
||
Follow-up to 358f7e757781857c4b498a68634726609fa3884a #11932
|
||
Closes #13639
|
||
|
||
Daniel Stenberg (14 May 2024)
|
||
|
||
- BUG-BOUNTY.md: clarify the third party situation
|
||
|
||
We do not pay bounties for problems in other libraries.
|
||
|
||
Closes #13560
|
||
|
||
Stefan Eissing (14 May 2024)
|
||
|
||
- http tests: in CI skip test_02_23* for quiche
|
||
|
||
For unknown reasons, these tests fail in CI often, but run fine locally.
|
||
Skip them in CI to avoid unrelated PRs to have failures.
|
||
|
||
Closes #13638
|
||
|
||
Daniel Gustafsson (14 May 2024)
|
||
|
||
- hsts: explicitly skip blank lines
|
||
|
||
Keep blank lines or lines containing only whitespace to make it all
|
||
the way to the more expensive sscanf call in hsts_add.
|
||
|
||
Closes: #13603
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
|
||
- autotools: Only probe for SGI MIPS compilers on IRIX
|
||
|
||
MIPSPro and the predecessor compiler which was part of the IDO (IRIS
|
||
Development Option) were only ever shipped on the SGI IRIX operating
|
||
system (with MIPSPro on 6.0+ which was released in 1994). Limit the
|
||
autoconf check to IRIX when probing for these compilers to save some
|
||
cycles on other platforms.
|
||
|
||
Closes: #13611
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
|
||
Viktor Szakats (14 May 2024)
|
||
|
||
- tests: fix test 1167 to skip digit-only symbols
|
||
|
||
This avoids mistaking symbols with their numeric value when using
|
||
certain C preprocessors which output these numeric values at the
|
||
beginning of the line as part of an expression.
|
||
|
||
Seen on OpenBSD 7.5 + clang.
|
||
|
||
Example `test1167.pl -v` output, before this patch:
|
||
```
|
||
Source: cpp /home/runner/work/curl/curl/tests/../include/curl/curl.h
|
||
Symbol: 20000
|
||
Line #3835: 20000 + 142,
|
||
[...]
|
||
Bad symbols in public header files:
|
||
20000
|
||
[...]
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/9069136530/job/24918015357#ste
|
||
p:3:7513
|
||
|
||
Ref: #13583
|
||
Closes #13634
|
||
|
||
Daniel Stenberg (14 May 2024)
|
||
|
||
- lib: call Curl_strntolower instead of doing crafted loops
|
||
|
||
Closes #13627
|
||
|
||
- setopt: acknowledge errors proper for CURLOPT_COOKIEJAR
|
||
|
||
Error out on error, do not continue.
|
||
|
||
Closes #13624
|
||
|
||
- vtls: remove duplicate assign
|
||
|
||
Curl_ssl_peer_cleanup() already clears the ->sni field, no point in
|
||
assigning it again.
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13626
|
||
|
||
Max Dymond (13 May 2024)
|
||
|
||
- Group all non-major updates together to reduce PR spam
|
||
|
||
- Add the remainder of the workflows
|
||
|
||
- Add some basic versioning for some workflows to check whether this is detecte
|
||
d properly
|
||
|
||
renovate[bot] (13 May 2024)
|
||
|
||
- Add renovate.json
|
||
|
||
Daniel Stenberg (13 May 2024)
|
||
|
||
- vauth: make two functions void that always just returned OK
|
||
|
||
Removes the need to check return values when they can never fail.
|
||
|
||
Pointed out by CodeSonar
|
||
|
||
Closes #13621
|
||
|
||
- setopt: remove check for 'option' that is always true
|
||
|
||
- make sure that passing in option set to NULL clears the fields
|
||
correctly
|
||
|
||
- remove the weird second take if Curl_parse_login_details() returns
|
||
error
|
||
|
||
Follow-up to 7333faf00bf25db7cd1e0012d6b140
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13619
|
||
|
||
Viktor Szakats (13 May 2024)
|
||
|
||
- tests: tidy up types in server code
|
||
|
||
Cherry-picked from #13489
|
||
Closes #13610
|
||
|
||
Daniel Stenberg (13 May 2024)
|
||
|
||
- setopt: make the setstropt_userpwd args compulsory
|
||
|
||
They were always used so no point in allowing them to be optional.
|
||
|
||
follow-up to 0e37b42dc956bd8a
|
||
|
||
Closes #13608
|
||
Reviewed-by: Daniel Gustafsson
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Daniel Gustafsson (13 May 2024)
|
||
|
||
- websocket: Avoid memory leak in error path
|
||
|
||
In the errorpath for randstr being too long to copy into the buffer
|
||
we leak the randstr when returning CURLE_FAILED_INIT. Fix by using
|
||
an explicit free on randstr in the errorpath.
|
||
|
||
Closes: #13602
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
|
||
- hsts: Remove single-use single-line function
|
||
|
||
The hsts_entry() function contains of a single line and is only
|
||
used in a single place in the code, so move the allocation into
|
||
hsts_create instead to improve code readability. C code usually
|
||
don't use the factory abstraction for object creation, and this
|
||
small example wasn't following our usual code style.
|
||
|
||
Closes: #13604
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
|
||
Viktor Szakats (12 May 2024)
|
||
|
||
- lib: bump hash sizes to `size_t`
|
||
|
||
Follow-up to cc907e80a2498c0599253271a6f657f614b52a4e #13502
|
||
Cherry-picked from #13489
|
||
Closes #13601
|
||
|
||
- tests: make the unit test result type `CURLcode`
|
||
|
||
Before this patch, the result code was a mixture of `int` and
|
||
`CURLcode`.
|
||
|
||
Also adjust casts and fix a couple of minor issues found along the way.
|
||
|
||
Cherry-picked from #13489
|
||
Closes #13600
|
||
|
||
- appveyor: tidy-ups
|
||
|
||
- delete a duplicate line.
|
||
- simplify a `make` call.
|
||
- merge two `if` branches.
|
||
- reorder autotools options for clarity.
|
||
- add `--enable-warnings` where missing (it's also the default.)
|
||
- add empty lines to YAML for readability.
|
||
- use lowercase install prefix/directory.
|
||
|
||
Closes #13598
|
||
|
||
Daniel Stenberg (12 May 2024)
|
||
|
||
- docs/cmdline-opts: mention STARTTLS for --ssl and --ssl-reqd
|
||
|
||
... since users might look for those terms in the manpage.
|
||
|
||
Closes #13590
|
||
|
||
- setopt: warn on Curl_set*opt() uses not using the return value
|
||
|
||
And switch the invokes that would "set" NULL to instead just plainly
|
||
free the pointer, as those were otherwise the invokes that would ignore
|
||
the return code. And possibly confuse static code analyzers.
|
||
|
||
Closes #13591
|
||
|
||
Orgad Shaneh (12 May 2024)
|
||
|
||
- autotools: delete unused functions
|
||
|
||
Closes #13605
|
||
|
||
Viktor Szakats (11 May 2024)
|
||
|
||
- examples: fix/silence `-Wsign-conversion`
|
||
|
||
- extend `FD_SET()` hack to all platforms (was only Cygwin).
|
||
Warnings may also happen in other envs, e.g. OmniOS.
|
||
Ref: https://github.com/libssh2/libssh2/actions/runs/8854199687/job/2431676
|
||
2831#step:3:2021
|
||
|
||
- tidy-up `CURLcode` vs `int` use.
|
||
|
||
- cast an unsigned to `long` before passing to `curl_easy_setopt()`.
|
||
|
||
Cherry-picked from #13489
|
||
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
||
Closes #13501
|
||
|
||
Orgad Shaneh (11 May 2024)
|
||
|
||
- cmake: fix `HAVE_IOCTLSOCKET_FIONBIO` test with gcc 14
|
||
|
||
The function signature has had u_long flags since ever. This is how it
|
||
is defined in the documentation, and implemented in MinGW.
|
||
|
||
The code that uses ioctlsocket in nonblock.c also has unsigned long.
|
||
|
||
Error:
|
||
CurlTests.c:275:41: error: passing argument 3 of 'ioctlsocket' from incompati
|
||
ble pointer type [-Wincompatible-pointer-types]
|
||
275 | if(0 != ioctlsocket(0, FIONBIO, &flags))
|
||
| ^~~~~~
|
||
| |
|
||
| int *
|
||
In file included from CurlTests.c:266:
|
||
/opt/mxe/usr/i686-w64-mingw32.static/include/winsock2.h:1007:76: note: expect
|
||
ed 'u_long *' {aka 'long unsigned int *'} but argument is of type 'int *'
|
||
1007 | WINSOCK_API_LINKAGE int WSAAPI ioctlsocket(SOCKET s,__LONG32 cmd,u_
|
||
long *argp);
|
||
| ~~
|
||
~~~~~~^~~~
|
||
|
||
Closes #13578
|
||
|
||
Jay Satiro (10 May 2024)
|
||
|
||
- ftp: fix build for CURL_DISABLE_VERBOSE_STRINGS
|
||
|
||
This is a follow-up to b7c7dffe which changed the FTP state change
|
||
verbose debug text (aka infof) to tracing debug text (aka trc).
|
||
|
||
Prior to this change if libcurl was without DEBUGBUILD and built with
|
||
CURL_DISABLE_VERBOSE_STRINGS (ie --disable-verbose) the build would
|
||
error.
|
||
|
||
Caught by Circle CI job openssl-no-verbose.
|
||
|
||
- lib: clear the easy handle's saved errno before transfer
|
||
|
||
- Clear data->state.os_errno before transfer.
|
||
|
||
- Explain the change in behavior in the CURLINFO_OS_ERRNO doc.
|
||
|
||
- Add to the CURLINFO_OS_ERRNO doc the list of libcurl network-related
|
||
errors that may cause the errno to be saved.
|
||
|
||
data->state.os_errno is saved before libcurl returns a network-related
|
||
failure such as connection failure. It is accessible to the user via
|
||
CURLINFO_OS_ERRNO so they can get more information about the failure.
|
||
|
||
Prior to this change it wasn't cleared before transfer, so if a user
|
||
retrieved the saved errno it could be from a previous transfer. That is
|
||
because an errno is not always saved for network-related errors.
|
||
|
||
Closes https://github.com/curl/curl/pull/13574
|
||
|
||
Stefan Eissing (10 May 2024)
|
||
|
||
- ftp: add tracing support
|
||
|
||
- add `Curl_trc_feat_ftp` for tracing via trace config
|
||
- add macro CURL_TRC_FTP(data, fmt, ...)
|
||
- replace DEBUGF(infof()) statements in ftp.c by CURL_TRC_FTP()
|
||
- always trace FTP connection state
|
||
|
||
Closes #13580
|
||
|
||
Daniel Stenberg (10 May 2024)
|
||
|
||
- http: remove redundant check
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13582
|
||
|
||
Viktor Szakats (10 May 2024)
|
||
|
||
- ldap: fix unused variables (seen on OmniOS)
|
||
|
||
```
|
||
../../lib/ldap.c: In function 'ldap_do':
|
||
../../lib/ldap.c:380:11: error: unused variable 'ldap_ca' [-Werror=unused-v
|
||
ariable]
|
||
380 | char *ldap_ca = conn->ssl_config.CAfile;
|
||
| ^~~~~~~
|
||
../../lib/ldap.c:379:9: error: unused variable 'ldap_option' [-Werror=unuse
|
||
d-variable]
|
||
379 | int ldap_option;
|
||
| ^~~~~~~~~~~
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/9033564377/job/24824192730#ste
|
||
p:3:6059
|
||
|
||
Ref: #13583
|
||
Closes #13588
|
||
|
||
Daniel Stenberg (10 May 2024)
|
||
|
||
- url: make parse_login_details use memdup0
|
||
|
||
Also make the user and password arguments mandatory, since all code
|
||
paths in libcurl used them anyway.
|
||
|
||
Adapted unit test case 1620 to the new rules.
|
||
|
||
Closes #13584
|
||
|
||
Orgad Shaneh (10 May 2024)
|
||
|
||
- digest: replace strcpy for empty string with simple assignment
|
||
|
||
Closes #13586
|
||
|
||
Viktor Szakats (10 May 2024)
|
||
|
||
- autotools: fix `HAVE_IOCTLSOCKET_FIONBIO` test for gcc 14
|
||
|
||
```
|
||
conftest.c:152:41: error: passing argument 3 of 'ioctlsocket' from incompatib
|
||
le pointer type [-Wincompatible-pointer-types]
|
||
152 | if(0 != ioctlsocket(0, FIONBIO, &flags))
|
||
| ^~~~~~
|
||
| |
|
||
| int *
|
||
```
|
||
|
||
Reported-by: LigH
|
||
Fixes #13579
|
||
Closes #13587
|
||
|
||
- CI: ignore test 286 on Appveyor gcc 7 build
|
||
|
||
Disabled earlier for gcc 9 builds. gcc 7 uses the same runner and
|
||
prone to similar intermittent failures.
|
||
|
||
Follow-up to f1e05a6e6e7225fa09952abb2c935ae1abe44f45 #12106 #12040
|
||
Closes #13575
|
||
|
||
Daniel Stenberg (10 May 2024)
|
||
|
||
- cf-socket: don't try getting local IP without socket
|
||
|
||
In cf_tcp_connect(), it might fail and not get a socket assigned to
|
||
ctx->sock but set_local_ip() is still called which would make
|
||
getsockname() get invoked with a negative file desriptor and fail.
|
||
|
||
By adding this check, set_local_ip() will now instead blank out the
|
||
fields correctly.
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13577
|
||
|
||
- tool_getparam: remove two redundant conditions
|
||
|
||
When getstr() does not return error, it returns a valid pointer.
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13576
|
||
|
||
Stefan Eissing (10 May 2024)
|
||
|
||
- quiche: trust its timeout handling
|
||
|
||
- set the idle timeout transport parameter
|
||
in milliseconds as documented by quiche
|
||
- do not calculate the idle timeout, rely on
|
||
quiche handling it
|
||
|
||
Closes #13581
|
||
|
||
Daniel Stenberg (10 May 2024)
|
||
|
||
- dmaketgz: accept a SOURCE_DATE_EPOCH as an second argument
|
||
|
||
to make it easier to reproduce a tarball
|
||
|
||
Closes #13573
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Stefan Eissing (10 May 2024)
|
||
|
||
- h3/ngtcp2: improve error handling
|
||
|
||
- identify ngtcp2 and nghttp3 error codes that are fatal
|
||
- close quic connection on fatal errors
|
||
- refuse further filter operations once connection is closed
|
||
- confusion about the nghttp3 API. We should close the QUIC stream on
|
||
cancel and not use the nghttp3 calls intended to be invoked when the
|
||
QUIC stream was closed by the peer.
|
||
|
||
Closes #13562
|
||
|
||
Jay Satiro (10 May 2024)
|
||
|
||
- docs: fix some CURLINFO examples
|
||
|
||
- improve getinfo result check for example sections:
|
||
CURLINFO_ACTIVESOCKET, CURLINFO_LASTSOCKET, CURLINFO_SSL_VERIFYRESULT,
|
||
CURLINFO_PROXY_SSL_VERIFYRESULT
|
||
|
||
- fix getinfo result check for example sections:
|
||
CURLINFO_NUM_CONNECTS, CURLINFO_OS_ERRNO
|
||
|
||
- fix verify result check for example sections:
|
||
CURLINFO_PROXY_SSL_VERIFYRESULT
|
||
|
||
Bug: https://github.com/curl/curl/discussions/13557#discussion-6625507
|
||
Reported-by: farazrbx@users.noreply.github.com
|
||
|
||
Closes https://github.com/curl/curl/pull/13559
|
||
|
||
Daniel Stenberg (9 May 2024)
|
||
|
||
- KNOWN_BUGS: gssapi library name + version is missing in curl_version_info()
|
||
|
||
Closes #13492
|
||
Closes #13570
|
||
|
||
- krb5: use dynbuf
|
||
|
||
Closes #13568
|
||
|
||
- managen: fix the option sort order
|
||
|
||
... it used to strip off the .d file extension to sort correctly but
|
||
ever since the extension changed to .md the operation failed and the
|
||
sort got wrong.
|
||
|
||
Follow-up to 2494b8dd5175cee7f2e
|
||
|
||
Closes #13567
|
||
|
||
Stefan Eissing (8 May 2024)
|
||
|
||
- GHA: repair the linux-old job
|
||
|
||
package libc6_2.28-10+deb10u2_amd64.deb changed to
|
||
libc6_2.28-10+deb10u3_amd64.deb
|
||
|
||
Closes #13564
|
||
|
||
Viktor Szakats (8 May 2024)
|
||
|
||
- appveyor: make gcc 6 mingw64 job build-only
|
||
|
||
This job has proven to be the flakiest of all, and it's also the oldest
|
||
Windows runner we had tests running on: 'Visual Studio 2015', that is
|
||
running on Windows Server 2012 R2:
|
||
https://www.appveyor.com/docs/windows-images-software/
|
||
|
||
Turn off tests on this job to help stabilizing CI runs.
|
||
|
||
This was also one of the slowest running job amongst the AppVeyor CI ones.
|
||
|
||
Flakiness data:
|
||
https://testclutch.curl.se/static/reports/summary.html
|
||
Entries:
|
||
Appveyor / CMake, mingw-w64, gcc 6, Debug, x86, Schannel, Static, no-unity
|
||
(curl) [current]
|
||
Appveyor / CMake, mingw-w64, gcc 6, Debug, x86, Schannel, Static (curl) [fo
|
||
rmer]
|
||
|
||
Closes #13566
|
||
|
||
Stefan Eissing (8 May 2024)
|
||
|
||
- unit2604: use alloc instead of overlong string const
|
||
|
||
Closes #13563
|
||
|
||
Daniel Gustafsson (8 May 2024)
|
||
|
||
- bufq: remove duplicate word in comment
|
||
|
||
Inspired by 13552.
|
||
|
||
Closes: #13554
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
|
||
Viktor Szakats (8 May 2024)
|
||
|
||
- lib/cf-h1-proxy: silence compiler warnings (gcc 14)
|
||
|
||
They came up ealier with gcc 12 (Windows), but apparently gcc 14 is
|
||
still reporting them, also under Linux.
|
||
|
||
```
|
||
/home/runner/work/curl-for-win/curl-for-win/curl/lib/cf-h1-proxy.c: In functi
|
||
on 'cf_h1_proxy_close':
|
||
/home/runner/work/curl-for-win/curl-for-win/curl/lib/cf-h1-proxy.c:1060:17: w
|
||
arning: null pointer dereference [-Wnull-dereference]
|
||
1060 | cf->connected = FALSE;
|
||
/home/runner/work/curl-for-win/curl-for-win/curl/lib/cf-h1-proxy.c:1061:8: wa
|
||
rning: null pointer dereference [-Wnull-dereference]
|
||
1061 | if(cf->ctx) {
|
||
| ~~^~~~~
|
||
In function 'tunnel_free',
|
||
inlined from 'cf_h1_proxy_destroy' at /home/runner/work/curl-for-win/curl
|
||
-for-win/curl/lib/cf-h1-proxy.c:1053:3:
|
||
/home/runner/work/curl-for-win/curl-for-win/curl/lib/cf-h1-proxy.c:198:27: wa
|
||
rning: null pointer dereference [-Wnull-dereference]
|
||
198 | struct h1_tunnel_state *ts = cf->ctx;
|
||
| ^~
|
||
```
|
||
Ref: https://github.com/curl/curl-for-win/actions/runs/8985369476/job/2467921
|
||
9528#step:3:6320
|
||
|
||
Fixes #13237
|
||
Closes #13555
|
||
|
||
Michał Antoniak (8 May 2024)
|
||
|
||
- mbedtls: support TLS 1.3
|
||
|
||
Closes #13539
|
||
|
||
Daniel Stenberg (8 May 2024)
|
||
|
||
- version: use msnprintf instead of strncpy
|
||
|
||
- to ensure a terminating null byte
|
||
- to avoid zero-padding the target
|
||
|
||
debug code only
|
||
|
||
Closes #13549
|
||
|
||
- curl_path: make Curl_get_pathname use dynbuf
|
||
|
||
... instead of malloc and memcpy
|
||
|
||
- unit test 2604 verifies Curl_get_pathname()
|
||
|
||
Closes #13550
|
||
|
||
- lib: make protocol handlers store scheme name lowercase
|
||
|
||
- saves a lowercase operation when the "[scheme]_proxy" name is
|
||
generated
|
||
- appears less "shouting"
|
||
- update test 970, 972, 1438 and 1536
|
||
|
||
Closes #13553
|
||
|
||
- lib: remove two instances of "only only" messages
|
||
|
||
Fixes #13551
|
||
Reported-by: Lucas Nussbaum
|
||
Closes #13552
|
||
|
||
Pavel Pavlov (7 May 2024)
|
||
|
||
- asyn-thread: fix curl_global_cleanup crash in Windows
|
||
|
||
- Make sure that asynchronous resolves handled by Winsock are stopped
|
||
before WSACleanup is called.
|
||
|
||
This is implemented by ensuring that when Curl_resolver_kill is called
|
||
(eg via multi_done) it will cancel the Winsock asynchronous resolve and
|
||
wait for the cancellation to complete. Winsock runs the asynchronous
|
||
completion routine immediately when a resolve is canceled.
|
||
|
||
Prior to this change it was possible that during curl_global_cleanup
|
||
"a DNS resolver thread created by GetAddrInfoExW did not terminate yet,
|
||
however curl is already shutting down, deinitializing Winsock with
|
||
WSACleanup() leading to an access violation."
|
||
|
||
Background:
|
||
|
||
If libcurl is built with the asynchronous threaded resolver option for
|
||
Windows then it resolves in one of two ways. For Windows 8.1 and later,
|
||
libcurl resolves by using the Winsock asynchronous resolver which does
|
||
its own thread management. For older versions of Windows, libcurl
|
||
resolves by creating a separate thread that calls getaddrinfo. This
|
||
change only affects the former and it's already handled for the latter.
|
||
|
||
Reported-by: Ch40zz@users.noreply.github.com
|
||
|
||
Fixes https://github.com/curl/curl/issues/13509
|
||
Closes https://github.com/curl/curl/pull/13518
|
||
|
||
Jay Satiro (7 May 2024)
|
||
|
||
- asyn-thread: fix Curl_thread_create result check
|
||
|
||
- Compare to curl_thread_t_null instead of 0 for error.
|
||
|
||
Currently for both supported thread libraries (pthreads and Windows)
|
||
curl_thread_t_null is defined as 0. However, the pattern throughout the
|
||
code is to check against curl_thread_t_null and not 0 since for
|
||
posterity some thread library may not use 0 for error.
|
||
|
||
Closes https://github.com/curl/curl/pull/13542
|
||
|
||
- curl_multibyte: remove access() function wrapper for Windows
|
||
|
||
- Remove curlx_win32_access() which was a wrapper to use access() in
|
||
Windows.
|
||
|
||
This is a follow-up to 602fc213, one of two commits which removed
|
||
access() calls from the codebase and banned use of the function.
|
||
|
||
Closes https://github.com/curl/curl/pull/13529
|
||
|
||
Daniel Gustafsson (6 May 2024)
|
||
|
||
- tls: Remove EXAMPLEs from deprecated options
|
||
|
||
CURLOPT_EGDSOCKET and CURLOPT_RANDOM_FILE are both completely dead
|
||
so remove their example sections since the code there is useless.
|
||
There is still a way to inject a random file for OpenSSL older than
|
||
1.1.0 but it's not what the example showed (and it's not even done
|
||
with this option) so we refrain from documenting it here.
|
||
|
||
Closes: #13540
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
|
||
- tests: Only require EXAMPLE for non-deprecated options
|
||
|
||
Manpages which document deprecated CURLOPT_ or CURLINFO_ are not
|
||
required to have an EXAMPLE section since they might effectively
|
||
be dead no-ops which we don't want to trick users into believing
|
||
they can use by copying example code.
|
||
|
||
Closes: #13540
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
|
||
Daniel Stenberg (6 May 2024)
|
||
|
||
- EXPERIMENTAL: add graduation requirements for each feature
|
||
|
||
Starting now, experimental features should have a set of documentated
|
||
requirements of what is needed for the feature to graduate.
|
||
|
||
This adds requirements to all existing experiments.
|
||
|
||
Closes #13541
|
||
|
||
Ivan (6 May 2024)
|
||
|
||
- misc: fix typos, quoting and spelling
|
||
|
||
Fix wording of comments, and misquotings where `' is markdown parsed
|
||
where it shouldn't be, and remove a misspelled preprocessor comment
|
||
which really isn't needed (and removing it makes it match surrounding
|
||
code better).
|
||
|
||
Closes: #13538
|
||
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
|
||
|
||
Daniel Gustafsson (6 May 2024)
|
||
|
||
- tests: Mark tftpd timer function as noreturn
|
||
|
||
This avoids the below compiler warning:
|
||
|
||
tftpd.c:280:1: warning: function 'timer' could be declared with
|
||
attribute 'noreturn' [-Wmissing-noreturn]
|
||
|
||
Closes: #13534
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
|
||
- doh: Remove unused function prototype
|
||
|
||
Closes: #13536
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
|
||
Daniel Stenberg (6 May 2024)
|
||
|
||
- doh: cleanups in ECH related functions
|
||
|
||
- make local_decode_rdata_name use dynbuf instead of calloc + memcpy
|
||
- avoid extra memdup in local_decode_rdata_alpn
|
||
- no need to if() before free()
|
||
- use memdup instead of calloc + memcpy in Curl_doh_decode_httpsrr
|
||
|
||
Reviewed-by: Stephen Farrell
|
||
Closes #13526
|
||
|
||
Viktor Szakats (5 May 2024)
|
||
|
||
- libssh2: delete redundant feature guard
|
||
|
||
Delete `HAVE_LIBSSH2_VERSION` (equivalent to
|
||
`LIBSSH2_VERSION_NUM` > 0x010100) guard surrounding
|
||
a `LIBSSH2_VERSION_NUM` > 0x010B00 one.
|
||
|
||
Reviewed-by: Daniel Gustafsson
|
||
Closes #13537
|
||
|
||
Jan Venekamp (5 May 2024)
|
||
|
||
- tool_cfgable: free {proxy_}cipher13_list on exit
|
||
|
||
Author: Jan Venekamp
|
||
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
|
||
Closes: #13531
|
||
|
||
RainRat (4 May 2024)
|
||
|
||
- doh: Fix typo in comment
|
||
|
||
Closes: #13504
|
||
Author: RainRat on Github
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
|
||
|
||
Christian Schmitz (4 May 2024)
|
||
|
||
- dynbuf: Fix returncode on memory error
|
||
|
||
Curl_dyn_vaddf should return a proper error code in case allocating
|
||
memory failed.
|
||
|
||
Closes: #13533
|
||
Author: Christian Schmitz <support@monkeybreadsoftware.de>
|
||
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
|
||
|
||
Daniel Stenberg (3 May 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Jan Venekamp (2 May 2024)
|
||
|
||
- bearssl: use common code for cipher suite lookup
|
||
|
||
Take advantage of the Curl_cipher_suite_walk_str() and
|
||
Curl_cipher_suite_get_str() functions introduced in commit fba9afeb.
|
||
|
||
This also fixes CURLOPT_SSL_CIPHER_LIST not working at all for bearssl
|
||
due to commit ff74cef5.
|
||
|
||
Closes #13464
|
||
|
||
Daniel Stenberg (2 May 2024)
|
||
|
||
- curl.h: change CURL_SSLVERSION_* from enum to defines
|
||
|
||
C++20 and later compilers emit a deprecation warning if values from two
|
||
different enums are combined with a bitwise operation the way the
|
||
CURL_SSLVERSION_* values were previously created.
|
||
|
||
Reported-by: Michael Kaufmann
|
||
Fixes #13510
|
||
Closes #13511
|
||
|
||
- configure: error on missing perl if docs or manual is enabled
|
||
|
||
Fixes #13508
|
||
Reported-by: Harmen Stoppels
|
||
Closes #13514
|
||
|
||
- tool_cb_rea: limit rate unpause for -T . uploads
|
||
|
||
To avoid getting stuck in a busy-loop when nothing is read from stdin,
|
||
this function now checks the call rate and might enforce a short sleep
|
||
when called repeatedly without uploading anything. It is a crude
|
||
work-around to avoid a 100% busy CPU.
|
||
|
||
Reported-by: magisterquis on hackerone
|
||
Fixes #13174
|
||
Closes #13506
|
||
|
||
Viktor Szakats (1 May 2024)
|
||
|
||
- appveyor: enable websockets for VS2017 jobs
|
||
|
||
Follow-up to eb4fe6c6340c3d5b0c347c6e30be004d4f9117d7 #13232
|
||
Closes #13513
|
||
|
||
Daniel Stenberg (30 Apr 2024)
|
||
|
||
- if2ip: make the buf_size arg a size_t
|
||
|
||
sizes should be size_t
|
||
|
||
Ref: #13489
|
||
Closes #13505
|
||
|
||
- cf-https-connect: use timeouts as unsigned ints
|
||
|
||
To match the type used in 'set.happy_eyeballs_timeout'.
|
||
|
||
Ref: #13489
|
||
Closes #13503
|
||
|
||
- hash: change 'slots' to size_t from int
|
||
|
||
- an unsigned type makes more sense
|
||
- size_t seems suitable
|
||
- on 64 bit args, the struct alignment makes the new Curl_hash remain
|
||
the same size
|
||
|
||
Closes #13502
|
||
|
||
Viktor Szakats (30 Apr 2024)
|
||
|
||
- libssh2: replace `access()` with `stat()`
|
||
|
||
Prefer `stat()` to verify the presence of key files.
|
||
|
||
This drops the last uses of `access()` in the codebase, which was
|
||
reported to cause issues in some cases.
|
||
|
||
Also add `access()` to the list of banned functions in checksrc.
|
||
|
||
Ref: https://github.com/curl/curl/pull/13412#issuecomment-2065505415
|
||
Ref: https://github.com/curl/curl/pull/13482#issuecomment-2078980522
|
||
Ref: #13497
|
||
Co-authored-by: Jay Satiro
|
||
Closes #13498
|
||
|
||
Daniel Stenberg (30 Apr 2024)
|
||
|
||
- multi: remove useless assignment
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13500
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
fuzzard (29 Apr 2024)
|
||
|
||
- cmake: FindNGHTTP2 add static lib name to find_library call
|
||
|
||
Add the static library name, nghttp2_static as a name to search.
|
||
|
||
This provides cmake parity with the winbuild Makefile.vc allowing
|
||
the cmake build to find and allow the link to static nghttp2 library.
|
||
|
||
Viktor Szakats (29 Apr 2024)
|
||
|
||
- DISTROS: add patch and issues link for curl-for-win
|
||
|
||
curl-for-win sometimes includes curl patches that were already merged in
|
||
master, but not yet part of a stable release.
|
||
|
||
Also include the Issues link. Build-specific issues are handled there.
|
||
|
||
Ref: #13493
|
||
Closes #13499
|
||
|
||
Daniel Stenberg (29 Apr 2024)
|
||
|
||
- mime: avoid using access()
|
||
|
||
If stat() fails, there is no point in calling access()
|
||
|
||
Also: return error immediately if the stat() fails.
|
||
|
||
Ref: #13482
|
||
Closes #13497
|
||
|
||
Stefan Eissing (29 Apr 2024)
|
||
|
||
- tests: add SNI and peer name checks
|
||
|
||
- connect to DNS names with trailing dot
|
||
- connect to DNS names with double trailing dot
|
||
- rustls, always give `peer->hostname` and let it
|
||
figure out SNI itself
|
||
- add SNI tests for ip address and localhost
|
||
- document in code and TODO that QUIC with ngtcp2+wolfssl
|
||
does not do proper peer verification of the certificate
|
||
- mbedtls, skip tests with ip address verification as not
|
||
supported by the library
|
||
|
||
Closes #13486
|
||
|
||
Daniel Stenberg (29 Apr 2024)
|
||
|
||
- curl_getdate.md: document two-digit year handling
|
||
|
||
Mentioned-by: Paul Gilmartin
|
||
Ref: https://curl.se/mail/archive-2024-04/0014.html
|
||
Closes #13494
|
||
|
||
Viktor Szakats (29 Apr 2024)
|
||
|
||
- cmake: add `BUILD_EXAMPLES` option to build examples
|
||
|
||
You can enable it with `-DBUILD_EXAMPLES=ON`.
|
||
|
||
To match autotools' `make examples` feature.
|
||
Windows (static) builds not tested.
|
||
|
||
Also enable examples in a pair of CI jobs.
|
||
|
||
Apply related updates to the macOS CI workflow:
|
||
- drop unused `CXX` envs.
|
||
- drop no longer needed `-Wno-error=undef -Wno-error=conversion` flags.
|
||
- pass `-Wno-deprecated-declarations` to GCC too (for `BUILD_EXAMPLES`).
|
||
- document why `-Wno-deprecated-declarations` is necessary.
|
||
|
||
Closes #13491
|
||
|
||
Stefan Eissing (26 Apr 2024)
|
||
|
||
- http3: quiche+ngtcp2 improvements
|
||
|
||
- quiche: error transfers that try to receive on a closed
|
||
or draining connection
|
||
- ngtcp2: use callback for extending max bidi streams. This
|
||
allows more precise calculation of MAX_CONCURRENT as we
|
||
only can start a new stream when the server acknowledges
|
||
the close - not when we locally have closed it.
|
||
- remove a fprintf() from h2-download client to avoid excess
|
||
log files on tests timing out.
|
||
|
||
Closes #13475
|
||
|
||
- vtls: TLS session storage overhaul
|
||
|
||
- add session with destructor callback
|
||
- remove vtls `session_free` method
|
||
- let `Curl_ssl_addsessionid()` take ownership
|
||
of session object, freeing it also on failures
|
||
- change tls backend use
|
||
- test_17, add tests for SSL session resumption
|
||
|
||
Closes #13386
|
||
|
||
- multi: multi_wait improvements
|
||
|
||
- only call `multi_getsock()` once for all transfers
|
||
- realloc pollset array on demand
|
||
- fold repeated sockets
|
||
|
||
Closes #13150
|
||
|
||
Philip Heiduck (25 Apr 2024)
|
||
|
||
- ci: remove microsoft-prod.list
|
||
|
||
This is added by default, and it is often broken, but we don't need
|
||
anything from it.
|
||
|
||
Closes #13473
|
||
|
||
Evgeny Grin (Karlson2k) (25 Apr 2024)
|
||
|
||
- curl_setup.h: detect 'inline' support
|
||
|
||
Closes #13355
|
||
|
||
Daniel Stenberg (25 Apr 2024)
|
||
|
||
- multi: avoid memory-leak risk
|
||
|
||
'newurl' is allocated in some conditions and used in a few scenarios,
|
||
but there were theoretical combinations in which it would not get freed.
|
||
Move the free to happen unconditionally. Never triggered by tests, but
|
||
spotted by Coverity.
|
||
|
||
Closes #13471
|
||
|
||
Johann Sebastian Schicho (25 Apr 2024)
|
||
|
||
- sendf: Curl_cwriter_write: remove comment disallowing zero length writes
|
||
|
||
They are needed to pass CLIENTWRITE_EOS.
|
||
|
||
Closes #13477
|
||
|
||
Stefan Eissing (25 Apr 2024)
|
||
|
||
- CI: macos fixes for new ARM GHA images
|
||
|
||
- based on #13478 with additions from #13476
|
||
- make homebrew install path flexible
|
||
- fix OpenSSL pkgconfig files libdir
|
||
- add path to --with-libssh2 target
|
||
- disable gcc securetransport due to linker
|
||
errors (missing symbols), probably because
|
||
the os version is no longer low enough
|
||
|
||
Assisted-by: Viktor Szakats
|
||
|
||
Closes #13479
|
||
|
||
- content_encoding: ignore duplicate chunked encoding
|
||
|
||
- ignore duplicate "chunked" transfer-encodings from
|
||
a server to accomodate for broken implementations
|
||
- add test1482 and test1483
|
||
|
||
Reported-by: Mel Zuser
|
||
Fixes #13451
|
||
Closes #13461
|
||
|
||
Daniel Stenberg (25 Apr 2024)
|
||
|
||
- tool: move tool_ftruncate64 to tool_util.c
|
||
|
||
... and the prototype to tool_setup.h, to make them both available more
|
||
widely and accurately.
|
||
|
||
Follow-up to 00bef95946d3511
|
||
|
||
Fixes #13458
|
||
Closes #13459
|
||
|
||
Viktor Szakats (24 Apr 2024)
|
||
|
||
- lib: silence `-Wsign-conversion` in base64, strcase, mprintf
|
||
|
||
Closes #13467
|
||
|
||
- CI: retain failure code after `./configure` with Circle CI
|
||
|
||
Suggested-by: Dan Fandrich
|
||
Follow-up to 43299e93c06b96fea8a8dc9b1c2e49c82bc21801 #13462
|
||
Follow-up to d7332e3e46c3ef401b34e6a1a129eb4dd846c452 #12635
|
||
Closes #13468
|
||
|
||
Daniel Stenberg (24 Apr 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Jan Venekamp (24 Apr 2024)
|
||
|
||
- mbedTLS: implement CURLOPT_SSL_CIPHER_LIST option
|
||
|
||
Use a lookup list to set the cipher suites, allowing the
|
||
ciphers to be set by either openssl or IANA names.
|
||
|
||
To keep the binary size of the lookup list down we compress
|
||
each entry in the cipher list down to 2 + 6 bytes using the
|
||
C preprocessor.
|
||
|
||
Closes #13442
|
||
|
||
Viktor Szakats (24 Apr 2024)
|
||
|
||
- CI: show more failed `config.log` on Circle CI
|
||
|
||
Show last 1000 lines of `config.log` if `./configure` fails. This was
|
||
already done for one job, this patch extends it to all.
|
||
|
||
Ref: #13438
|
||
Closes #13462
|
||
|
||
Daniel Stenberg (24 Apr 2024)
|
||
|
||
- telnet: check return code from fileno()
|
||
|
||
and return error if necessary
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13457
|
||
|
||
Viktor Szakats (24 Apr 2024)
|
||
|
||
- tls: fix SecureTransport + BearSSL cmake unity builds
|
||
|
||
Avoid clashing static function names by namespacing them.
|
||
|
||
Pointed-out-by: Jan Venekamp
|
||
Ref: https://github.com/curl/curl/pull/13442#discussion_r1576350700
|
||
Closes #13450
|
||
|
||
Jay Satiro (24 Apr 2024)
|
||
|
||
- dllmain: Call OpenSSL thread cleanup for Windows and Cygwin
|
||
|
||
- Call OPENSSL_thread_stop on thread termination (DLL_THREAD_DETACH)
|
||
to prevent a memory leak in case OpenSSL is linked statically.
|
||
|
||
- Warn in libcurl-thread.3 that if OpenSSL is linked statically then it
|
||
may require thread cleanup.
|
||
|
||
OpenSSL may need per-thread cleanup to stop a memory leak. For Windows
|
||
and Cygwin if libcurl was built as a DLL then we can do that for the
|
||
user by calling OPENSSL_thread_stop on thread termination. However, if
|
||
libcurl was built statically then we do not have notification of thread
|
||
termination and cannot do that for the user.
|
||
|
||
Also, there are several other unusual cases where it may be necessary
|
||
for the user to call OPENSSL_thread_stop, so in the libcurl-thread
|
||
warning I added a link to the OpenSSL documentation.
|
||
|
||
Co-authored-by: Viktor Szakats
|
||
|
||
Reported-by: southernedge@users.noreply.github.com
|
||
Reported-by: zmcx16@users.noreply.github.com
|
||
|
||
Ref: https://www.openssl.org/docs/man3.0/man3/OPENSSL_thread_stop.html#NOTES
|
||
|
||
Fixes https://github.com/curl/curl/issues/12327
|
||
Closes https://github.com/curl/curl/pull/12408
|
||
|
||
Jan Venekamp (24 Apr 2024)
|
||
|
||
- rustls: remove incorrect SSLSUPP_TLS13_CIPHERSUITES flag
|
||
|
||
The rustls backend advertises SSLSUPP_TLS13_CIPHERSUITES, but
|
||
the code does not actually seem to support it (yet?). Removed
|
||
the flag and corrected documentation.
|
||
|
||
Closes #13452
|
||
|
||
Stefan Eissing (24 Apr 2024)
|
||
|
||
- quiche: expire all active transfers on connection close
|
||
|
||
- when a connection close is detected, all ongoing transfers
|
||
need to expire bc no more POLL events are likely to happen
|
||
for them.
|
||
|
||
Fixes #13439
|
||
Reported-by: Jay Satiro
|
||
Closes #13447
|
||
|
||
Dan Fandrich (23 Apr 2024)
|
||
|
||
- tests: fix feature case in test1481
|
||
|
||
This test was being skipped everywhere because the feature never
|
||
matched.
|
||
|
||
Closes #13445
|
||
|
||
Gusted (23 Apr 2024)
|
||
|
||
- tool_operate: don't truncate the etag save file by default
|
||
|
||
This fixes a regression of 75d79a4486b279100209ddf8c7fdb12955fb66e9. The
|
||
code in tool-operate truncated the etag save file, under the assumption
|
||
that the file would be written with a new etag value. However since
|
||
75d79a4486b279100209ddf8c7fdb12955fb66e9 that might not be the case
|
||
anymore and could result in the file being truncated when --etag-compare
|
||
and --etag-save was used and that the etag value matched with what the
|
||
server responded. Instead the truncation should not be done when a new
|
||
etag value should be written.
|
||
|
||
Test 3204 was added to verify that the file with the etag value doesn't
|
||
change the contents when used by --etag-compare and --etage-save and
|
||
that value matches with what the server returns on a non 2xx response.
|
||
|
||
Closes #13432
|
||
|
||
Abdullah Alyan (22 Apr 2024)
|
||
|
||
- tests: enable test 1117 for hyper
|
||
|
||
Closes #13436
|
||
|
||
Daniel Stenberg (22 Apr 2024)
|
||
|
||
- sendf: useless assignment in cr_lc_read()
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13437
|
||
|
||
- tool_paramhlp: remove duplicate assign
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13433
|
||
|
||
- transfer: remove useless assignment
|
||
|
||
in Curl_xfer_recv_resp
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13435
|
||
|
||
- http: acknowledge a returned error code
|
||
|
||
... and do not overwrite it with a new value that could then hide the
|
||
problem.
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13434
|
||
|
||
- tool_operate: init vars unconditionally in post_per_transfer
|
||
|
||
In case of (the unlikely) early return, they could otherwise remain
|
||
uninitialized
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13430
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- urlapi: allow setting port number zero
|
||
|
||
Also set and check errno when strtoul() parsing numbers for better error
|
||
checking.
|
||
|
||
Updated test 1560
|
||
|
||
Closes #13427
|
||
|
||
- http_aws_sigv4: remove useless assignment
|
||
|
||
This code assigned the variable the same value it already had
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13426
|
||
|
||
- file: remove useless assignment
|
||
|
||
This code assigned the variable the same value it already had.
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13425
|
||
|
||
- test2406: verify -f with HTTP/2
|
||
|
||
Stefan Eissing (19 Apr 2024)
|
||
|
||
- http2 + ngtcp2: pass CURLcode errors from callbacks
|
||
|
||
- errors returned by Curl_xfer_write_resp() and the header variant are
|
||
not errors in the protocol. The result needs to be returned on the
|
||
next recv() from the protocol filter.
|
||
|
||
- make xfer write errors for response data cause the stream to be
|
||
cancelled
|
||
|
||
- added pytest test_02_14 and test_02_15 to verify that also for
|
||
parallel processing
|
||
|
||
Reported-by: Laramie Leavitt
|
||
Fixes #13411
|
||
Closes #13424
|
||
|
||
Daniel Stenberg (19 Apr 2024)
|
||
|
||
- request: make Curl_req_init return void
|
||
|
||
Since it could not return error and therefore this change removes dead
|
||
code for the caller.
|
||
|
||
Spotted by CodeSonar.
|
||
|
||
Closes #13423
|
||
|
||
- multi: remove the unused Curl_preconnect function
|
||
|
||
The implementation has been removed, no point in keeping it around.
|
||
|
||
Follow-up to 476adfeac019ed
|
||
|
||
Closes #13422
|
||
|
||
- Curl_creader_read: init two variables to avoid using them uninited
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13419
|
||
|
||
- http: reject HTTP major version switch mid connection
|
||
|
||
A connection that has seen an HTTP major version now refuses any other
|
||
major HTTP version in future responses. Previously, a HTTP/1.x
|
||
connection would just silently accept HTTP/2 or HTTP/3 in the status
|
||
lines as long as it had support for those built-in. It would then just
|
||
lead to confusion and badness.
|
||
|
||
Indirectly Spotted by CodeSonar which identified a duplicate assignment
|
||
in this function.
|
||
|
||
Add test 471 to verify
|
||
|
||
Closes #13421
|
||
|
||
- mqtt: when Curl_xfer_recv returns error, don't use nread
|
||
|
||
A returned error code makes other return value unreliable, and in this
|
||
case potentially uninitialized. On error, do not read other return
|
||
values like the nread counter.
|
||
|
||
Spotted by CodeSonar
|
||
|
||
Closes #13418
|
||
|
||
- ftp: fix socket leak on rare error
|
||
|
||
In the function AcceptServerConnect() the newly created socket would
|
||
leak if Curl_conn_tcp_accepted_set() returns error. Which basically
|
||
should never happen.
|
||
|
||
Spotted by CodeSonar.
|
||
|
||
Closes #13417
|
||
|
||
- urlapi: remove unused flags argument from Curl_url_set_authority
|
||
|
||
The function is only called from a single place (for HTTP/2 server push)
|
||
so might as well just assume this fixed option every time.
|
||
|
||
Closes #13409
|
||
|
||
- github/ISSUE_TEMPLATE: tweak the commericual support text
|
||
|
||
- github/ISSUE_TEMPLATE: link the GitHub discussions too
|
||
|
||
... and move the feature request line to the bottom.
|
||
|
||
- curl_url_get.md: clarify queries and fragments and CURLU_GET_EMPTY
|
||
|
||
Follow-up to 3eac21d86bc5
|
||
|
||
Closes #13407
|
||
|
||
Stefan Eissing (18 Apr 2024)
|
||
|
||
- tests: check caddy server version to match test expectations
|
||
|
||
- new caddy servers no longer return 200 on POSTs, but 405
|
||
as they should
|
||
|
||
Closes #13405
|
||
|
||
Daniel Stenberg (18 Apr 2024)
|
||
|
||
- curl_url_set.md: extended
|
||
|
||
Closes #13404
|
||
|
||
- urlapi: add CURLU_GET_EMPTY for empty queries and fragments
|
||
|
||
By default the API inhibits empty queries and fragments extracted.
|
||
Unless this new flag is set.
|
||
|
||
This also makes the behavior more consistent: without it set, zero
|
||
length queries and fragments are considered not present in the URL. With
|
||
the flag set, they are returned as a zero length strings if they were in
|
||
fact present in the URL.
|
||
|
||
This applies when extracting the individual query and fragment
|
||
components and for the full URL.
|
||
|
||
Closes #13396
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- lib1560: test with leading zeroes and more IPv4 versions
|
||
|
||
Inspired by WHATWG URL Spec test inputs
|
||
|
||
Closes #13400
|
||
|
||
Christian Schmitz (17 Apr 2024)
|
||
|
||
- smtp: result of Curl_bufq_cread was not used
|
||
|
||
return the result back to the caller.
|
||
|
||
Closes #13398
|
||
|
||
Daniel Stenberg (17 Apr 2024)
|
||
|
||
- urlapi: fix relative redirects to fragment-only
|
||
|
||
Using the URL API for a redirect URL when the redirected-to string
|
||
starts with a hash, ie is only a fragment, the API would produce the
|
||
wrong final URL.
|
||
|
||
Adjusted test 1560 to test for several new redirect cases.
|
||
|
||
Closes #13394
|
||
|
||
Jiwoo Park (17 Apr 2024)
|
||
|
||
- url: fix use of an uninitialized variable
|
||
|
||
Closes #13399
|
||
|
||
Patrick Monnerat (17 Apr 2024)
|
||
|
||
- os400: sync with latest changes
|
||
|
||
- Conversion support for new version info character field rtmp_version.
|
||
- New ILE/RPG declarations.
|
||
|
||
Closes #13402
|
||
|
||
Daniel Stenberg (17 Apr 2024)
|
||
|
||
- ngtcp2: fix macro use
|
||
|
||
macro "H3_STREAM_CTX" requires 2 arguments, but only 1 given
|
||
|
||
Follow-up to c6655f7029ec5c128561e3ecf1f93db3ed0432a4
|
||
|
||
Closes #13401
|
||
|
||
Christian Schmitz (17 Apr 2024)
|
||
|
||
- sendf: fix two typos in comments
|
||
|
||
The parameters are named data, not date.
|
||
|
||
Closes #13393
|
||
|
||
- lib: silence warnings on comma misuse
|
||
|
||
Building curl with -Wcomma, I see warnings about "possible misuse of
|
||
comma operator here" and moving fields assignment out of the for() fixes
|
||
it.
|
||
|
||
Closes #13392
|
||
|
||
Stefan Eissing (17 Apr 2024)
|
||
|
||
- http/2, http/3: decouple stream state from easy handle
|
||
|
||
- add `Curl_hash_offt` as hashmap between a `curl_off_t` and
|
||
an object. Use this in h2+h3 connection filters to associate
|
||
`data->id` with the internal stream state.
|
||
- changed implementations of all affected connection filters
|
||
- removed `h2_ctx*` and `h3_ctx*` from `struct HTTP` and thus
|
||
the easy handle
|
||
- solves the problem of attaching "foreign protocol" easy handles
|
||
during connection shutdown
|
||
|
||
Test 1616 verifies the new hash functions.
|
||
|
||
Closes #13204
|
||
|
||
Daniel Stenberg (17 Apr 2024)
|
||
|
||
- ROADMAP: remove completed entries, mention websocket
|
||
|
||
- THANKS-filter: name fixes
|
||
|
||
Christian Schmitz (17 Apr 2024)
|
||
|
||
- winbuild: add ENABLE_WEBSOCKETS option
|
||
|
||
Closes #13232
|
||
|
||
Daniel Stenberg (17 Apr 2024)
|
||
|
||
- dmaketgz: compacter
|
||
|
||
Removes the need for disabling shellcheck warnings.
|
||
|
||
Follow-up to d28f74913c2
|
||
Proposed-by: Viktor Szakats
|
||
Closes #13391
|
||
|
||
Dan Fandrich (16 Apr 2024)
|
||
|
||
- tests: Fix uninitialized value warning
|
||
|
||
The check for an option must be predicated on options existing at all.
|
||
|
||
Follow-up to f7cc9e91
|
||
|
||
Christian Schmitz (17 Apr 2024)
|
||
|
||
- idn: add native AppleIDN (icucore) support for macOS/iOS
|
||
|
||
I implemented the IDN functions for macOS and iOS using Unicode
|
||
libraries coming with macOS and iOS.
|
||
|
||
Builds and runs here on macOS 14.2.1. Also verified to load and
|
||
run on older macOS version 10.13.
|
||
|
||
Build requires macOS SDK 13 or equivalent.
|
||
|
||
Set `-DUSE_APPLE_IDN=ON` CMake option to enable it.
|
||
With autotools and other build tools, set these manual options:
|
||
```
|
||
CPPFLAGS=-DUSE_APPLE_IDN
|
||
LIBS=-licucore
|
||
```
|
||
|
||
Completes TODO 1.6.
|
||
|
||
TODO: add autotools option and feature-detection.
|
||
|
||
Refs: #5330 #5371
|
||
Co-authored-by: Viktor Szakats
|
||
Closes #13246
|
||
|
||
Stefan Eissing (16 Apr 2024)
|
||
|
||
- http3: extend download abort tests, fixes in ngtcp2
|
||
|
||
- fix flow handling in ngtcp2 to ACK data on streams
|
||
we abort ourself.
|
||
- extend test_02_23* cases to also run for h3
|
||
- skip test_02_23* for OpenSSL QUIC as it gets stalled
|
||
on progressing the connection
|
||
|
||
Closes #13374
|
||
|
||
Daniel Stenberg (16 Apr 2024)
|
||
|
||
- tests: add -q as first option when invoking curl for tests
|
||
|
||
To reduce the risk that the user running the tests has a .curlrc present
|
||
that messes things up.
|
||
|
||
Support 'option="no-q"' for the <command> tag to switch it off on demand.
|
||
Use this new feature in test 433 and 436.
|
||
|
||
Ref: #13284
|
||
Closes #13387
|
||
|
||
- dmaketgz: release tarball generation using docker
|
||
|
||
For easier reproducibility.
|
||
|
||
Mention using this script in RELEASE-PROCEDURE
|
||
|
||
Closes #13388
|
||
|
||
Viktor Szakats (16 Apr 2024)
|
||
|
||
- cmake: update ECH code and minor fixups
|
||
|
||
- `openssl_check_symbol_exists()` expects a 4th argument now.
|
||
Follow-up to edc2702a1fe3a4a5386ffd9aa4f240f0c0197fa2 #13373
|
||
|
||
- minor comment/script touch-ups.
|
||
Follow-up to a362962b7289ec02b412890c9515657cf0ed50ac #11922
|
||
|
||
- fix indentation.
|
||
|
||
Closes #13383
|
||
|
||
- tests: fix shellcheck issues in `ech_tests.sh`
|
||
|
||
Add double-quotes where missing.
|
||
|
||
Follow-up to a362962b7289ec02b412890c9515657cf0ed50ac #11922
|
||
Closes #13382
|
||
|
||
- dist: add ECH files to tarball
|
||
|
||
Also sort `EXTRA_DIST` list in `tests/Makefile.am` and make it diffable.
|
||
|
||
Follow-up to a362962b7289ec02b412890c9515657cf0ed50ac #11922
|
||
Closes #13381
|
||
|
||
- openvms: look for `USE_IPV6` in `config.h` (was: `ENABLE_IPV6`)
|
||
|
||
The OpenVMS script `config_h.com` is parsing the config header
|
||
generated by autotools. Let's make it look for the macro name we now
|
||
use universally across the codebase.
|
||
|
||
Follow-up to e411c98f702f0fb38dceec95e7507ef15a00d12c #13349
|
||
Closes #13360
|
||
|
||
daniel-j-h (16 Apr 2024)
|
||
|
||
- Dockerfile: for release automation and reproducibility
|
||
|
||
Closes #13250
|
||
|
||
Stefan Eissing (16 Apr 2024)
|
||
|
||
- cw-out: improved error handling
|
||
|
||
- remember error encountered in invoking write callback and always fail
|
||
afterwards without further invokes
|
||
|
||
- check behaviour in test_02_17 with h2-pausing client
|
||
|
||
Reported-by: Pavel Kropachev
|
||
Fixes #13337
|
||
Closes #13340
|
||
|
||
Daniel Stenberg (16 Apr 2024)
|
||
|
||
- version: add "ECH" as a feature
|
||
|
||
If available
|
||
|
||
Follow-up to a362962b7
|
||
Closes #13378
|
||
|
||
- CURLOPT_ECH: polish
|
||
|
||
- remove the pointer to build instructions, it won't work in manpages
|
||
- add see-also
|
||
- minor white space edits
|
||
|
||
Closes #13379
|
||
|
||
Viktor Szakats (16 Apr 2024)
|
||
|
||
- tidy-up: whitespace [ci skip]
|
||
|
||
- mbedtls: fix building with v3 in CMake Unity mode
|
||
|
||
Before this patch the internal feature detection macro
|
||
`HAS_MBEDTLS_RESULT_CODE_BASED_FUNCTIONS` was defined in three files,
|
||
with an incomplete logic in one of them. In Unity mode that spilled
|
||
into another source file and broke the build.
|
||
|
||
Closes #13377
|
||
|
||
- cmake: add librtmp/rtmpdump option and detection
|
||
|
||
Add CMake option `USE_LIBRTMP`. Disabled by default.
|
||
|
||
This library requires OpenSSL TLS-backend when linked statically.
|
||
|
||
Follow-up to 6eb9e65781fa1fd8a0bcfe0715187a3a35f09ae4 #13364
|
||
Closes #13373
|
||
|
||
Stephen Farrell (16 Apr 2024)
|
||
|
||
- TLS: add support for ECH (Encrypted Client Hello)
|
||
|
||
An EXPERIMENTAL feature used with CURLOPT_ECH and --ech.
|
||
|
||
Closes #11922
|
||
|
||
Daniel Stenberg (15 Apr 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- multi: introduce SETUP state for better timeouts
|
||
|
||
Since we can go to the CONNECT state from PENDING, potentially multiple
|
||
times for a single transfer, this change introdues a SETUP state that
|
||
happens before CONNECT when doing a new transfer.
|
||
|
||
Now, doing a redirect on a handle goes back to SETUP (not CONNECT like
|
||
before) and we initilize the connect timeout etc in SETUP. Previously,
|
||
we would do it in CONNECT but that would make it unreliable in cases
|
||
where a transfer goes in and out between CONNECT and PENDING multiple
|
||
times.
|
||
|
||
SETUP is transient, so the handle never actually stays in that state.
|
||
|
||
Additionally: take care of timeouts of PENDING transfers in
|
||
curl_multi_perform()
|
||
|
||
Ref: #13227
|
||
Closes #13371
|
||
|
||
Tal Regev (15 Apr 2024)
|
||
|
||
- cmake: forward `USE_LIBRTMP` option to C
|
||
|
||
Define in C `USE_LIBRTMP` if user requested it from cmake.
|
||
|
||
Closes #13364
|
||
|
||
Daniel Stenberg (15 Apr 2024)
|
||
|
||
- curl_version_info: provide librtmp version
|
||
|
||
Ref: https://github.com/curl/curl/pull/13364#issuecomment-2054151942
|
||
Reported-by: talregev on github
|
||
Closes #13368
|
||
|
||
blankie (15 Apr 2024)
|
||
|
||
- docs: clarify CURLOPT_MAXFILESIZE and CURLOPT_MAXFILESIZE_LARGE
|
||
|
||
The bounds of the size parameter were not specified, and nor was it
|
||
specified how to disable the maximum file size check.
|
||
|
||
The documentation also incorrectly stated that CURLOPT_MAXFILESIZE
|
||
always returns CURLE_OK and that CURLOPT_MAXFILESIZE_LARGE only returns
|
||
CURLE_OK or CURLE_UNKNOWN_OPTION.
|
||
|
||
It also did not mention what the default value is, which is zero. This
|
||
commit updates the documentation to make note of all these things.
|
||
|
||
Closes #13372
|
||
|
||
Patrick Monnerat (15 Apr 2024)
|
||
|
||
- OS400: post-shellcheck changes adjustments
|
||
|
||
Build scripts must be executed by the os/400 shell (sh), not bash which
|
||
is a PASE program.
|
||
|
||
Shell function get_make_vars() escaping reworked to match $() subcommand
|
||
construct.
|
||
|
||
Follow-up to 8a622baf9e9233241bbe93d6599c99cb46478614
|
||
Closes #13366
|
||
|
||
Viktor Szakats (15 Apr 2024)
|
||
|
||
- OS400: tidy-up
|
||
|
||
Drop/fixup mods trying to make some syntax highlighters happier.
|
||
|
||
Follow-up to 8a622baf9e9233241bbe93d6599c99cb46478614 #13309
|
||
Closes #13362
|
||
|
||
Daniel Stenberg (15 Apr 2024)
|
||
|
||
- multi: timeout handles even without connection
|
||
|
||
When there is a "change" in a multi handle and pending handles are moved
|
||
back to the main list to be retested if they can proceed further (for
|
||
example a previous transfer completed or a connection has a confirmed
|
||
multiplexed state), the timeout check in multi_runsingle() would not
|
||
trigger because it required an established connection.
|
||
|
||
This could make a pending tranfer go back to pending state even though
|
||
it had been "in progress" for a longer time than permitted. By removing
|
||
the requirement for an associated connection, the timeout check will be
|
||
done proper even for transfers that has not yet been assigned one.
|
||
|
||
Ref #13227
|
||
Reported-by: Rahul Krishna M
|
||
Closes #13276
|
||
|
||
Patrick Monnerat (15 Apr 2024)
|
||
|
||
- mprintf: check fputc error rather than matching returned character
|
||
|
||
OS/400 ascii fputc wrapper deviates from the posix standard by the
|
||
fact that it returns the ebcdic encoding of the original ascii
|
||
character. Testing for a matching value for success will then always
|
||
fail.
|
||
|
||
This commit replaces the chariacter comparison by an explicit error
|
||
return check.
|
||
|
||
Follow-up to ef2cf58
|
||
Closes #13367
|
||
|
||
Viktor Szakats (14 Apr 2024)
|
||
|
||
- ci: add CMake build variation, fixup libssh detection in `linux-old`
|
||
|
||
To test without c-ares and hit `easy_lock.h` on an old system. Use this
|
||
new build step to introduce small variations, and also test libssh2.
|
||
|
||
Also add workaround to existing job to enable libssh. (CMake's generic
|
||
auto-detection doesn't seem to work here.):
|
||
```
|
||
CMake Warning at CMakeLists.txt:908 (find_package):
|
||
Could not find a package configuration file provided by "libssh" with any
|
||
of the following names:
|
||
|
||
libsshConfig.cmake
|
||
libssh-config.cmake
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/8661316091/job/23750974358#ste
|
||
p:5:69
|
||
|
||
Closes #13361
|
||
|
||
- lib: merge `ENABLE_QUIC` C macro into `USE_HTTP3`
|
||
|
||
Before this patch `lib/curl_setup.h` defined these two macros right
|
||
next to each other, then the source code used them interchangeably.
|
||
|
||
After this patch, `USE_HTTP3` guards all HTTP/3 / QUIC features.
|
||
(Like `USE_HTTP2` does for HTTP/2.) `ENABLE_QUIC` is no longer used.
|
||
|
||
This patch doesn't change the way HTTP/3 is enabled via autotools
|
||
or CMake. Builders who enabled HTTP/3 manually by defining both of
|
||
these macros via `CPPFLAGS` can now delete `-DENABLE_QUIC`.
|
||
|
||
Closes #13352
|
||
|
||
- build: prefer `USE_IPV6` macro internally (was: `ENABLE_IPV6`)
|
||
|
||
Before this patch, two macros were used to guard IPv6 features in curl
|
||
sources: `ENABLE_IPV6` and `USE_IPV6`. This patch makes the source use
|
||
the latter for consistency with other similar switches.
|
||
|
||
`-DENABLE_IPV6` remains accepted for compatibility as a synonym for
|
||
`-DUSE_IPV6`, when passed to the compiler.
|
||
|
||
`ENABLE_IPV6` also remains the name of the CMake and `Makefile.vc`
|
||
options to control this feature.
|
||
|
||
Closes #13349
|
||
|
||
Dan Fandrich (12 Apr 2024)
|
||
|
||
- DISTROS: mark rolling release distros
|
||
|
||
These are ones that are unlikely to have back-ported curl patches.
|
||
|
||
Closes #13353
|
||
|
||
Daniel Stenberg (12 Apr 2024)
|
||
|
||
- mbedtls: cut off trailing newlines from debug logs
|
||
|
||
To avoid double newlines in the output.
|
||
|
||
Reported-by: Gisle Vanem
|
||
Fixes #13321
|
||
Closes #13356
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Stefan Eissing (12 Apr 2024)
|
||
|
||
- CURLINFO_REQUEST_SIZE: fixed, add tests for transfer infos reported
|
||
|
||
- tests for 'size_request' and other stats reported, for
|
||
presence and consistency
|
||
|
||
Reported-by: Jonatan Vela
|
||
Fixes #13269
|
||
Closes #13275
|
||
|
||
Viktor Szakats (11 Apr 2024)
|
||
|
||
- dist: add files missing from release tarball
|
||
|
||
Closes #13346
|
||
|
||
- ci: parallelize more, tidy up cmake commands (distcheck, macos)
|
||
|
||
Also enable `-DCURL_WERROR=ON` in the Linux cmake build test.
|
||
|
||
Closes #13343
|
||
|
||
Toon Claes (11 Apr 2024)
|
||
|
||
- docs: add CURLOPT_NOPROGRESS to CURLOPT_XFERINFOFUNCTION example
|
||
|
||
It's important to set `CURLOPT_NOPROGRESS` to `0` if you want your
|
||
transfer callback function, set by `CURLOPT_XFERINFOFUNCTION`, getting
|
||
called. To emphasize this to the users, add this to the code example.
|
||
|
||
Closes #13348
|
||
|
||
RainRat (11 Apr 2024)
|
||
|
||
- misc: fix typos
|
||
|
||
Closes #13344
|
||
|
||
Colin Leroy-Mira (11 Apr 2024)
|
||
|
||
- file: add support for getting basic directory listings
|
||
|
||
Not supported on Windows (yet)
|
||
|
||
Closes #13137
|
||
|
||
Viktor Szakats (11 Apr 2024)
|
||
|
||
- ci: add curl-for-win builds: Linux MUSL, macOS, Windows
|
||
|
||
Linux MUSL (llvm/clang), macOS Apple clang, Windows (llvm/clang).
|
||
|
||
Configured with HTTP/2 and HTTP/3 and other dependencies (the default
|
||
curl-for-win) for a comprehensive build test.
|
||
|
||
```
|
||
curl 8.8.0-DEV (x86_64-unknown-linux-musl) libcurl/8.8.0-DEV LibreSSL/3.9.1 z
|
||
lib/1.3.1 brotli/1.1.0 zstd/1.5.6 libpsl/0.21.5 libssh2/1.11.0 nghttp2/1.61.0
|
||
ngtcp2/1.4.0 nghttp3/1.2.0
|
||
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns
|
||
mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws wss
|
||
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefil
|
||
e libz NTLM PSL SSL threadsafe UnixSockets zstd
|
||
|
||
curl 8.8.0-DEV (x86_64-apple-darwin) libcurl/8.8.0-DEV LibreSSL/3.9.1 zlib/1.
|
||
3.1 brotli/1.1.0 zstd/1.5.6 libpsl/0.21.5 libssh2/1.11.0 nghttp2/1.61.0 ngtcp
|
||
2/1.4.0 nghttp3/1.2.0
|
||
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns
|
||
ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws w
|
||
ss
|
||
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefil
|
||
e libz NTLM PSL SSL threadsafe UnixSockets zstd
|
||
|
||
curl 8.8.0-DEV (x86_64-w64-mingw32) libcurl/8.8.0-DEV LibreSSL/3.9.1 zlib/1.3
|
||
.1 brotli/1.1.0 zstd/1.5.6 WinIDN libpsl/0.21.5 libssh2/1.11.0 nghttp2/1.61.0
|
||
ngtcp2/1.4.0 nghttp3/1.2.0
|
||
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns
|
||
ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws w
|
||
ss
|
||
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTP3 HTTPS-proxy IDN IPv6 Kerb
|
||
eros Largefile libz NTLM PSL SPNEGO SSL SSPI threadsafe UnixSockets zstd
|
||
```
|
||
|
||
Limited to x64, because for build testing the additional CPUs don't add
|
||
much value compared to the extra build time. They can be enabled easily
|
||
if deemed useful.
|
||
|
||
To the extent of curl-for-win configuration options, it's trivial to add
|
||
further build combinations.
|
||
|
||
Closes #13335
|
||
|
||
- OS400: fix shellcheck warnings in scripts
|
||
|
||
- use `$()` instead of backticks, and re-arrange double-quotes inside.
|
||
- add missing `|| exit 1` to `cd` calls. (could be dropped by using `set -eu`
|
||
.)
|
||
- add `-n` to a few `if`s.
|
||
- shorten redirections by using `{} >` (as shellcheck recommended).
|
||
- silence warnings where variables were detected as unused (SC2034).
|
||
- a couple misc updates to silence warnings.
|
||
- switch to bash shebang for `-ot` feature.
|
||
- split two lines to unbreak syntax highlighting in my editor. (`$(expr \`, `
|
||
$(dirname \`)
|
||
|
||
Also enable CI checks for OS/400 shell scripts.
|
||
|
||
Ref: #13307
|
||
Closes #13309
|
||
|
||
Stefan Eissing (11 Apr 2024)
|
||
|
||
- lib: add Curl_xfer_write_resp_hd
|
||
|
||
Add method in protocol handlers to allow writing of a single,
|
||
0-terminated header line. Avoids parsing and copying these lines.
|
||
|
||
Closes #13165
|
||
|
||
- llist: add Curl_llist_append()
|
||
|
||
- use for better readability in all places where the "insert_next"
|
||
actually performs an append to the list
|
||
- add some tests in unit1300
|
||
|
||
Closes #13336
|
||
|
||
- gnutls: lazy init the trust settings
|
||
|
||
- delay loading of trust anchors and CRLs after the ClientHello
|
||
has been sent off
|
||
- add tracing to IO operations
|
||
- on IO errors, return the CURLcode of the underlying filter
|
||
|
||
Closes #13339
|
||
|
||
Marcel Raad (10 Apr 2024)
|
||
|
||
- http_negotiate: fix `CURL_DISABLE_PROXY` build
|
||
|
||
`proxyuserpwd` was removed from `dynamically_allocated_data` in commit
|
||
f46385d36df.
|
||
|
||
Closes https://github.com/curl/curl/pull/13334
|
||
|
||
Viktor Szakats (10 Apr 2024)
|
||
|
||
- quic: fixup duplicate static function name (for cmake unity)
|
||
|
||
Visible in daily curl-for-win builds:
|
||
https://github.com/curl/curl-for-win/actions/runs/8621925870
|
||
|
||
```
|
||
lib/vquic/curl_ngtcp2.c:1916:12: error: redefinition of 'ossl_new_session_cb'
|
||
static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid)
|
||
^
|
||
lib/vtls/openssl.c:2978:12: note: previous definition is here
|
||
static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid)
|
||
^
|
||
```
|
||
https://github.com/curl/curl-for-win/actions/runs/8621925870/job/23631885439#
|
||
step:3:6965
|
||
|
||
Follow-up to 3210101088dfa3d6a125d213226b092f2f866722 #13172
|
||
Closes #13332
|
||
|
||
- appveyor: make VS2010 job build-only, enable Schannel, fix compiler warnings
|
||
|
||
Tests were consistently flaky for a while.
|
||
|
||
Also fix compiler warnings in `CertOpenStore()` calls for old MSVC compilers:
|
||
```
|
||
C:/projects/curl/lib/vtls/schannel.c(688):
|
||
warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater s
|
||
ize
|
||
C:/projects/curl/lib/vtls/schannel_verify.c(642):
|
||
warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater s
|
||
ize
|
||
```
|
||
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/49580310/job/ywu2y44
|
||
kymgc0nif#L106
|
||
|
||
Closes #13330
|
||
|
||
Daniel Stenberg (10 Apr 2024)
|
||
|
||
- projects: drop MSVC project files for recent versions
|
||
|
||
We encourage users to generate visual studio project files using CMake.
|
||
|
||
We keep project files in git for ancient visual studio versions that
|
||
cmake cannot generate files for, but we no longer ship the project files
|
||
in the tarballs.
|
||
|
||
appveyor: switch VisualStudioSolution job to VC12 (Visual Studio 2013)
|
||
|
||
Co-Authored-by: Viktor Szakats
|
||
Co-Authored-by: Jay Satiro
|
||
|
||
Closes #13311
|
||
|
||
Viktor Szakats (9 Apr 2024)
|
||
|
||
- cmake: use namespaced custom target names
|
||
|
||
Rename custom target to namespaced (unique) names to avoid colliding
|
||
with 3rd-party projects (e.g. libzip) built together with curl.
|
||
|
||
Reported-by: hammlee96 on github
|
||
Fixes #13324
|
||
Closes #13326
|
||
|
||
- appveyor: re-enable OpenSSL 3, bump to 3.2.1
|
||
|
||
Ref: b62454a875d70f93ab5347c050903596feb45a23 #13266
|
||
Closes #13329
|
||
|
||
Stefan Eissing (9 Apr 2024)
|
||
|
||
- CI: upgrade openssl version to 3.3.0 for openssl-quic
|
||
|
||
Closes #13328
|
||
|
||
Daniel Stenberg (9 Apr 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Bump to 8.8.0-DEV
|
||
|
||
- curl_multi_waitfds.md: add protocol mention
|
||
|
||
Follow-up to 02beac6bb6b
|
||
|
||
Dmitry Karpov (9 Apr 2024)
|
||
|
||
- lib: add curl_multi_waitfds
|
||
|
||
New function call, similar to curl_multi_fdset()
|
||
|
||
Closes #13135
|
||
|
||
Viktor Szakats (9 Apr 2024)
|
||
|
||
- dist: verify tarball reproducibility in CI
|
||
|
||
Closes #13327
|
||
|
||
Stefan Eissing (9 Apr 2024)
|
||
|
||
- tests: stabilitze test_02_23*
|
||
|
||
- h2-download now always opens the output file on first write callback
|
||
invocation, if it will pause the transfer or not.
|
||
- Checks on output files then does not depend on the amount of data curl
|
||
has collected for the first write.
|
||
|
||
Closes #13323
|
||
|
||
- tls: fix compile issues on old-linux CI
|
||
|
||
Follow-up to 3210101088dfa
|
||
Closes #13325
|
||
|
||
Viktor Szakats (9 Apr 2024)
|
||
|
||
- dist: add reproducible dir entries to tarballs
|
||
|
||
In the initial implementation of reproducible tarballs, they were
|
||
missing directory entries, while .zip archives had them. It meant
|
||
that on extracting the tarball, on-disk directory entries got the
|
||
current timestamp.
|
||
|
||
This patch fixes this by including directory entries in the tarball,
|
||
with reproducible timestamps. It also moves sorting inside tar,
|
||
to ensure reproducible directory entry timestamps on extract
|
||
(without the need of `--delay-directory-restore` option, when
|
||
extracting with GNU tar. BSD tar got that right by default.)
|
||
|
||
GNU tar 1.28 (2014-07-28) introduced `--sort=`.
|
||
|
||
Ref: https://github.com/curl/curl/pull/13299#discussion_r1555957350
|
||
Follow-up to 860cd5fc2dc8e165fadd2c19a9b7c73b3ae5069d #13299
|
||
Closes #13322
|
||
|
||
Stefan Eissing (9 Apr 2024)
|
||
|
||
- tls: use shared init code for TCP+QUIC
|
||
|
||
Closes #13172
|
||
|
||
Daniel Stenberg (9 Apr 2024)
|
||
|
||
- .mailmap: update Gisle's preferred email
|
||
|
||
Jan Macku (9 Apr 2024)
|
||
|
||
- doc: pytest `--repeat` -> `--count`
|
||
|
||
Pytest doesn't have a `--repeat` option, but it does have a `--count`
|
||
option.
|
||
|
||
```
|
||
--count=COUNT Number of times to repeat each test
|
||
```
|
||
|
||
Closes #13218
|
||
|
||
Daniel Stenberg (9 Apr 2024)
|
||
|
||
- src/Makefile.am: access curl.txt using a relative path, not abs
|
||
|
||
... to make it work when mounted using different mount points. Like when
|
||
generated/used inside and outside of a docker image.
|
||
|
||
Closes #13320
|
||
|
||
- build: remove MacOSX-Framework script
|
||
|
||
I don't think this is much used these days.
|
||
|
||
Also remove the libcurl.plist file used (only) by this script
|
||
|
||
Closes #13313
|
||
|
||
- release-tools.sh: store the timestamp and release tag too
|
||
|
||
When maketgz invokes this script to generate the docs/RELEASE-TOOLS.md
|
||
file that gets bundled in the release, it now also passes on the exact
|
||
timestamp and version number so that those details also get mentioned in
|
||
the document. They will help users reproduce an identical tarball.
|
||
|
||
Closes #13319
|
||
|
||
Viktor Szakats (8 Apr 2024)
|
||
|
||
- GHA: disable permissions where missing
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13306
|
||
|
||
Stefan Eissing (8 Apr 2024)
|
||
|
||
- CI: update component versions
|
||
|
||
- ngtcp2: v1.4.0
|
||
- nghttp3: v1.2.0
|
||
- nghttp2: v1.61.0
|
||
- mod_h2: v2.0.27
|
||
|
||
Closes #13316
|
||
|
||
Jérôme Leclercq (8 Apr 2024)
|
||
|
||
- CMake: check fseeko after detecting HAVE_FILE_OFFSET_BITS
|
||
|
||
Closes #13264
|
||
|
||
Stefan Eissing (8 Apr 2024)
|
||
|
||
- http2: emit RST when client write fails
|
||
|
||
- When the writing of response data fails, reset the stream
|
||
and do not return a callback error to nghttp2. That would
|
||
be a fatal error for the connection and harm other requests.
|
||
- add test cases for various abort scenarios
|
||
|
||
Reported-by: Konstantin Kuzov
|
||
Fixes #13292
|
||
Closes #13298
|
||
|
||
Kailun Qin (8 Apr 2024)
|
||
|
||
- mbedtls: call mbedtls_ssl_setup() after RNG callback is set
|
||
|
||
Since mbedTLS v3.6.0, the RNG check added in ssl_conf_check() will fail
|
||
if no RNG is provided when calling mbedtls_ssl_setup().
|
||
|
||
Therefore, mbedtls_ssl_conf_rng() needs to be called before the SSL
|
||
context is passed to mbedtls_ssl_setup().
|
||
|
||
Ref: https://github.com/Mbed-TLS/mbedtls/commit/b422cab052b51ec84758638d6783d
|
||
6ba4fc60613
|
||
|
||
Signed-off-by: Kailun Qin <kailun.qin@intel.com>
|
||
Closes #13314
|
||
|
||
Daniel Stenberg (8 Apr 2024)
|
||
|
||
- NTLM_WB: drop support
|
||
|
||
The feature has not worked for months and has been marked as DEPRECATED
|
||
for six+ months.
|
||
|
||
Closes #13249
|
||
|
||
- curl_trc: fix build error when lacking verbose messages
|
||
|
||
Follow-up from 0b28ece657b2273
|
||
Closes #13312
|
||
|
||
Viktor Szakats (8 Apr 2024)
|
||
|
||
- contrithanks: honor `CURLWWW` variable
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13315
|
||
|
||
- GHA: add shellcheck job and fix warnings, shell tidy-ups
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13307
|
||
|
||
- dist: do not require Perl in `maketgz`
|
||
|
||
Perl remains required for the tarball build process.
|
||
|
||
Follow-up to 860cd5fc2dc8e165fadd2c19a9b7c73b3ae5069d #13299
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13310
|
||
|
||
Daniel Stenberg (8 Apr 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- docs/cmdline-opts: invoke managen using a relative path
|
||
|
||
... no need to use an absolute path, that makes the build unncessarily
|
||
fail if invoked using a different mount point. managen now takes options
|
||
to find the input files.
|
||
|
||
Update test1478 to provide the dir arguments to managen
|
||
|
||
Closes #13281
|
||
|
||
- GHA: add valgrind to a wolfSSL build
|
||
|
||
Closes #13274
|
||
|
||
Viktor Szakats (7 Apr 2024)
|
||
|
||
- dist: `set -eu`, fix shellcheck, make reproducible and smaller tarballs
|
||
|
||
- set bash `-eu` and fix fallouts.
|
||
- fix shellcheck warnings.
|
||
- set and use `SOURCE_DATE_EPOCH` for reproducibility.
|
||
Authored-by: Daniel J. H.
|
||
Ref: #13280
|
||
- set `TZ=UTC` and `LC_ALL=C` for reproducibility.
|
||
- make file timestamps in tarball/zip reproducible.
|
||
- make directory timestamps in zip reproducible.
|
||
- make timestamps of tarballs/zip reproducible.
|
||
- make file order in tarball/zip reproducible.
|
||
- omit extra file metadata from zip for reproducibility.
|
||
- use maximum zip compression.
|
||
- use POSIX `ustar` tarball format to avoid supply chain vulnerability:
|
||
https://seclists.org/oss-sec/2021/q4/0
|
||
- make uid/gid in tarball reproducible.
|
||
- omit owner user/group names from tarball for reproducibility and privacy.
|
||
- omit current timestamp from .gz header for reproducibility.
|
||
- display SHA-256 hashes of produced tarballs/zip.
|
||
- fix whitespace.
|
||
|
||
`.tar.gz` also became smaller in the process: 4,462,311 -> 4,148,249 bytes (8
|
||
.7.1)
|
||
|
||
Requires GNU tar, GNU date, `sha256sum`.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Ref: #13250
|
||
Closes #13299
|
||
|
||
Gisle Vanem (7 Apr 2024)
|
||
|
||
- tests/http: fix compiler warning
|
||
|
||
- Init result code variable to fix clang warning that it may be used
|
||
uninitialized.
|
||
|
||
Fixes https://github.com/curl/curl/issues/13301
|
||
Closes https://github.com/curl/curl/pull/13304
|
||
|
||
Stefan Eissing (6 Apr 2024)
|
||
|
||
- vquic: use new curl_int64_t type
|
||
|
||
- add curl_int64_t signed 64-bit type for lib use
|
||
|
||
- define CURL_PRId64, CURL_PRIu64 format ids
|
||
|
||
- use curl_int64_t in vquic
|
||
|
||
curl_int64_t signed complements the existing curl_uint64_t unsigned.
|
||
|
||
Note that `curl_int64_t` and `int64_t` are assignable from each other
|
||
but not identical. Some platforms with 64 long type defint int64_t as
|
||
"long long" (staring at macOS) which messes up things like pointers and
|
||
format identifiers.
|
||
|
||
Closes https://github.com/curl/curl/pull/13293
|
||
|
||
Jay Satiro (5 Apr 2024)
|
||
|
||
- lib: use multi instead of multi_easy for the active multi
|
||
|
||
- Use data->multi and not data->multi_easy to refer to the active multi.
|
||
|
||
The easy handle's active multi is always data->multi.
|
||
|
||
This is a follow up to 757dfdf which changed curl so that an easy handle
|
||
used with the easy interface and then multi interface cannot have two
|
||
different multi handles associated with it at the same time
|
||
(data->multi_easy from the easy interface and data->multi from the multi
|
||
interface).
|
||
|
||
Closes https://github.com/curl/curl/pull/12665
|
||
|
||
Viktor Szakats (5 Apr 2024)
|
||
|
||
- tidy-up: whitespace [ci skip]
|
||
|
||
Daniel Stenberg (5 Apr 2024)
|
||
|
||
- makefile: remove the sorting from the vc-ide action
|
||
|
||
This target generates the MSVC project files. This change removes the
|
||
extra sorting and instead makes the script use the order of the files as
|
||
listed in the variables - which are mostly sorted anyway.
|
||
|
||
This is an attempt to make the project file generation more easily
|
||
reproducible.
|
||
|
||
Ref: #13250
|
||
Closes #13294
|
||
|
||
Gisle Vanem (5 Apr 2024)
|
||
|
||
- bearssl: fix compiler warnings
|
||
|
||
"variables may be uninitialized when used"
|
||
|
||
Fixes #13290
|
||
Closes #13297
|
||
|
||
Daniel Stenberg (5 Apr 2024)
|
||
|
||
- DISTROS: Cygwin updates
|
||
|
||
Brought-by: Brian Inglis
|
||
Fixes #13258
|
||
Co-authored-by: Viktor Szakats
|
||
Closes #13279
|
||
|
||
Stefan Eissing (5 Apr 2024)
|
||
|
||
- lib: add trace support for client reads and writes
|
||
|
||
- add `CURL_TRC_READ()` and `CURL_TRC_WRITE()`
|
||
- use in generic client writers and readers, as well
|
||
as http headers, chunking and websockets
|
||
|
||
Closes #13223
|
||
|
||
Michał Antoniak (5 Apr 2024)
|
||
|
||
- urldata: remove fields not used depending on used features
|
||
|
||
Reduced size of dynamically_allocated_data structure.
|
||
|
||
Reduced number of stored values in enum dupstring and enum dupblob. This
|
||
affects the reduced array placed in the UserDefined structure.
|
||
|
||
Closes #13188
|
||
|
||
Viktor Szakats (5 Apr 2024)
|
||
|
||
- cmake: enable `-pedantic-errors` for clang when `CURL_WERROR=ON`
|
||
|
||
clang doesn't have the issues of GCC and old CMake versions.
|
||
|
||
Note: This introduces asymmetry with autotools, which only enables
|
||
this for GCC.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13286
|
||
|
||
- cmake: fix `CURL_WERROR=ON` for old CMake and use it in GHA/linux-old
|
||
|
||
- cmake: fix `-pedantic-errors` for old CMake with `CURL_WERROR=ON` set.
|
||
|
||
`-pedantic-errors` option throws a warning with GCC (all versions) and
|
||
makes `check_symbol_exists()` fail in CMake versions older than
|
||
v3.23.0 (2022-03-29), when CMake introduced a workaround:
|
||
|
||
https://gitlab.kitware.com/cmake/cmake/-/issues/13208
|
||
https://gitlab.kitware.com/cmake/cmake/-/commit/eeb45401163d831b8c841ef6eba
|
||
81466b4067b68
|
||
https://gitlab.kitware.com/cmake/cmake/-/commit/1ab7c3cd28b27ca162c4559e102
|
||
6e5cad1898ade
|
||
|
||
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
||
|
||
- set `CURL_WERROR=ON` for the `linux-old` job in CI.
|
||
|
||
Closes #13282
|
||
|
||
- lib: use `#error` instead of invalid syntax in `curl_setup_once.h`
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13287
|
||
|
||
Daniel Stenberg (5 Apr 2024)
|
||
|
||
- GHA: on macOS remove $HOME/.curlrc
|
||
|
||
A recent image upgrade added a $HOME/.curlrc by default using --ipv4.
|
||
|
||
Ref: https://github.com/actions/runner-images/pull/9586
|
||
Fixes #13284
|
||
Closes #13285
|
||
|
||
Viktor Szakats (4 Apr 2024)
|
||
|
||
- cmake: fixup `DEPENDS` filename
|
||
|
||
Fixing:
|
||
```
|
||
make[2]: Circular docs/curl-config.1 <- docs/curl-config.1 dependency dropped
|
||
.
|
||
make[2]: Circular docs/mk-ca-bundle.1 <- docs/mk-ca-bundle.1 dependency dropp
|
||
ed.
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/8559617487/job/23456740844?pr=
|
||
13282#step:6:18
|
||
|
||
Follow-up to 5023ffad2c27d4b916ddb91800f99ecc5d3aad07 #13197
|
||
Closes #13283
|
||
|
||
- GHA: enable unity mode for cmake jobs + tidy-ups
|
||
|
||
Unity mode is not supported by CMake v3.7.2 used in linux-old, but
|
||
enable it anyway for consistency and to kick in automatically once
|
||
migrating to a newer old Linux in the future.
|
||
|
||
Also:
|
||
- replace `CMAKE_COMPILE_WARNING_AS_ERROR` with `CURL_WERROR`.
|
||
- delete default build option `PICKY_COMPILER=ON`.
|
||
|
||
Closes #13277
|
||
|
||
Dan Fandrich (4 Apr 2024)
|
||
|
||
- CI: Add CI build on Debian stretch to test old support
|
||
|
||
This version still has ELTS support and contains some old versions of
|
||
key components like cmake to help prevent us from breaking that support.
|
||
|
||
Closes #13029
|
||
|
||
Stefan Eissing (4 Apr 2024)
|
||
|
||
- request: paused upload on completed download, assess connection
|
||
|
||
A transfer with a completed download that is still uploading needs to
|
||
check the connection state when it is PAUSEd, since connection
|
||
close/errors would otherwise go unnoticed.
|
||
|
||
Reported-by: Sergey Bronnikov
|
||
Fixes #13260
|
||
Closes #13271
|
||
|
||
Daniel Stenberg (4 Apr 2024)
|
||
|
||
- url: do not URL decode proxy crendentials
|
||
|
||
The two options CURLOPT_PROXYUSERNAME and CURLOPT_PROXYPASSWORD set the
|
||
actual names as-is, not URL encoded.
|
||
|
||
Modified test 503 to use percent-encoded strings in the credential
|
||
strings that should be passed on as-is.
|
||
|
||
Reported-by: Sergey Ogryzkov
|
||
Fixes #13265
|
||
Closes #13270
|
||
|
||
Viktor Szakats (4 Apr 2024)
|
||
|
||
- appveyor: enable cmake unity mode by default
|
||
|
||
Leave one non-unity cmake job. This makes the jobs finish slightly
|
||
quicker, while giving more coverage for unity issues.
|
||
|
||
Before:
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/49496977
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/49500372
|
||
After:
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/49500338
|
||
|
||
Also fixup unrelated whitespace.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13217
|
||
|
||
Daniel Stenberg (4 Apr 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Viktor Szakats (4 Apr 2024)
|
||
|
||
- cmake: speed up libcurl doc building again
|
||
|
||
This time limit the number of files per command to avoid exceeding
|
||
limitations of certain OS/shell envs.
|
||
|
||
Such known env is Windows with the `cmd.exe` shell, which features an
|
||
8K command-line length limit to this day.
|
||
|
||
Allowlisting `UNIX` to have no limit and using a limit of 200 for other
|
||
envs to be safe. If there is a way to detect `cmd.exe` and/or we know
|
||
which precise envs are sensitive to this, we can tweak these conditions
|
||
further.
|
||
|
||
Even with the low limit, this patch reduces external commands by 200x,
|
||
making builds much faster.
|
||
|
||
Ref: #12762 2620aa930bc73af1e4c70b10e3125b957b96ecfb (initial)
|
||
Ref: #13047 f03c85635f35269f1f45b983bf216624f541760a (revert)
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13207
|
||
|
||
- cmake: tidy-up to use `WORKING_DIRECTORY`
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13206
|
||
|
||
- cmake: generate misc manpages and install `mk-ca-bundle.pl`
|
||
|
||
- install `mk-ca-bundle.pl` like autotools does.
|
||
|
||
- generate and install `mk-ca-bundle.1` and `curl-config.1` like
|
||
autotools. This fixes tests 1140 and 1173.
|
||
|
||
Reported-by: Dan Fandrich
|
||
Fixes #13194
|
||
|
||
- add option `BUILD_MISC_DOCS` to control building the above two
|
||
manpages. Enabled by default.
|
||
|
||
- appveyor: stop disabling tests 1140 and 1173.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13197
|
||
|
||
Fabian Keil (4 Apr 2024)
|
||
|
||
- wolfssl: plug memory leak in wolfssl_connect_step2()
|
||
|
||
Fixes:
|
||
|
||
test 2034...[simple HTTPS GET with DER public key pinning]
|
||
==61829== 22,610 (3,744 direct, 18,866 indirect) bytes in 1 blocks are d
|
||
efinitely lost in loss record 51 of 54
|
||
==61829== at 0x484BB74: malloc (vg_replace_malloc.c:446)
|
||
==61829== by 0x4B53A80: wolfSSL_Malloc (memory.c:344)
|
||
==61829== by 0x4C1C8E1: wolfSSL_X509_new (x509.c:5326)
|
||
==61829== by 0x4C3977D: d2i_X509orX509REQ (x509.c:3628)
|
||
==61829== by 0x4C1D1F4: wolfSSL_X509_d2i (x509.c:3664)
|
||
==61829== by 0x4C1C37B: wolfSSL_X509_dup (x509.c:13425)
|
||
==61829== by 0x4C197DB: wolfSSL_get_peer_certificate (ssl.c:18765)
|
||
==61829== by 0x33297C: wolfssl_connect_step2 (wolfssl.c:875)
|
||
==61829== by 0x331669: wolfssl_connect_common (wolfssl.c:1287)
|
||
==61829== by 0x3303E9: wolfssl_connect_nonblocking (wolfssl.c:1319)
|
||
==61829== by 0x32FE89: ssl_connect_nonblocking (vtls.c:510)
|
||
==61829== by 0x32DBE5: ssl_cf_connect (vtls.c:1679)
|
||
==61829== by 0x27ABD7: Curl_conn_cf_connect (cfilters.c:307)
|
||
==61829== by 0x27D9CF: cf_setup_connect (connect.c:1199)
|
||
==61829== by 0x27ABD7: Curl_conn_cf_connect (cfilters.c:307)
|
||
==61829== by 0x283CEA: cf_hc_baller_connect (cf-https-connect.c:135)
|
||
|
||
Closes #13272
|
||
|
||
Viktor Szakats (3 Apr 2024)
|
||
|
||
- appveyor: OpenSSL 3 no longer found by CMake, revert to 1.1.1
|
||
|
||
OpenSSL moved directories, and bumped versions in AppVeyor CI.
|
||
|
||
Downgrading is not an ideal solution, but however trivial the solution
|
||
may be, I failed to come with anything that made CMake recognize either
|
||
OpenSSL 3.1 or 3.2.
|
||
|
||
Possibly caused by:
|
||
https://github.com/appveyor/build-images/commit/702e8cdca01f28f6a40687783f493
|
||
c786cebbe2c
|
||
https://github.com/appveyor/build-images/pull/149
|
||
|
||
Closes #13266
|
||
|
||
hongfei.li (3 Apr 2024)
|
||
|
||
- winbuild: use $(RC) correctly
|
||
|
||
Cloes #13267
|
||
|
||
Daniel Stenberg (3 Apr 2024)
|
||
|
||
- dist: remove the curl-config.1 from the tarball
|
||
|
||
The markdown file is already there and the .1 file gets generated in the
|
||
build.
|
||
|
||
Ref: #13250
|
||
Closes #13268
|
||
|
||
- curl_global_trace.md: shorten the description
|
||
|
||
Closes #13263
|
||
|
||
- test1901: verify chunked POST from callback with CURLOPT_POSTFIELDSIZE set
|
||
|
||
Follow-up to 721941aadf4ad
|
||
|
||
Ref: #13257
|
||
Closes #13262
|
||
|
||
Stefan Eissing (2 Apr 2024)
|
||
|
||
- http: with chunked POST forced, disable length check on read callback
|
||
|
||
- when an application forces HTTP/1.1 chunked transfer encoding
|
||
by setting the corresponding header and instructs curl to use
|
||
the CURLOPT_READFUNCTION, disregard any POST length information.
|
||
- this establishes backward compatibility with previous curl versions
|
||
|
||
Applications are encouraged to not force "chunked", but rather
|
||
set length information for a POST. By setting -1, curl will
|
||
auto-select chunked on HTTP/1.1 and work properly on other HTTP
|
||
versions.
|
||
|
||
Reported-by: Jeff King
|
||
Fixes #13229
|
||
Closes #13257
|
||
|
||
Jay Satiro (1 Apr 2024)
|
||
|
||
- INSTALL-CMAKE.md: explain `cmake -G <generator-name>`
|
||
|
||
- Explain that CMake's -G option can be used to specify which build
|
||
system to generate files for.
|
||
|
||
Example: cmake ../curl -G "MinGW Makefiles"
|
||
|
||
Ref: https://github.com/curl/curl/pull/12224#issuecomment-2026813645
|
||
|
||
Closes https://github.com/curl/curl/pull/13244
|
||
|
||
Daniel Stenberg (1 Apr 2024)
|
||
|
||
- libcurl-opts: mention pipelining less
|
||
|
||
libcurl has not supported HTTP pipelining since many years. Remove a few
|
||
(more) mentions of the feature.
|
||
|
||
Closes #13254
|
||
|
||
Daniel McCarney (31 Mar 2024)
|
||
|
||
- m4: reposition USE_RUSTLS="yes" for pkg-config
|
||
|
||
It's necessary to set this var to "yes" _after_ AC_DEFINE and AC_SUBST
|
||
in order for a later `test` to pass so that `check_for_ca_bundle=1` ends
|
||
up being set. This is in turn required for the default CA certificate
|
||
bundle to be set when building w/ rustls & pkg-config.
|
||
|
||
Reported-by: Matt Jolly
|
||
Fixes #13248
|
||
Closes #13251
|
||
|
||
Daniel Stenberg (31 Mar 2024)
|
||
|
||
- maketgz: put docs/RELEASE-TOOL.md into the tarball
|
||
|
||
Generated with scripts/release-tools.sh
|
||
|
||
The script lists the exact Debian package names and version numbers for
|
||
the tools that are used to generate the tarball.
|
||
|
||
Closes #13239
|
||
|
||
- cd2nroff/manage: use UTC when SOURCE_DATE_EPOCH is set
|
||
|
||
Make them independent of the TZ setting. Also set a date string like
|
||
YYYY-MM-DD to avoid a local month name in the date.
|
||
|
||
Reported-by: Carlos Henrique Lima Melara
|
||
Fixes #13242
|
||
Closes #13243
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- docs/MAIL-ETIQUETTE: convert to markdown
|
||
|
||
To render nicer. To get spellchecked.
|
||
|
||
Closes #13247
|
||
|
||
- reuse: add copyright + license info to individual docs/*.md files
|
||
|
||
Instead of use 'docs/*.md' in dep5. For clarity and avoiding a wide-
|
||
matching wildcard.
|
||
|
||
+ Remove mention of old files from .reuse/dep5
|
||
+ add info to .github/dependabot.yml
|
||
+ make scripts/copyright.pl warn on non-matching patterns
|
||
|
||
Closes #13245
|
||
|
||
- test470: warn about unicode quote character read from config file
|
||
|
||
Idea-by: Emanuele Torre
|
||
|
||
- test469: verify warning when argument has unicode quote
|
||
|
||
- tool_getparam: output warning for leading unicode quote character
|
||
|
||
... in the option argument.
|
||
|
||
Typically this is a mistake done when copying example command lines from
|
||
online documentation using the wrong quote character.
|
||
|
||
Presumably there are also other potential quote characters that might be
|
||
used, and this check is done without even knowing that unicode is used!
|
||
|
||
Reported-by: Sanjay Pujare
|
||
Fixes #13214
|
||
Closes #13215
|
||
|
||
- tool: follow-up getenv fix
|
||
|
||
Remove a double free. Change the IPFS env use to a plain getenv() simply
|
||
because coverity gets confused.
|
||
|
||
Follow-up to 9126b141c9398fe
|
||
Closes #13241
|
||
|
||
- idn: make Curl_idnconvert_hostname() use Curl_idn_decode()
|
||
|
||
In the name of less code duplication
|
||
|
||
Closes #13236
|
||
|
||
- curl-confopts.m4: define CARES_NO_DEPRECATED when c-ares is used
|
||
|
||
Starting in 1.28.0 c-ares added deprecation warnings for some API calls
|
||
libcurl uses.
|
||
|
||
Closes #13240
|
||
|
||
- vquic: use CURL_FORMAT_CURL_OFF_T for 64 bit printf output
|
||
|
||
Reported-by: Keitagit-kun on github
|
||
Fixes #13224
|
||
Closes #13231
|
||
|
||
- openldap: create ldap URLs correctly for IPv6 addresses
|
||
|
||
Reported-by: Sergio Durigan Junior
|
||
Fixes #13228
|
||
Closes #13235
|
||
|
||
- curl: use curl_getenv instead of the curlx_ version
|
||
|
||
The curlx one was once introduced when we still considered dropping the
|
||
libcurl function at some point. To reduce confusion and to make it
|
||
easier to understand when curl_free() should be used, use the actual
|
||
libcurl function call directly instead.
|
||
|
||
Closes #13230
|
||
|
||
Evgeny Grin (Karlson2k) (30 Mar 2024)
|
||
|
||
- curl_sha512_256: do not use workaround for NetBSD when not needed
|
||
|
||
Assisted-by: riastradh on github
|
||
Assisted-by: Michael Kaufmann
|
||
Closes #13225
|
||
|
||
Matt Jolly (30 Mar 2024)
|
||
|
||
- m4: fix rustls pkg-config codepath
|
||
|
||
The previous pkg-config code would successfully detect rustls but did
|
||
not set all appropriate variables and call the right macros to properly
|
||
configure cURL.
|
||
|
||
Reported-by: kpcyrd on github
|
||
Fixes #13200
|
||
Closes #13202
|
||
|
||
Daniel McCarney (30 Mar 2024)
|
||
|
||
- deps: update librustls 0.12.0 -> 0.13.0
|
||
|
||
This commit updates the optional rustls-ffi librustls dependency from
|
||
0.12.0 to 0.13.0. This version is based on the latest available rustls
|
||
release (0.23.4).
|
||
|
||
The breaking API changes from 0.12.0 to 0.13.0 are in API surface unused
|
||
by curl, so this is an in-place update without any code changes.
|
||
|
||
The `RUSTLS.md` documentation is updated to reflect the new version in
|
||
use, and to clarify that `cbindgen` isn't required to build `librustls`
|
||
- it's only used by developers to update the vendored `rustls.h` header
|
||
file maintained upstream.
|
||
|
||
Closes #13238
|
||
|
||
Daniel Stenberg (28 Mar 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- tool_xattr: "guess" URL scheme if none is provided
|
||
|
||
... when figuring out the source URL to store.
|
||
|
||
Reported-by: Dagfinn Ilmari Mannsåker
|
||
Fixes #13205
|
||
Closes #13221
|
||
|
||
- tool_xattr: in debug builds, act normally if CURL_FAKE_XATTR is not set
|
||
|
||
Closes #13220
|
||
|
||
Stefan Eissing (28 Mar 2024)
|
||
|
||
- content_encoding: brotli and others, pass through 0-length writes
|
||
|
||
- curl's transfer handling may write 0-length chunks at the end of the
|
||
download with an EOS flag. (HTTP/2 does this commonly)
|
||
|
||
- content encoders need to pass-through such a write and not count this
|
||
as error in case they are finished decoding
|
||
|
||
Fixes #13209
|
||
Fixes #13212
|
||
Closes #13219
|
||
|
||
Tobias Stoeckmann (28 Mar 2024)
|
||
|
||
- libssh2: set length to 0 if strdup failed
|
||
|
||
Internally, libssh2 dereferences the NULL pointer if length is non-zero.
|
||
The callback function cannot return the error condition, so at least
|
||
prevent subsequent crash.
|
||
|
||
Closes #13213
|
||
|
||
Daniel Stenberg (28 Mar 2024)
|
||
|
||
- RELEASE-PROCEDURE: mention an initial working build
|
||
|
||
This is the step that was not done and caused the 8.7.0 mishap (it
|
||
lacked the correctly generated hugehelp file).
|
||
|
||
Remove the mention of the copyright script as this is verified by a CI
|
||
job these days: the REUSE one.
|
||
|
||
Closes #13216
|
||
|
||
Paul Howarth (28 Mar 2024)
|
||
|
||
- curl_sha512_255: fix detection of OpenSSL 1.1.1 or later
|
||
|
||
Use the same OPENSSL_VERSION_NUMBER comparison as in lib/vtls/openssl.c.
|
||
|
||
Closes #13208
|
||
|
||
Robert Moreton (28 Mar 2024)
|
||
|
||
- cf-socket: remove references to l_ip, l_port
|
||
|
||
Fixes #13210
|
||
Closes #13211
|
||
|
||
Daniel Stenberg (28 Mar 2024)
|
||
|
||
- openssl: do not set SSL_MODE_RELEASE_BUFFERS
|
||
|
||
While it might save some memory, it causes OpenSSL to instead do a huge
|
||
amount of allocations.
|
||
|
||
Ref: #13136
|
||
Closes #13203
|
||
|
||
- curl: make --help adapt to the terminal width
|
||
|
||
Instead of assuming and working with 80 colums, try figuring out what
|
||
width is actually used.
|
||
|
||
Ref: #13141
|
||
|
||
Closes #13171
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
and bump to 8.7.2 for now
|
||
|
||
- configure: make --disable-docs imply --disable-manual
|
||
|
||
Because when the docs is not built, the necesary curl.txt file is not
|
||
present so then the manual cannot get built.
|
||
|
||
Reported-by: Harry Sintonen
|
||
Closes #13191
|
||
|
||
Chris Webb (27 Mar 2024)
|
||
|
||
- cmdline-docs: fix make install with configure --disable-docs
|
||
|
||
make -C docs/cmdline-opts install depends on all-am, which in turn
|
||
depends on $(MANS), unconditionally defined to be $(man_MANS).
|
||
|
||
As with CLEANFILES, only add curl.1 to man_MANS when BUILD_DOCS is true
|
||
so we don't try to build curl.1 unnecessarily.
|
||
|
||
Closes #13198
|
||
|
||
Version 8.7.1 (27 Mar 2024)
|
||
|
||
Daniel Stenberg (27 Mar 2024)
|
||
|
||
- RELEASE-PROCEDURE: remove old release dates, add new pending ones
|
||
|
||
Version 8.7.0 (27 Mar 2024)
|
||
|
||
Daniel Stenberg (27 Mar 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
curl 8.7.0 release
|
||
|
||
- THANKS: new contributors from the 8.7.0 release
|
||
|
||
- CURLOPT_POSTFIELDS.md: used for MQTT as well
|
||
|
||
Closes #13189
|
||
|
||
- http: remove stale comment about rewindbeforesend
|
||
|
||
... because that struct field exists no more.
|
||
|
||
Follow-up to 14bcea074a782272.
|
||
|
||
Closes #13187
|
||
|
||
- DISTROS: add document with distro pointers
|
||
|
||
Lots of organizations distribute curl packages to end users. This is a
|
||
collection of pointers to where to learn more about curl on and with
|
||
each distro.
|
||
|
||
Assisted-by: Alan Coopersmith
|
||
Assisted-by: Andrew Kaster
|
||
Assisted-by: Andy Fiddaman
|
||
Assisted-by: Arjan van de Ven
|
||
Assisted-by: Brian Clemens
|
||
Assisted-by: chrysos349 on github
|
||
Assisted-by: Dan Fandrich
|
||
Assisted-by: Dan McDonald
|
||
Assisted-by: Gaelan Steele
|
||
Assisted-by: graywolf on github
|
||
Assisted-by: Jan Macku
|
||
Assisted-by: John Marshall
|
||
Assisted-by: Jonathan Perkin
|
||
Assisted-by: Kevin Daudt
|
||
Assisted-by: Marcus Müller
|
||
Assisted-by: Michał Górny
|
||
Assisted-by: Outvi V
|
||
Assisted-by: Ross Burton
|
||
Assisted-by: Sean Molenaar
|
||
Assisted-by: Till Wegmüller
|
||
Assisted-by: Viktor Szakats
|
||
Assisted-by: Winni Neessen
|
||
|
||
Closes #13178
|
||
|
||
Fabian Keil (25 Mar 2024)
|
||
|
||
- wolfSSL: do not call the stub function wolfSSL_BIO_set_init()
|
||
|
||
Calling the function isn't necessary and causes the build
|
||
to fail when wolfSSL has been compiled with NO_WOLFSSL_STUB:
|
||
|
||
Making all in opts
|
||
CCLD curl
|
||
ld: error: undefined symbol: wolfSSL_BIO_set_init
|
||
>>> referenced by wolfssl.c:235 (vtls/wolfssl.c:235)
|
||
>>> libcurl_la-wolfssl.o:(wolfssl_bio_cf_create) in archiv
|
||
e ../lib/.libs/libcurl.a
|
||
cc: error: linker command failed with exit code 1 (use -v to see invocat
|
||
ion)
|
||
*** Error code 1
|
||
|
||
Closes #13164
|
||
|
||
Daniel Stenberg (25 Mar 2024)
|
||
|
||
- cmdline-opts: shorter help texts
|
||
|
||
In an effort to increase the readability of the "--help all" output on
|
||
narrow (80 column) terminals.
|
||
|
||
Co-authored-by: Jay Satiro
|
||
|
||
Closes #13169
|
||
|
||
Matt Jolly (25 Mar 2024)
|
||
|
||
- curl-rustls.m4: add pkg-config support to rustls detection
|
||
|
||
Based on the existing openssl pkg-config detection, this commit tries to
|
||
use pkg-config to find `rustls` then falls back to the current approach
|
||
if that fails.
|
||
|
||
We use the following logic:
|
||
|
||
- if no path is provided, just use pkg-config, if it's not there we have
|
||
a problem!
|
||
- if a path is provided, try pkg-config
|
||
+ if pkg-config fails, try and find rustls directly
|
||
|
||
Closes #13179
|
||
|
||
Mohammadreza Hendiani (25 Mar 2024)
|
||
|
||
- TODO: update 13.11 with more information
|
||
|
||
Closes #13173
|
||
|
||
Daniel Stenberg (23 Mar 2024)
|
||
|
||
- docs/libcurl: generate PROTOCOLS from meta-data
|
||
|
||
Remove the PROTOCOLS section from the source files completely and
|
||
instead generate them based on the header data in the curldown files.
|
||
|
||
It also generates TLS backend information for options marked for TLS as
|
||
protocol.
|
||
|
||
Closes #13175
|
||
|
||
- CURLMOPT_MAX*: mention what happens if changed mid-transfer
|
||
|
||
For CURLMOPT_MAXCONNECTS and CURLMOPT_MAX_HOST_CONNECTIONS
|
||
|
||
Ref: #13158
|
||
Closes #13176
|
||
|
||
- docs/libcurl: add TLS backend info for all TLS options
|
||
|
||
All man pages that are listed to be for TLS now must also specify
|
||
exactly what TLS backends the option works for, or use All if they all
|
||
work.
|
||
|
||
cd2nroff makes sure this is done and that the listed backends exist.
|
||
|
||
Closes #13168
|
||
|
||
- docs/libcurl: cleanups
|
||
|
||
- CURLINFO_TLS_SESSION.md: remove mention of NSS
|
||
- CURLINFO_TLS_SSL_PTR.md: remove NSS leftover
|
||
- CURLOPT_CAINFO.md: drop mention of backends not supporting this
|
||
- CURLOPT_CAPATH.md: wolfSSL also supports this
|
||
|
||
Closes #13166
|
||
|
||
- docs: make each libcurl man specify protocol(s)
|
||
|
||
The mandatory header now has a mandatory list of protocols for which the
|
||
manpage is relevant.
|
||
|
||
Most man pages already has a "PROTOCOLS" section, but this introduces a
|
||
stricter way to specify the relevant protocols.
|
||
|
||
cd2nroff verifies that at least one protocol is mentioned (which can be
|
||
`*`).
|
||
|
||
This information is not used just yet, but A) the PROTOCOLS section can
|
||
now instead get generated and get a unified wording across all manpages
|
||
and B) this allows us to more reliably filter/search for protocol
|
||
specific manpages/options.
|
||
|
||
Closes #13166
|
||
|
||
Stefan Eissing (21 Mar 2024)
|
||
|
||
- http2, http3: only return CURLE_PARTIAL_FILE when bytes were received
|
||
|
||
- should resolve spurious pytest failures when stream were reset
|
||
right after response header were received
|
||
|
||
Clsoes #13151
|
||
|
||
- http: separate response parsing from response action
|
||
|
||
- move code that triggers on end-of-response into separate function from
|
||
parsing
|
||
- simplify some headp/headerlen usage
|
||
- add `httpversion` to SingleRequest to indicate the version of the
|
||
current response
|
||
|
||
Closes #13134
|
||
|
||
Daniel Stenberg (21 Mar 2024)
|
||
|
||
- http2: remove the third (unused) argument from http2_data_done()
|
||
|
||
Closes #13154
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Evgeny Grin (Karlson2k) (21 Mar 2024)
|
||
|
||
- RELEASE-NOTES: corrected
|
||
|
||
Corrected link for item 118
|
||
|
||
Closes #13157
|
||
|
||
Daniel Stenberg (19 Mar 2024)
|
||
|
||
- CURLOPT_INTERFACE.md: remove spurious amp, add see-also
|
||
|
||
Closes #13149
|
||
|
||
Stefan Eissing (19 Mar 2024)
|
||
|
||
- http: improve response header handling, save cpu cycles
|
||
|
||
Saving some cpu cycles in http response header processing:
|
||
- pass the length of the header line along
|
||
- use string constant sizeof() instead of strlen()
|
||
- check line length if prefix is possible
|
||
- switch on first header char to limit checks
|
||
|
||
Closes #13143
|
||
|
||
Daniel Stenberg (19 Mar 2024)
|
||
|
||
- tool_getparam: accept a blank -w ""
|
||
|
||
Added test 468 to verify.
|
||
|
||
Regression from 07bcae89d5d00 (shipped in 8.6.0)
|
||
Reported-by: Thomas Pyle
|
||
Fixes #13144
|
||
Closes #13145
|
||
|
||
Evgeny Grin (Karlson2k) (18 Mar 2024)
|
||
|
||
- curl_sha512_256: work around a NetBSD bug
|
||
|
||
Based on Michael Kaufmann analysis and suggestion
|
||
|
||
Closes #13133
|
||
|
||
Stefan Eissing (18 Mar 2024)
|
||
|
||
- http: expect 100 rework
|
||
|
||
Move all handling of HTTP's `Expect: 100-continue` feature into a client
|
||
reader. Add sending flag `KEEP_SEND_TIMED` that triggers transfer
|
||
sending on general events like a timer.
|
||
|
||
HTTP installs a `CURL_CR_PROTOCOL` reader when announcing `Expect:
|
||
100-continue`. That reader works as follows:
|
||
|
||
- on first invocation, records time, starts the `EXPIRE_100_TIMEOUT`
|
||
timer, disables `KEEP_SEND`, enables `KEEP_SEND_TIMER` and returns 0,
|
||
eos=FALSE like a paused upload.
|
||
|
||
- on subsequent invocation it checks if the timer has expired. If so, it
|
||
enables `KEEP_SEND` and switches to passing through reads to the
|
||
underlying readers.
|
||
|
||
Transfer handling's `readwrite()` will be invoked when a timer expires
|
||
(like `EXPIRE_100_TIMEOUT`) or when data from the server arrives. Seeing
|
||
`KEEP_SEND_TIMER`, it will try to upload more data, which triggers
|
||
reading from the client readers again. Which then may lead to a new
|
||
pausing or cause the upload to start.
|
||
|
||
Flags and timestamps connected to this have been moved from
|
||
`SingleRequest` into the reader's context.
|
||
|
||
Closes #13110
|
||
|
||
- mbedtls: fix pytest for newer versions
|
||
|
||
Fix the expectations in pytest for newer versions of mbedtls
|
||
|
||
Closes #13132
|
||
|
||
Daniel Stenberg (15 Mar 2024)
|
||
|
||
- ipv6.md: mention IPv4 mapped addresses
|
||
|
||
Reported-by: Josh Soref
|
||
Assisted-by: Jay Satiro
|
||
Fixes #13112
|
||
Closes #13131
|
||
|
||
Stefan Eissing (15 Mar 2024)
|
||
|
||
- http: revisit http_perhapsrewind()
|
||
|
||
- use facilities provided by client readers better
|
||
- work also for non-uploading requests like GET/HEAD
|
||
- update documentation
|
||
|
||
Closes #13117
|
||
|
||
- test 1541: verify getinfo values on first header callback
|
||
|
||
Reported-by: chensong1211 on github
|
||
Ref: #13125
|
||
Closes #13128
|
||
|
||
- TLS: start shutdown only when peer did not already close
|
||
|
||
- When curl sees a TCP close from the peer, do not start a TLS shutdown.
|
||
TLS shutdown is a handshake and if the peer already closed the
|
||
connection, it is not interested in participating.
|
||
|
||
Reported-by: dfdity on github
|
||
Assisted-by: Jiří Bok
|
||
Assisted-by: Pēteris Caune
|
||
Fixes #10290
|
||
Closes #13087
|
||
|
||
Daniel Stenberg (14 Mar 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- curl: make --libcurl output better CURLOPT_*SSLVERSION
|
||
|
||
The option is really two enums ORed together, so it needs special
|
||
attention to make the code output nice.
|
||
|
||
Added test 1481 to verify. Both the server and the proxy versions.
|
||
|
||
Reported-by: Boris Verkhovskiy
|
||
Fixes #13127
|
||
Closes #13129
|
||
|
||
- GHA/linux: add sysctl trick to work-around GitHub runner issue
|
||
|
||
The GitHub image runner update from 20240304.1.0 to 20240310.1
|
||
introduces a problem for clang-14. The issue is caused by
|
||
incompatibility between llvm 14 provided in ubuntu-22.04 image and the
|
||
much newer kernel configured with high-entropy ASLR.
|
||
|
||
As a work-around, we issue a sysctl command to lower the entropy and get
|
||
clang-14 to work again.
|
||
|
||
URL: https://github.com/actions/runner-images/issues/9491
|
||
|
||
Closes #13124
|
||
|
||
- SPONSORS: describe the basics
|
||
|
||
Closes #13119
|
||
|
||
- GOVERNANCE: document the core team
|
||
|
||
Closes #13118
|
||
|
||
Jay Satiro (13 Mar 2024)
|
||
|
||
- vquic-tls: fix the error code returned for bad CA file
|
||
|
||
- Return CURLE_SSL_CACERT_BADFILE if wolfSSL encounters a problem
|
||
reading the cert file or path.
|
||
|
||
This is a follow-up to the parent commit aedbbdf1.
|
||
|
||
Reported-by: Karthikdasari0423@users.noreply.github.com
|
||
|
||
Fixes https://github.com/curl/curl/issues/13115
|
||
|
||
Daniel Stenberg (12 Mar 2024)
|
||
|
||
- vquic-tls: return appropirate errors on wolfSSL errors
|
||
|
||
Reported-by: Dexter Gerig
|
||
Closes #13107
|
||
|
||
Viktor Szakats (12 Mar 2024)
|
||
|
||
- tidy-up: one comment and EOF newlines
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13108
|
||
|
||
Daniel Stenberg (12 Mar 2024)
|
||
|
||
- cmdline-opts: language cleanups
|
||
|
||
Use imperative mood consistently for the first sentence describing an
|
||
option.
|
||
|
||
"Set this" instead "tell curl to set" or "this sets..."
|
||
|
||
Plus some extra cleanups and rephrasing.
|
||
|
||
Closes #13106
|
||
|
||
- managen: remove space before protocols
|
||
|
||
For options that are listed for specific protocols, the protocols (shown
|
||
first within parentheses) are now output without the leading space in the
|
||
manpage output.
|
||
|
||
Closes #13105
|
||
|
||
Jay Satiro (12 Mar 2024)
|
||
|
||
- mbedtls: properly cleanup the thread-shared entropy
|
||
|
||
- Store the state of the thread-shared entropy for global init/cleanup.
|
||
|
||
- Use curl's thread support of mbedtls for all Windows builds instead of
|
||
just when the threaded resolver is used via USE_THREADS_WIN32.
|
||
|
||
Prior to this change on global cleanup curl builds that have curl thread
|
||
support for mbedtls freed the entropy (8b1d2298) but failed to mark that
|
||
it had been freed, which caused problems on subsequent init + transfer.
|
||
|
||
Bug: https://github.com/curl/curl/discussions/11919#discussioncomment-8687105
|
||
Reported-by: awesomekosm@users.noreply.github.com
|
||
|
||
Closes https://github.com/curl/curl/pull/13071
|
||
|
||
Daniel Stenberg (12 Mar 2024)
|
||
|
||
- tool_getparam: handle non-existing (out of range) short-options
|
||
|
||
... correctly, even when they follow an existing one without a space in
|
||
between.
|
||
|
||
Verify with test 467
|
||
|
||
Follow-up to 07dd60c05b
|
||
Reported-by: Geeknik Labs
|
||
Fixes #13101
|
||
Closes #13102
|
||
|
||
Stefan Eissing (11 Mar 2024)
|
||
|
||
- lib: move 'done' parameter to SingleRequests
|
||
|
||
A transfer may do several `SingleRequest`s for its success. This happens
|
||
regularly for authentication, follows and retries on failed connections.
|
||
The "readwrite()" calls and functions connected to those carried a `bool
|
||
*done` parameter to indicate that the current `SingleRequest` is over.
|
||
This may happen before `upload_done` or `download_done` bits of
|
||
`SingleRequest` are set.
|
||
|
||
The problem with that is now `write_resp()` protocol handlers are
|
||
invoked in places where the `bool *done` cannot be passed up to the
|
||
caller. Instead of being a bool in the call chain, it needs to become a
|
||
member of `SingleRequest`, reflecting its state.
|
||
|
||
This removes the `bool *done` parameter and adds the `done` bit to
|
||
`SingleRequest` instead. It adds `Curl_req_soft_reset()` for using a
|
||
`SingleRequest` in a follow up, clearing `done` and other
|
||
flags/counters.
|
||
|
||
Closes #13096
|
||
|
||
- request: clarify message when request has been sent off
|
||
|
||
Change the "uploaded and fine" message for requests without a body
|
||
|
||
Reported-by: Karthikdasari0423 on github
|
||
Fixes #13093
|
||
Closes #13095
|
||
|
||
Daniel Stenberg (11 Mar 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Stefan Eissing (9 Mar 2024)
|
||
|
||
- lib: keep conn IP information together
|
||
|
||
new struct ip_quadruple for holding local/remote addr+port
|
||
|
||
- used in data->info and conn and cf-socket.c
|
||
- copy back and forth complete struct
|
||
- add 'secondary' to conn
|
||
- use secondary in reporting success for ftp 2nd connection
|
||
|
||
Reported-by: DasKutti on github
|
||
Fixes #13084
|
||
Closes #13090
|
||
|
||
Daniel Stenberg (8 Mar 2024)
|
||
|
||
- scripts/managen: the new name and home for the manpage generator
|
||
|
||
It was previously docs/cmdline-opts/gen.pl
|
||
|
||
Closes #13089
|
||
|
||
- VULN-DISCLOSURE-POLICY.md: update detail about CVE requests
|
||
|
||
curl is a CNA now
|
||
|
||
Closes #13088
|
||
|
||
Stefan Eissing (8 Mar 2024)
|
||
|
||
- lib: client reader polish
|
||
|
||
- seek_func/seek_client, use transfer values only
|
||
- remove copies held in `struct connectdata`, use only
|
||
ever `data->set.seek_func`
|
||
- resolves possible issues in multiuse connections
|
||
- new mime post reader eliminates need to ever overwriting this
|
||
|
||
- websockets, remove empty Curl_ws_done() function
|
||
|
||
Closes #13079
|
||
|
||
Marcel Raad (8 Mar 2024)
|
||
|
||
- lib1598: fix `CURLOPT_POSTFIELDSIZE` usage
|
||
|
||
It requires a `long` argument.
|
||
|
||
Closes https://github.com/curl/curl/pull/13085
|
||
|
||
Daniel Stenberg (8 Mar 2024)
|
||
|
||
- docs/cmdline-opts: drop the curl.1 from the dist tarball
|
||
|
||
Since it is no longer needed for building tool_hugehelp.c and all the
|
||
docs is available in readable markdown format in the tarball, the peeps
|
||
that don't want to build the manpage still do good.
|
||
|
||
Removing it also fixes the complexity of out-of-tree builds when the
|
||
curl.1 exists in the source tree.
|
||
|
||
- test1140/1173: extend wildcards to find curl.1
|
||
|
||
... in its new build path.
|
||
|
||
Also update the test scripts to be more precise in error messages to
|
||
help us understand CI errors better.
|
||
|
||
Follow-up to f03c85635f35269f1
|
||
Ref: #13029
|
||
Closes #13083
|
||
|
||
- http2: minor tweaks to optimize two struct sizes
|
||
|
||
- use BIT() instead of bool
|
||
- place the struct fields in (roughly) size order
|
||
|
||
Closes #13082
|
||
|
||
- buildconf.bat: remove outdated groff/nroff use
|
||
|
||
- don't try to generate the real hugehelp file, because it requires
|
||
curl.txt which needs a build
|
||
- don't attempt to do anything in a c-ares subdirectory
|
||
|
||
Follow-up to f03c85635f35269
|
||
Closes #13078
|
||
|
||
- http2: memory errors in the push callbacks are fatal
|
||
|
||
Use the correct nghttp2 error code accordingly.
|
||
|
||
Closes #13081
|
||
|
||
Viktor Szakats (7 Mar 2024)
|
||
|
||
- mkhelp: rename variable to fix compiler warnings
|
||
|
||
```
|
||
src\tool_operate.c(541,33): warning C4459: declaration of 'm' hides global de
|
||
claration [_bld\src\curl.vcxproj]
|
||
_bld\src\tool_hugehelp.c(8,27):
|
||
see declaration of 'm'
|
||
src\tool_paramhlp.c(307,14): warning C4459: declaration of 'm' hides global d
|
||
eclaration [_bld\src\curl.vcxproj]
|
||
src\tool_progress.c(118,16): warning C4459: declaration of 'm' hides global d
|
||
eclaration [_bld\src\curl.vcxproj]
|
||
src\tool_writeout.c(288,31): warning C4459: declaration of 'm' hides global d
|
||
eclaration [_bld\src\curl.vcxproj]
|
||
```
|
||
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/49348159/job/51ee75c
|
||
d2n0wj6lc#L614
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13077
|
||
|
||
Daniel Stenberg (7 Mar 2024)
|
||
|
||
- KNOWN_BUGS: POP3 issue when reading small chunks
|
||
|
||
Closes #12063
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Robert Moreton (7 Mar 2024)
|
||
|
||
- asyn-ares: fix data race warning
|
||
|
||
- Store the c-ares version during global init.
|
||
|
||
Prior to this change several threads could write the same data to a
|
||
static int variable at the same time. Though in practice it's not a
|
||
problem ThreadSanitizer may warn.
|
||
|
||
Reported-by: Nikita Taranov
|
||
Assisted-by: Jay Satiro
|
||
|
||
Fixes #13065
|
||
Closes #13000
|
||
|
||
Stefan Eissing (7 Mar 2024)
|
||
|
||
- hyper: implement unpausing via client reader
|
||
|
||
Just a tidy up to contain 'ifdef' pollution of common
|
||
code parts with implementation specifics.
|
||
|
||
- remove the ifdef hyper unpausing in easy.c
|
||
- add hyper client reader for CURL_CR_PROTOCOL phase
|
||
that implements the unpause method for calling
|
||
the hyper waker if it is set
|
||
|
||
Closes #13075
|
||
|
||
- ngtcp2: no recvbuf for stream
|
||
|
||
- write response data directly to the transfer via
|
||
`Curl_xfer_write_resp()` like we do in HTTP/2.
|
||
|
||
Closes #13073
|
||
|
||
- docs/cmdline-opts/.gitignore: ignore curl.txt
|
||
|
||
Closes #13076
|
||
|
||
Evgeny Grin (Karlson2k) (7 Mar 2024)
|
||
|
||
- sha512_256: add support for GnuTLS and OpenSSL
|
||
|
||
This is a follow-up for PR #12897.
|
||
|
||
Add support for SHA-512/256 digest calculation by TLS backends.
|
||
Currently only OpenSSL and GnuTLS (actually, nettle) support
|
||
SHA-512/256.
|
||
|
||
Closes #13070
|
||
|
||
- digest: add check for hashing error
|
||
|
||
Closes #13072
|
||
|
||
Viktor Szakats (7 Mar 2024)
|
||
|
||
- cmake: enable `ENABLE_CURL_MANUAL` by default
|
||
|
||
Meaning `curl.1` and `src/tool_hugehelp.c` are built by default,
|
||
and `--manual` in curl tool is also enabled by default.
|
||
|
||
This syncs behaviour with autotools.
|
||
|
||
For a reproducible `curl.1`, `SOURCE_DATE_EPOCH` needs to be set
|
||
to a consistent date, e.g. the timestamp of `CHANGES`.
|
||
|
||
A pre-built manual (e.g. the one distributed in the official source
|
||
tarball) will be ignored and rebuilt after this patch, unless
|
||
explicitly disabling this option.
|
||
|
||
Fixes #13028
|
||
Closes #13069
|
||
|
||
Stefan Eissing (7 Mar 2024)
|
||
|
||
- http2: push headers better cleanup
|
||
|
||
- provide common cleanup method for push headers
|
||
|
||
Closes #13054
|
||
|
||
Daniel Stenberg (7 Mar 2024)
|
||
|
||
- GIT-INFO: convert to markdown
|
||
|
||
Closes #13074
|
||
|
||
Richard Levitte (7 Mar 2024)
|
||
|
||
- cmake: fix libcurl.pc and curl-config library specifications
|
||
|
||
Letting CMake figure out where libraries are located gives you full
|
||
paths. When generating libcurl.pc and curl-config, getting libraries as
|
||
full paths is unusual when one expects to get a list of -l<libname>.
|
||
|
||
To meet expectations, an effort is made to convert the full paths into
|
||
-l<libname>, possibly with -L<libdir> before it.
|
||
|
||
Fixes #6169
|
||
Fixes #12748
|
||
Closes #12930
|
||
|
||
Daniel Stenberg (7 Mar 2024)
|
||
|
||
- test463: HTTP with -d @file with file containing CR, LF and null byte
|
||
|
||
- paramhlp: fix CRLF-stripping files with "-d @file"
|
||
|
||
All CR and LF bytes should be stripped, as documented, and all other
|
||
bytes are inluded in the data. Starting now, it also excludes null bytes
|
||
as they would otherwise also cut the data short.
|
||
|
||
Reported-by: Simon K
|
||
Fixes #13063
|
||
Closes #13064
|
||
|
||
Viktor Szakats (7 Mar 2024)
|
||
|
||
- cmake: fix `CURL_WINDOWS_SSPI=ON` with Schannel disabled
|
||
|
||
Prior to this change `CURL_WINDOWS_SSPI` was accidentally forced `OFF`
|
||
when building without the Schannel TLS backend.
|
||
|
||
This in turn may have caused Kerberos, SPNEGO and SSPI features
|
||
disappearing even with `CURL_WINDOWS_SSPI=ON` set.
|
||
|
||
This patch fixes it by using the `CURL_USE_SCHANNEL` setting as a
|
||
default for `CURL_WINDOWS_SSPI`, but allowing a manual override.
|
||
|
||
Also update the option text to better tell its purpose.
|
||
|
||
Thanks-to: Andreas Loew
|
||
Reviewed-by: Daniel Stenberg
|
||
Ref: #13056
|
||
Closes #13061
|
||
|
||
Jay Satiro (6 Mar 2024)
|
||
|
||
- KNOWN_BUGS: FTPS server compatibility on Windows with Schannel
|
||
|
||
- Remove "2.12 FTPS with Schannel times out file list operation"
|
||
|
||
- Remove "7.12 FTPS directory listing hangs on Windows with Schannel"
|
||
|
||
- Add "7.12 FTPS server compatibility on Windows with Schannel"
|
||
|
||
This change adds a more generic bug description that explains FTPS with
|
||
the latest curl and Schannel is not widely used and may have more bugs
|
||
than other TLS backends.
|
||
|
||
The two removed FTPS Schannel bugs can't be reproduced any longer and
|
||
were likely fixed by 24d6c288.
|
||
|
||
Ref: https://github.com/curl/curl/issues/5284
|
||
Ref: https://github.com/curl/curl/issues/9161
|
||
Ref: https://github.com/curl/curl/issues/12894
|
||
|
||
Closes https://github.com/curl/curl/pull/13032
|
||
|
||
- trace-config.md: remove the mutexed options list
|
||
|
||
- Remove the rendered manpage message that says:
|
||
"[--trace-config] is mutually exclusive to --trace and -v, --verbose".
|
||
|
||
Actually it can be used with either of those options, which are mutually
|
||
exclusive to each other but not to --trace-config.
|
||
|
||
Ref: https://curl.se/docs/manpage.html#--trace-config
|
||
|
||
Closes https://github.com/curl/curl/pull/13031
|
||
|
||
Daniel Stenberg (6 Mar 2024)
|
||
|
||
- mkhelp: simplify the generated hugehelp program
|
||
|
||
Use a plain array and puts() every line, also allows us to provide the
|
||
strings without ending newlines.
|
||
|
||
- merge blank lines into the next one as a prefixed newline.
|
||
- turn eight consecutive spaces into a tab (since they can only be on the
|
||
left side of text)
|
||
- the newly generated tool_hugehelp is 3K lines shorter and 50K smaller
|
||
- modifies the top logo layout a little by reducing the indent
|
||
|
||
Closes #13047
|
||
|
||
- docs: ascii version of manpage without nroff
|
||
|
||
Create ASCII version of manpage without nroff
|
||
|
||
- build src/tool_hugegelp.c from the ascii manpage
|
||
- move the the manpage and the ascii version build to docs/cmdline-opts
|
||
- remove all use of nroff from the build process
|
||
- should make the build entirely reproducible (by avoiding nroff)
|
||
|
||
- partly reverts 2620aa9 to build libcurl option man pages one by one
|
||
in cmake because the appveyor builds got all crazy until I did
|
||
|
||
The ASCII version of the manpage
|
||
|
||
- is built with gen.pl, just like the manpage is
|
||
- has a right-justified column making the appearance similar to the previous
|
||
version
|
||
- uses a 4-space indent per level (instead of the old version's 7)
|
||
- does not do hyphenation of words (which nroff does)
|
||
|
||
History
|
||
|
||
We first made the curl build use nroff for building the hugehelp file in
|
||
December 1998, for curl 5.2.
|
||
|
||
Closes #13047
|
||
|
||
Stefan Eissing (6 Mar 2024)
|
||
|
||
- lib: add `void *ctx` to reader/writer instances
|
||
|
||
- `struct Curl_cwriter` and `struct Curl_creader` now carry a
|
||
`void *ctx` member that points to the instance as allocated.
|
||
- using `r->ctx` and `w->ctx` as pointer to the instance specific
|
||
struct that has been allocated
|
||
|
||
Reported-by: Rudi Heitbaum
|
||
Fixes #13035
|
||
Closes #13059
|
||
|
||
- http: fix dead code in setting post client reader
|
||
|
||
- postsize was always 0, thus the check's else never happened
|
||
after the mime client reader was introduced
|
||
|
||
Follow-up to 0ba47146f7ff3d
|
||
Closes #13060
|
||
|
||
- http2: fix push discard
|
||
|
||
- fix logic in discarding a failed pushed stream so that
|
||
stream context is properly cleaned up
|
||
|
||
Closes #13055
|
||
|
||
- transfer.c: break receive loop in speed limited transfers
|
||
|
||
- the change breaks looping in transfer.c receive for transfers that are
|
||
speed limited on having gotten *some* bytes.
|
||
- the overall speed limit timing is done in multi.c
|
||
|
||
Reported-by: Dmitry Karpov
|
||
Bug: https://curl.se/mail/lib-2024-03/0001.html
|
||
Closes #13050
|
||
|
||
- mime: add client reader
|
||
|
||
Add `mime` client reader. Encapsulates reading from mime parts, getting
|
||
their length, rewinding and unpausing.
|
||
|
||
- remove special mime handling from sendf.c and easy.c
|
||
- add general "unpause" method to client readers
|
||
- use new reader in http/imap/smtp
|
||
- make some mime functions static that are now only used internally
|
||
|
||
In addition:
|
||
- remove flag 'forbidchunk' as no longer needed
|
||
|
||
Closes #13039
|
||
|
||
Daniel Stenberg (5 Mar 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- TODO: remove "build HTTP/3 with OpenSSL and nghttp3 using cmake"
|
||
|
||
Follow-up to 8e741644a229c37
|
||
|
||
Tal Regev (5 Mar 2024)
|
||
|
||
- cmake: add USE_OPENSSL_QUIC support
|
||
|
||
Closes #13034
|
||
|
||
Stefan Eissing (5 Mar 2024)
|
||
|
||
- TIMER_STARTTRANSFER: set the same for everyone
|
||
|
||
- set TIMER_STARTTRANSFER on seeing the first response bytes
|
||
in the download client writer, not coming from a CONNECT
|
||
- initialized the timer the same way for all protocols
|
||
- remove explicit setting of TIMER_STARTTRANSFER in file.c
|
||
and c-hyper.c
|
||
|
||
Closes #13052
|
||
|
||
Michael Kaufmann (5 Mar 2024)
|
||
|
||
- http: better error message for HTTP/1.x response without status line
|
||
|
||
If a response without a status line is received, and the connection is
|
||
known to use HTTP/1.x (not HTTP/0.9), report the error "Invalid status
|
||
line" instead of "Received HTTP/0.9 when not allowed".
|
||
|
||
Closes #13045
|
||
|
||
Viktor Szakats (5 Mar 2024)
|
||
|
||
- KNOWN_BUGS: fix typo
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #13051
|
||
|
||
Sebastian Neubauer (5 Mar 2024)
|
||
|
||
- smpt: fix starttls
|
||
|
||
In cases where the connection was fast, curl sometimes failed to open a
|
||
connection. This fixes a regression of c2d973627bab12abc5486a3f3.
|
||
|
||
The regression triggered in these steps:
|
||
|
||
1. Create an smtp connection
|
||
2. Use STARTTLS
|
||
3. Receive the response
|
||
4. We are inside the loop in `smtp_statemachine`, calling
|
||
`smtp_state_starttls_resp`
|
||
5. In the good flow, we exit the loop, re-enter `smtp_statemachine` and
|
||
run `smtp_perform_upgrade_tls` at the start of the function.
|
||
|
||
In the bad flow, we stay in the while loop, calling
|
||
`Curl_pp_readresp`, which reads part of the TLS handshake and things
|
||
go wrong.
|
||
|
||
The reason is that `Curl_pp_moredata` changed behavior and always
|
||
returns `true`, so we stay in the loop in `smtp_statemachine`. With a
|
||
slow connection `Curl_pp_readresp` cannot read new data and returns
|
||
`CURL_AGAIN`, so we leave the loop and re-enter `smtp_statemachine`.
|
||
|
||
With a fast connection, `Curl_pp_readresp` reads new data from the tcp
|
||
connection, which is part of the TLS handshake.
|
||
|
||
The fix is in `Curl_pp_moredata`, which needs to take the final line
|
||
into account and return `false` if only the final line is stored.
|
||
|
||
Closes #13048
|
||
|
||
Stefan Eissing (5 Mar 2024)
|
||
|
||
- lib: enhance client reader resume + rewind
|
||
|
||
- update client reader documentation
|
||
- client reader, add rewind capabilities
|
||
- tell creader to rewind on next start
|
||
- Curl_client_reset() will keep reader for future rewind if requested
|
||
- add Curl_client_cleanup() for freeing all resources independent of
|
||
rewinds
|
||
- add Curl_client_start() to trigger rewinds
|
||
- move rewind code from multi.c to sendf.c and make part of
|
||
"cr-in"'s implementation
|
||
- http, move the "resume_from" handling into the client readers
|
||
- the setup of a HTTP request is reshuffled to follow:
|
||
* determine method, target, auth negotiation
|
||
* install the client reader(s) for the request, including crlf
|
||
conversions and "chunked" encoding
|
||
* apply ranges to client reader
|
||
* concat request headers, upgrades, cookies, etc.
|
||
* complete request by determining Content-Length of installed
|
||
readers in combination with method
|
||
* send
|
||
- add methods for client readers to
|
||
* return the overall length they will generate (or -1 when unknown)
|
||
* return the amount of data on the CLIENT level, so that
|
||
expect-100 can decide if it want to apply itself
|
||
* set a "resume_from" offset or fail if unsupported
|
||
- struct HTTP has become largely empty now
|
||
- rename `Client_reader_*` to `Curl_creader_*`
|
||
|
||
Closes #13026
|
||
|
||
Viktor Szakats (5 Mar 2024)
|
||
|
||
- openssl-quic: fix BIO leak and Windows warning
|
||
|
||
Caused by an accidentally duplicated line in
|
||
d6825df334def106f735ce7e0c1a2ea87bddffb0.
|
||
|
||
```
|
||
.../lib/vquic/curl_osslq.c:1095:30: warning: implicit conversion loses intege
|
||
r precision: 'curl_socket_t' (aka 'unsigned long long') to 'int' [-Wshorten-6
|
||
4-to-32]
|
||
1095 | bio = BIO_new_dgram(ctx->q.sockfd, BIO_NOCLOSE);
|
||
| ~~~~~~~~~~~~~ ~~~~~~~^~~~~~
|
||
1 warning and 2 errors generated.
|
||
```
|
||
|
||
Reviewed-by: Stefan Eissing
|
||
Closes #13043
|
||
|
||
- openssl-quic: fix unity build, casing, indentation
|
||
|
||
- rename static functions to avoid duplicate symbols in unity mode.
|
||
- windows -> Windows/window in error message and comment.
|
||
- fix indentation.
|
||
|
||
Reviewed-by: Stefan Eissing
|
||
Closes #13044
|
||
|
||
Daniel Stenberg (5 Mar 2024)
|
||
|
||
- gen.pl: make the "manpageification" faster
|
||
|
||
The function that replaces occurances of "--longoption" with "-Z,
|
||
--longoption" etc with the proper highlight applied, no longer loops
|
||
over the options.
|
||
|
||
Closes #13041
|
||
|
||
- CONTRIBUTE: update the section on documentation format
|
||
|
||
... since most of it is markdown now.
|
||
|
||
Closes #13046
|
||
|
||
- smtp: free a temp resource
|
||
|
||
The returned address needs to be freed.
|
||
|
||
Follow-up to e3905de8196d67b89df1602feb84c1f993211b20
|
||
Spotted by Coverity
|
||
|
||
Closes #13038
|
||
|
||
- _VARIABLES.md: improve the description
|
||
|
||
Closes #13040
|
||
|
||
dependabot[bot] (4 Mar 2024)
|
||
|
||
- build(deps): bump fsfe/reuse-action from 2 to 3
|
||
|
||
Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action) from 2 to 3.
|
||
- [Release notes](https://github.com/fsfe/reuse-action/releases)
|
||
- [Commits](https://github.com/fsfe/reuse-action/compare/v2...v3)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: fsfe/reuse-action
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
Stefan Eissing (4 Mar 2024)
|
||
|
||
- pytest: adapt to API change
|
||
|
||
- pytest has changed the signature of the hook pytest_report_header()
|
||
for some obscure reason and that change landed in our CI now
|
||
|
||
- remove the changed param that we never used anyway
|
||
|
||
Closes #13037
|
||
|
||
Daniel Stenberg (4 Mar 2024)
|
||
|
||
- cookie: if psl fails, reject the cookie
|
||
|
||
A libpsl install without data and no built-in database is now considered
|
||
bad enough to reject all cookies since they cannot be checked. It is
|
||
somewhat of a user error, but still.
|
||
|
||
Reported-by: Dan Fandrich
|
||
Closes #13033
|
||
|
||
Stefan Eissing (4 Mar 2024)
|
||
|
||
- lib: further send/upload handling polish
|
||
|
||
- Move all the "upload_done" handling to request.c
|
||
|
||
- add possibility to abort sending of a request
|
||
- add `Curl_req_done_sending()` for checks
|
||
- transfer.c: readwrite_upload() now clean
|
||
|
||
- removing data->state.ulbuf and data->req.upload_fromhere
|
||
|
||
- as well as data->req.upload_present
|
||
- set data->req.upload_done on having read all from
|
||
the client and completely flushed the send buffer
|
||
|
||
- tftp, remove setting of data->req.upload_fromhere
|
||
|
||
- serves no purpose as `upload_present` is not set
|
||
and the data itself is directly `sendto()` anyway
|
||
|
||
- smtp, make upload EOB conversion a client reader
|
||
- xfer_ulbuf addition
|
||
|
||
- add xfer_ulbuf for borrowing, similar to xfer_buf
|
||
- use in file upload
|
||
- use in c-hyper body sending
|
||
|
||
- h1-proxy, remove init of data->state.uilbuf that is never used
|
||
- smb, add own send_buf instead of using data->state.ulbuf
|
||
|
||
Closes #13010
|
||
|
||
Daniel Stenberg (4 Mar 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
kpcyrd (3 Mar 2024)
|
||
|
||
- rustls: fix two warnings related to number types
|
||
|
||
Reported-by: Gisle Vanem
|
||
Follow-up to #12989
|
||
Closes #13017
|
||
|
||
Stefan Eissing (3 Mar 2024)
|
||
|
||
- bufq: writing into a softlimit queue cannot be partial
|
||
|
||
- when unable to obtain a new chunk on a softlimit bufq,
|
||
this is an allocation error and needs to be reported as
|
||
such.
|
||
- writes into a soflimit bufq never must be partial success
|
||
|
||
Reported-by: Dan Fandrich
|
||
Fixes #13020
|
||
Closes #13023
|
||
|
||
Dan Fandrich (2 Mar 2024)
|
||
|
||
- configure: Don't build shell completions when disabled
|
||
|
||
With the recent changes to completion file building, the files were
|
||
built always and only installation was selectively disabled. Now, when
|
||
they are disabled they aren't even built, avoiding a build-time error in
|
||
environments where it's not possible to run the curl binary that was
|
||
just created (e.g. if library paths were not set up correctly).
|
||
|
||
Follow-up to 0f7aba83c
|
||
|
||
Reported-by: av223119 on github
|
||
Fixes #13027
|
||
Closes #13030
|
||
|
||
Jay Satiro (2 Mar 2024)
|
||
|
||
- cmdline-opts/_EXITCODES: sync with libcurl-errors
|
||
|
||
- Add error code 100 (CURLE_TOO_LARGE) to the list of error codes that
|
||
can be returned by the curl tool.
|
||
|
||
Closes https://github.com/curl/curl/pull/13015
|
||
|
||
Stefan Eissing (1 Mar 2024)
|
||
|
||
- hyper: disable test1598 due to lack of trailer support
|
||
|
||
Follow-up to 50838095
|
||
|
||
Closes #13016
|
||
|
||
Dan Fandrich (1 Mar 2024)
|
||
|
||
- ftp: Mark a const buffer as const
|
||
|
||
- appveyor: Properly skip if only CircleCI is changed
|
||
|
||
- docs: Update minimal binary size in INSTALL.md
|
||
|
||
Include more options to reduce binary size.
|
||
|
||
- configure: Don't make shell completions without perl
|
||
|
||
The code that attempted to skip building the shell completions didn't
|
||
work properly and tried to build them even if perl wasn't available.
|
||
This step, as well as the install step, is now properly skipped without
|
||
perl.
|
||
|
||
Follow-up to 89733e2dd
|
||
|
||
Closes #13022
|
||
|
||
RainRat (1 Mar 2024)
|
||
|
||
- misc: Fix typos in docs and lib
|
||
|
||
This fixes miscellaneous typos and duplicated words in the docs, lib
|
||
and test comments and a few user facing errorstrings.
|
||
|
||
Author: RainRat on Github
|
||
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
|
||
Reviewed-by: Dan Fandrich <dan@coneharvesters.com>
|
||
Closes: #13019
|
||
|
||
Dan Fandrich (29 Feb 2024)
|
||
|
||
- configure: build & install shell completions when enabled
|
||
|
||
The --with-fish-functions-dir and --with-zsh-functions-dir options
|
||
currently have no effect on a normal build because the scripts/ directory
|
||
where they're used is not built. Add scripts/ to a normal build and
|
||
change the completion options to default to off to preserve the existing
|
||
behaviour.
|
||
|
||
Closes: #12906
|
||
|
||
- github/labeler: improve the match patterns
|
||
|
||
Stefan Eissing (28 Feb 2024)
|
||
|
||
- tests: add test1598 for POST with trailers
|
||
|
||
- test POST fields with trailers and chunked encoding
|
||
|
||
Ref: #12938
|
||
Closes #13009
|
||
|
||
Daniel Stenberg (28 Feb 2024)
|
||
|
||
- cmdline-opts/_VERSION: provide %VERSION correctly
|
||
|
||
... so that it does not get included verbatim in the output. Fixes a
|
||
regression shipped in 8.6.0.
|
||
|
||
Also fix a format mistake in form.md
|
||
|
||
Closes #13008
|
||
|
||
Stefan Eissing (28 Feb 2024)
|
||
|
||
- lib: Curl_read/Curl_write clarifications
|
||
|
||
- replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to
|
||
clarify when and at what level they operate
|
||
- send/recv of transfer related data is now done via
|
||
`Curl_xfer_send()/Curl_xfer_recv()` which no longer has
|
||
socket/socketindex as parameter. It decides on the transfer
|
||
setup of `conn->sockfd` and `conn->writesockfd` on which
|
||
connection filter chain to operate.
|
||
- send/recv on a specific connection filter chain is done via
|
||
`Curl_conn_send()/Curl_conn_recv()` which get the socket index
|
||
as parameter.
|
||
- rename `Curl_setup_transfer()` to `Curl_xfer_setup()` for
|
||
naming consistency
|
||
- clarify that the special CURLE_AGAIN hangling to return
|
||
`CURLE_OK` with length 0 only applies to `Curl_xfer_send()`
|
||
and CURLE_AGAIN is returned by all other send() variants.
|
||
- fix a bug in websocket `curl_ws_recv()` that mixed up data
|
||
when it arrived in more than a single chunk (to be made
|
||
into a sperate PR, also)
|
||
|
||
Added as documented [in
|
||
CLIENT-READER.md](https://github.com/curl/curl/blob/5b1f31dfbab8aef467c419c68
|
||
aa06dc738cb75d4/docs/CLIENT-READERS.md).
|
||
|
||
- old `Curl_buffer_send()` completely replaced by new `Curl_req_send()`
|
||
- old `Curl_fillreadbuffer()` replaced with `Curl_client_read()`
|
||
- HTTP chunked uploads are now formatted in a client reader added when
|
||
needed.
|
||
- FTP line-end conversions are done in a client reader added when
|
||
needed.
|
||
- when sending requests headers, remaining buffer space is filled with
|
||
body data for sending in "one go". This is independent of the request
|
||
body size. Resolves #12938 as now small and large requests have the
|
||
same code path.
|
||
|
||
Changes done to test cases:
|
||
|
||
- test513: now fails before sending request headers as this initial
|
||
"client read" triggers the setup fault. Behaves now the same as in
|
||
hyper build
|
||
- test547, test555, test1620: fix the length check in the lib code to
|
||
only fail for reads *smaller* than expected. This was a bug in the
|
||
test code that never triggered in the old implementation.
|
||
|
||
Closes #12969
|
||
|
||
Daniel Gustafsson (28 Feb 2024)
|
||
|
||
- curldown: Fix email address in Copyright
|
||
|
||
The curldown conversion accidentally replaced daniel@haxx.se with
|
||
just daniel.se. This reverts back to the proper email address in
|
||
the curldown docs as well as in a few other stray places where it
|
||
was incorrect (while unrelated to curldown).
|
||
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
Closes: #12997
|
||
|
||
Daniel Stenberg (28 Feb 2024)
|
||
|
||
- getparam: make --ftp-ssl work again
|
||
|
||
Follow-up to 9e4e527 which accidentally broke it
|
||
|
||
Reported-by: Jordan Brown
|
||
Fixes #13006
|
||
Closes #13007
|
||
|
||
- KNOWN_BUGS: IMAPS connection fails with rustls error
|
||
|
||
Closes #10457
|
||
|
||
- KNOWN_BUGS: FTPS upload, FileZilla, GnuTLS and close_notify
|
||
|
||
Closes #11383
|
||
|
||
- KNOWN_BUGS: Implicit FTPS upload timeout
|
||
|
||
Closes #11720
|
||
|
||
- KNOWN_BUGS: HTTP/2 prior knowledge over proxy
|
||
|
||
Closes #12641
|
||
|
||
- TODO: build HTTP/3 with OpenSSL and nghttp3 using cmake
|
||
|
||
Closes #12988
|
||
|
||
- TODO: Select signature algorithms
|
||
|
||
Closes #12982
|
||
|
||
- examples: use present tense in comments
|
||
|
||
remove "will" and some other word fixes
|
||
|
||
Closes #13003
|
||
|
||
- docs: more language cleanups
|
||
|
||
- present tense
|
||
- avoid bad words
|
||
|
||
Closes #13003
|
||
|
||
Daniel Gustafsson (27 Feb 2024)
|
||
|
||
- setopt: Fix disabling all protocols
|
||
|
||
When disabling all protocols without enabling any, the resulting
|
||
set of allowed protocols remained the default set. Clearing the
|
||
allowed set before inspecting the passed value from --proto make
|
||
the set empty even in the errorpath of no protocols enabled.
|
||
|
||
Co-authored-by: Dan Fandrich <dan@telarity.com>
|
||
Reported-by: Dan Fandrich <dan@telarity.com>
|
||
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
||
Closes: #13004
|
||
|
||
Andreas Kiefer (27 Feb 2024)
|
||
|
||
- fopen: fix narrowing conversion warning on 32-bit Android
|
||
|
||
This was fixed in commit 06dc599405f, but came back in commit
|
||
03cb1ff4d62.
|
||
|
||
When building for 32-bit ARM or x86 Android, `st_mode` is defined as
|
||
`unsigned int` instead of `mode_t`, resulting in a
|
||
`-Wimplicit-int-conversion` clang warning because `mode_t` is
|
||
`unsigned short`. Add a cast to silence the warning, but only for
|
||
32-bit Android builds, because other architectures and platforms are
|
||
not affected.
|
||
|
||
Ref: https://android.googlesource.com/platform/bionic/+/refs/tags/ndk-r25c/li
|
||
bc/include/sys/stat.h#86
|
||
Closes https://github.com/curl/curl/pull/12998
|
||
|
||
Stefan Eissing (27 Feb 2024)
|
||
|
||
- lib: Curl_read/Curl_write clarifications
|
||
|
||
- replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to
|
||
clarify when and at what level they operate
|
||
- send/recv of transfer related data is now done via
|
||
`Curl_xfer_send()/Curl_xfer_recv()` which no longer has
|
||
socket/socketindex as parameter. It decides on the transfer
|
||
setup of `conn->sockfd` and `conn->writesockfd` on which
|
||
connection filter chain to operate.
|
||
- send/recv on a specific connection filter chain is done via
|
||
`Curl_conn_send()/Curl_conn_recv()` which get the socket index
|
||
as parameter.
|
||
- rename `Curl_setup_transfer()` to `Curl_xfer_setup()` for
|
||
naming consistency
|
||
- clarify that the special CURLE_AGAIN hangling to return
|
||
`CURLE_OK` with length 0 only applies to `Curl_xfer_send()`
|
||
and CURLE_AGAIN is returned by all other send() variants.
|
||
- fix a bug in websocket `curl_ws_recv()` that mixed up data
|
||
when it arrived in more than a single chunk
|
||
|
||
The method for sending not just raw bytes, but bytes that are either
|
||
"headers" or "body". The send abstraction stack, to to bottom, now is:
|
||
|
||
* `Curl_req_send()`: has parameter to indicate amount of header bytes,
|
||
buffers all data.
|
||
* `Curl_xfer_send()`: knows on which socket index to send, returns
|
||
amount of bytes sent.
|
||
* `Curl_conn_send()`: called with socket index, returns amount of bytes
|
||
sent.
|
||
|
||
In addition there is `Curl_req_flush()` for writing out all buffered
|
||
bytes.
|
||
|
||
`Curl_req_send()` is active for requests without body,
|
||
`Curl_buffer_send()` still being used for others. This is because the
|
||
special quirks need to be addressed in future parts:
|
||
|
||
* `expect-100` handling
|
||
* `Curl_fillreadbuffer()` needs to add directly to the new
|
||
`data->req.sendbuf`
|
||
* special body handlings, like `chunked` encodings and line end
|
||
conversions will be moved into something like a Client Reader.
|
||
|
||
In functions of the pattern `CURLcode xxx_send(..., ssize_t *written)`,
|
||
replace the `ssize_t` with a `size_t`. It makes no sense to allow for negativ
|
||
e
|
||
values as the returned `CURLcode` already specifies error conditions. This
|
||
allows easier handling of lengths without casting.
|
||
|
||
Closes #12964
|
||
|
||
Daniel Stenberg (27 Feb 2024)
|
||
|
||
- multi: make add_handle free any multi_easy
|
||
|
||
If the easy handle that is being added to a multi handle has previously
|
||
been used for curl_easy_perform(), there is a private multi handle here
|
||
that we can kill off. While it flushes some caches etc for the easy
|
||
handle would it be used for an easy interface transfer again after being
|
||
used in the multi stack, this cleanup simplifies behavior and uses less
|
||
memory.
|
||
|
||
Closes #12992
|
||
|
||
- docs: use present tense
|
||
|
||
avoid "will", detect "will" as a bad word in the CI
|
||
|
||
Also line wrapped a bunch of paragraphs
|
||
|
||
Closes #13001
|
||
|
||
- CURLOPT_SSL_CTX_FUNCTION.md: no promises of lifetime after return
|
||
|
||
... and cleanup other language.
|
||
|
||
Closes #12999
|
||
|
||
Stefan Eissing (27 Feb 2024)
|
||
|
||
- lib: send rework
|
||
|
||
Curl_read/Curl_write clarifications
|
||
|
||
- replace `Curl_read()`, `Curl_write()` and `Curl_nwrite()` to 1clarify
|
||
when and at what level they operate
|
||
|
||
- send/recv of transfer related data is now done via
|
||
`Curl_xfer_send()/Curl_xfer_recv()` which no longer has
|
||
socket/socketindex as parameter. It decides on the transfer setup of
|
||
`conn->sockfd` and `conn->writesockfd` on which connection filter
|
||
chain to operate.
|
||
|
||
- send/recv on a specific connection filter chain is done via
|
||
`Curl_conn_send()/Curl_conn_recv()` which get the socket index as
|
||
parameter.
|
||
|
||
- rename `Curl_setup_transfer()` to `Curl_xfer_setup()` for naming
|
||
consistency
|
||
|
||
- clarify that the special CURLE_AGAIN handling to return `CURLE_OK`
|
||
with length 0 only applies to `Curl_xfer_send()` and CURLE_AGAIN is
|
||
returned by all other send() variants.
|
||
|
||
SingleRequest reshuffling
|
||
|
||
- move functions into request.[ch]
|
||
- differentiate between reset and free
|
||
- add Curl_req_done() to perform last actions
|
||
- add a send `bufq` to SingleRequest for future use in keeping upload data
|
||
|
||
Closes #12963
|
||
|
||
Daniel Stenberg (26 Feb 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- http_chunks: remove unused 'endptr' variable
|
||
|
||
Closes #12996
|
||
|
||
Louis Solofrizzo (26 Feb 2024)
|
||
|
||
- lib: initialize output pointers to NULL before calling strto[ff,l,ul]
|
||
|
||
In order to make MSAN happy:
|
||
|
||
==2200945==WARNING: MemorySanitizer: use-of-uninitialized-value
|
||
#0 0x596f3b3ed246 in curlx_strtoofft [...]/libcurl/src/lib/strtoofft.c:23
|
||
9:11
|
||
#1 0x596f3b402156 in Curl_httpchunk_read [...]/libcurl/src/lib/http_chunk
|
||
s.c:149:12
|
||
#2 0x596f3b348550 in readwrite_data [...]/libcurl/src/lib/transfer.c:607:
|
||
11
|
||
[...]
|
||
|
||
==2202041==WARNING: MemorySanitizer: use-of-uninitialized-value
|
||
#0 0x5a3fab66a72a in Curl_parse_port [...]/libcurl/src/lib/urlapi.c:547:8
|
||
#1 0x5a3fab650645 in parse_authority [...]/libcurl/src/lib/urlapi.c:796:1
|
||
2
|
||
#2 0x5a3fab6740f6 in parseurl [...]/libcurl/src/lib/urlapi.c:1176:16
|
||
#3 0x5a3fab664fc5 in parseurl_and_replace [...]/libcurl/src/lib/urlapi.c:
|
||
1342:12
|
||
[...]
|
||
|
||
==2202320==WARNING: MemorySanitizer: use-of-uninitialized-value
|
||
#0 0x569076a0d6b0 in ipv4_normalize [...]/libcurl/src/lib/urlapi.c:683:12
|
||
#1 0x5690769f2820 in parse_authority [...]/libcurl/src/lib/urlapi.c:803:1
|
||
0
|
||
#2 0x569076a160f6 in parseurl [...]/libcurl/src/lib/urlapi.c:1176:16
|
||
#3 0x569076a06fc5 in parseurl_and_replace [...]/libcurl/src/lib/urlapi.c:
|
||
1342:12
|
||
[...]
|
||
|
||
Signed-off-by: Louis Solofrizzo <lsolofrizzo@scaleway.com>
|
||
Closes #12995
|
||
|
||
Stefan Eissing (26 Feb 2024)
|
||
|
||
- lib: move client writer into own source
|
||
|
||
Refactoring of the client writer that passes the data to the
|
||
client/application's callback functions.
|
||
|
||
- split out into own source cw-out.[ch] from sendf.c
|
||
|
||
- move tempwrite and tempcount from data->state into the context of the
|
||
client writer
|
||
|
||
- redesign the 3 tempwrite dynbufs as a linked list of dynbufs. On
|
||
paused transfers, this allows to "record" interleaved HEADER/BODY
|
||
chunks to be "played back" in the same order on unpausing.
|
||
|
||
- keep the overall size limit of all buffered data to DYN_PAUSE_BUFFER.
|
||
On exceeding that, return CURLE_TOO_LARGE instead of
|
||
CURLE_OUT_OF_MEMORY as before.
|
||
|
||
- add method to be called when a transfer is DONE to allow writing of
|
||
any data still buffered
|
||
|
||
- when paused, record HEADER writes exactly as they come for later
|
||
playback. HEADERs are documented to be written one-by-one.
|
||
|
||
Closes #12898
|
||
|
||
- urldata: move authneg bit from conn to Curl_easy
|
||
|
||
- from `conn->bits.authneg` to `data->req.authneg`
|
||
- this is a property of the request about to be made
|
||
and not a property of the connection
|
||
- in multiuse connections, transfer could step on each others
|
||
toes here potentially.
|
||
|
||
Closes #12949
|
||
|
||
- c-hyper: add header collection writer in hyper builds
|
||
|
||
Closes #12880
|
||
|
||
- http: move headers collecting to writer
|
||
|
||
- add a client writer that does "push" response
|
||
headers written to the client if the headers api
|
||
is enabled
|
||
- remove special handling in sendf.c
|
||
- needs to be installed very early on connection
|
||
setup to catch CONNECT response headers
|
||
|
||
Closes #12880
|
||
|
||
- sendf: Curl_client_write(), make passed in buf const
|
||
|
||
Michał Antoniak (26 Feb 2024)
|
||
|
||
- lib: remove curl_mimepart object when CURL_DISABLE_MIME
|
||
|
||
Remove curl_mimepart object from UserDefined structure when
|
||
CURL_DISABLE_MIME flag is active. Reduce size of UserDefined structure.
|
||
|
||
Also remove unreachable code: when CURL_DISABLE_MIME is set, httpreq can
|
||
never have HTTPREQ_POST_MIME value and the same goes for the
|
||
CURL_DISABLE_FORM_API flag and the HTTPREQ_POST_FORM value
|
||
|
||
Closes #12948
|
||
|
||
kpcyrd (26 Feb 2024)
|
||
|
||
- rustls: make curl compile with 0.12.0
|
||
|
||
Closes #12989
|
||
|
||
Daniel Stenberg (26 Feb 2024)
|
||
|
||
- strtoofft: fix the overflow check
|
||
|
||
... to not rely on wrapping, since it is an undefined behavior that is
|
||
not what always might happen. This is in our private strtoff() parser
|
||
function, used only on platforms without a native version.
|
||
|
||
Reported-by: vulnerabilityspotter on hackerone
|
||
Closes #12990
|
||
|
||
- libssh/libssh2: return error on too big range
|
||
|
||
If trying to get the range 0 - 2^63 and the remote file is 2^63 bytes or
|
||
larger.
|
||
|
||
Fixes #12983
|
||
Closes #12984
|
||
|
||
Scott Talbert (24 Feb 2024)
|
||
|
||
- setopt: fix check for CURLOPT_PROXY_TLSAUTH_TYPE value
|
||
|
||
Prior to this change CURLOPT_PROXY_TLSAUTH_TYPE would return
|
||
CURLE_BAD_FUNCTION_ARGUMENT on any type other than NULL. Since there is
|
||
only one type of TLS auth and it is also the default (SRP) the TLS auth
|
||
would work anyway.
|
||
|
||
Closes https://github.com/curl/curl/pull/12981
|
||
|
||
Jay Satiro (24 Feb 2024)
|
||
|
||
- mprintf: fix format prefix I32/I64 for windows compilers
|
||
|
||
- Support I32 & I64 (eg: %I64d) for all Win32 builds.
|
||
|
||
Prior to this change mprintf support for the I format prefix, which is a
|
||
Microsoft extension, was dependent on the compiler used.
|
||
|
||
When Borland compiler support was removed in fd7ef00f the prefix was
|
||
then no longer supported for that compiler; however since it's still
|
||
possible to build with Borland I'm restoring support for the prefix in
|
||
this way.
|
||
|
||
Reported-by: Paweł Witas
|
||
|
||
Fixes https://github.com/curl/curl/issues/12944
|
||
Closes https://github.com/curl/curl/pull/12950
|
||
|
||
Daniel Stenberg (23 Feb 2024)
|
||
|
||
- cd2nroff: gen: make `\>` in input to render as plain '>' in output
|
||
|
||
The same (copy and pasted) fix/mistake as in gen.pl
|
||
|
||
- gen: make `\>` in input to render as plain '>' in output
|
||
|
||
Reported-by: Gisle Vanem
|
||
Fixes #12977
|
||
Closes #12978
|
||
|
||
Fabrice Fontaine (23 Feb 2024)
|
||
|
||
- configure.ac: find libpsl with pkg-config
|
||
|
||
Find libpsl with pkg-config to avoid static build failures.
|
||
|
||
Ref: http://autobuild.buildroot.org/results/1fb15e1a99472c403d0d3b1a688902f32
|
||
e78d002
|
||
|
||
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
||
Closes #12947
|
||
|
||
Daniel Stenberg (23 Feb 2024)
|
||
|
||
- BUG-BOUNTY.md: clarify that the curl security team decides
|
||
|
||
Closes #12975
|
||
|
||
- THANKS: add bug reporter from #740
|
||
|
||
Ref: https://github.com/curl/curl/issues/740
|
||
|
||
Stefan Eissing (22 Feb 2024)
|
||
|
||
- multi: fix multi_sock handling of select_bits
|
||
|
||
- OR the event bitmask to data->state.select_bits instead of overwriting
|
||
them. They are cleared again on use.
|
||
|
||
Reported-by: 5533asdg on github
|
||
Fixes #12971
|
||
Closes #12972
|
||
|
||
Daniel Stenberg (22 Feb 2024)
|
||
|
||
- curlver: bump to 8.7.0 for next release
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- write-out: add '%{proxy_used}'
|
||
|
||
Returns 1 if the previous transfer used a proxy, otherwise 0. Useful to
|
||
for example determine if a `NOPROXY` pattern matched the hostname or
|
||
not.
|
||
|
||
Extended test 970 and 972
|
||
|
||
- CURLINFO_USED_PROXY: return bool whether the proxy was used
|
||
|
||
Adds test536 to verify
|
||
|
||
Closes #12719
|
||
|
||
- sha512_256: remove the cast macro, minor language/format edits
|
||
|
||
Follow-up to cbe41d151d6a100c
|
||
|
||
Closes #12966
|
||
|
||
Stefan Eissing (20 Feb 2024)
|
||
|
||
- DoH: add trace configuration
|
||
|
||
- refs #12397 where it is dicussed how to en-/disable verbose output
|
||
of DoH operations
|
||
- introducing `struct curl_trc_feat` to track a curl feature for
|
||
tracing
|
||
- adding `data->state.feat` optionally pointing to the feature a
|
||
transfer belongs to
|
||
- adding trace functions and verbosity checks on features
|
||
- using trace feature in DoH code
|
||
- documenting `doh` as feature for `--trace-config`
|
||
|
||
Closes #12411
|
||
|
||
- websocket: fix curl_ws_recv()
|
||
|
||
- when data arrived in several chunks, the collection into
|
||
the passed buffer always started at offset 0, overwriting
|
||
the data already there.
|
||
|
||
adding test_20_07 to verify fix
|
||
|
||
- debug environment var CURL_WS_CHUNK_SIZE can be used to
|
||
influence the buffer chunk size used for en-/decoding.
|
||
|
||
Closes #12945
|
||
|
||
Evgeny Grin (Karlson2k) (20 Feb 2024)
|
||
|
||
- digest: support SHA-512/256
|
||
|
||
Also fix the tests. New implementation tested with GNU libmicrohttpd.
|
||
The new numbers in tests are real SHA-512/256 numbers (not just some
|
||
random ;) numbers ).
|
||
|
||
- tests: add SHA-512/256 unit test
|
||
|
||
- SHA-512/256: implement hash algorithm
|
||
|
||
Closes #12897
|
||
|
||
- curl_setup.h: add curl_uint64_t internal type
|
||
|
||
The unsigned version of curl_off_t basically
|
||
|
||
Daniel Stenberg (20 Feb 2024)
|
||
|
||
- docs: dist curl*.1 and install without perl
|
||
|
||
Drop docs/mk-ca-bundle.1 from the tarball. It can be generated at will.
|
||
|
||
Closes #12959
|
||
Fixes #12921
|
||
Reported-by: Michael Forney
|
||
|
||
Stefan Eissing (20 Feb 2024)
|
||
|
||
- OpenSSL QUIC: adapt to v3.3.x
|
||
|
||
- set our idle timeout as transport parameter
|
||
- query negotiated idle timeout for connection alive checks
|
||
- query number of available bidi streams on a connection
|
||
- use write_ex2 with SSL_WRITE_FLAG_CONCLUDE to signal
|
||
EOF on last chunk write, so stream close does not
|
||
require an additional QUIC packet
|
||
|
||
Closes #12933
|
||
|
||
Ramiro Garcia (19 Feb 2024)
|
||
|
||
- MANUAL.md: fix typo
|
||
|
||
Closes #12965
|
||
|
||
Daniel Stenberg (19 Feb 2024)
|
||
|
||
- BINDINGS: add mcurl, the python binding
|
||
|
||
Ref: #12956
|
||
Closes #12962
|
||
|
||
- mk-ca-bundle.md: cleanups and polish
|
||
|
||
Closes #12958
|
||
|
||
- spellcheck.yml: remove .1/.3 handling, clean all man page .md files
|
||
|
||
Since we generate all .1 and .3 files from markdown now, we can limit
|
||
the spellcheck to the markdown versions only.
|
||
|
||
Closes #12960
|
||
|
||
- libcurl-docs: cleanups
|
||
|
||
CURLMOPT_SOCKETDATA.md: fix typo
|
||
CURLMOPT_TIMERDATA.md: fix typo
|
||
CURLOPT_COOKIELIST.m: quote strings
|
||
CURLOPT_PREREQFUNCTION.md: quote variable names
|
||
CURLOPT_TCP_NODELAY.md: rephrased to please spell checker
|
||
CURLOPT_WILDCARDMATCH.md: rephrased
|
||
libcurl-tutorial.md: use correct option name
|
||
curl_global_init_mem.md: quote headers
|
||
curl_easy_getinfo.md: use correct symbol names in headers
|
||
curl_global_trace.md: quote some headers
|
||
curl_ws_meta.md: quote struct field names
|
||
libcurl-env.md: quote headers
|
||
|
||
- cd2nroff: remove backticks from titles
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Stefan Eissing (18 Feb 2024)
|
||
|
||
- http_chunks: fix the accounting of consumed bytes
|
||
|
||
Prior to this change chunks were handled correctly although in verbose
|
||
mode libcurl could incorrectly warn of "Leftovers after chunking" even
|
||
if there were none.
|
||
|
||
Reported-by: Michael Kaufmann
|
||
|
||
Fixes https://github.com/curl/curl/issues/12937
|
||
Closes https://github.com/curl/curl/pull/12939
|
||
|
||
- file: use xfer buf for file:// transfers
|
||
|
||
- For file:// transfers use the multi handle's transfer buffer for
|
||
up- and downloads.
|
||
|
||
Prior to this change a6c9a33 (precedes 8.6.0) changed the file://
|
||
transfers to use a smaller stack based buffer, and that caused a
|
||
significant performance decrease in Windows.
|
||
|
||
Bug: https://github.com/curl/curl/issues/12750#issuecomment-1920103086
|
||
Reported-by: edmcln@users.noreply.github.com
|
||
|
||
Closes https://github.com/curl/curl/pull/12932
|
||
|
||
Karthikdasari0423 (18 Feb 2024)
|
||
|
||
- HTTP3.md: always run nghttp3 submodule init
|
||
|
||
- For consistency change all 'build nghttp3' commands to run submodule
|
||
init after cloning, even if the branch does not have submodules.
|
||
|
||
Follow-up to 5a4b2f93 and 4f794558.
|
||
|
||
Closes https://github.com/curl/curl/pull/12928
|
||
|
||
LeeRiva (18 Feb 2024)
|
||
|
||
- CURLOPT_POSTQUOTE.md: fix typo
|
||
|
||
Closes https://github.com/curl/curl/pull/12926
|
||
|
||
Evgeny Grin (Karlson2k) (18 Feb 2024)
|
||
|
||
- checksrc.pl: fix handling .checksrc with CRLF
|
||
|
||
- When parsing .checksrc chomp the (CR)LF line ending.
|
||
|
||
Prior to this change on Windows checksrc.pl would not process the
|
||
symbols in .checksrc properly, since many git repos in Windows use auto
|
||
crlf to check out files with CRLF line endings.
|
||
|
||
Closes https://github.com/curl/curl/pull/12924
|
||
|
||
Richard Levitte (18 Feb 2024)
|
||
|
||
- cmake: fix install for older CMake versions
|
||
|
||
- Generate the docs install list by using a foreach loop instead of
|
||
LIST:TRANSFORM since older CMake can't handle the latter.
|
||
|
||
Reported-by: Dan Fandrich
|
||
|
||
Fixes https://github.com/curl/curl/issues/12920
|
||
Closes https://github.com/curl/curl/pull/12922
|
||
|
||
Stefan Eissing (16 Feb 2024)
|
||
|
||
- vtls: fix tls proxy peer verification
|
||
|
||
- When verifying a proxy certificate for an ip address, use the correct
|
||
ip family.
|
||
|
||
Prior to this change the "connection" ip family was used, which was not
|
||
necessarily the same.
|
||
|
||
Reported-by: HsiehYuho@users.noreply.github.com
|
||
|
||
Fixes https://github.com/curl/curl/issues/12831
|
||
Closes https://github.com/curl/curl/pull/12931
|
||
|
||
Dan Fandrich (15 Feb 2024)
|
||
|
||
- CI: Bump the Circle CI base Ubuntu image to the latest 20.04
|
||
|
||
The previous ones are going to be removed soon, plus the new ones
|
||
include all the fixes since then.
|
||
|
||
Jay Satiro (13 Feb 2024)
|
||
|
||
- transfer: improve Windows SO_SNDBUF update limit
|
||
|
||
- Change the 1 second SO_SNDBUF update limit from per transfer to per
|
||
connection.
|
||
|
||
Prior to this change many transfers over the same connection could cause
|
||
many SO_SNDBUF updates made to that connection per second, which was
|
||
unnecessary.
|
||
|
||
Closes https://github.com/curl/curl/pull/12911
|
||
|
||
- schannel: fix hang on unexpected server close
|
||
|
||
- Treat TLS connection close (either due to a close_notify from the
|
||
server or just closed due to receiving 0) as pending data.
|
||
|
||
This is because in some cases schannel_recv knows the connection is
|
||
closed but has to return actual pending data so it can't return 0 or an
|
||
error to indicate no more data. In this case schannel_recv must be
|
||
called again, which only happens if readwrite_data sees that there is
|
||
still pending data.
|
||
|
||
Prior to this change if the total size of the body that libcurl expected
|
||
to receive from the server was unknown then it was possible under some
|
||
network conditions that libcurl would hang waiting to receive more data,
|
||
when in fact a close_notify alert indicating no more data would be sent
|
||
was already processed.
|
||
|
||
Fixes https://github.com/curl/curl/issues/12894
|
||
Closes https://github.com/curl/curl/pull/12910
|
||
|
||
Daniel Stenberg (10 Feb 2024)
|
||
|
||
- KNOWN_BUGS: FTP upload fails if remebered dir is deleted
|
||
|
||
Closes #12181
|
||
Closes #12923
|
||
|
||
Michał Antoniak (10 Feb 2024)
|
||
|
||
- mbedtls: use mbedtls_ssl_conf_{min|max}_tls_version
|
||
|
||
... instead of the deprecated mbedtls_ssl_conf_{min|max}_version
|
||
|
||
Closes #12905
|
||
|
||
Dan Fandrich (9 Feb 2024)
|
||
|
||
- CI: bump to actions/cache@v4 to avoid warning
|
||
|
||
Evgeny Grin (Karlson2k) (9 Feb 2024)
|
||
|
||
- test1165: improve pattern matching
|
||
|
||
* Fix excluded digits at the end of the symbols ('CURL_DISABLE_POP3'
|
||
was checked as 'CURL_DISABLE_POP')
|
||
|
||
Closes #12903
|
||
|
||
Dan Fandrich (9 Feb 2024)
|
||
|
||
- scripts: Fix cijobs.pl for Azure and GHA
|
||
|
||
The spacing in the yaml files changed.
|
||
|
||
Daniel Stenberg (9 Feb 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- TODO: use pkg-config to find libpsl
|
||
|
||
Closes #12919
|
||
|
||
- TODO: avoid nroff
|
||
|
||
Instead of adjusting roffit, skip the nroff step.
|
||
|
||
Closes #12919
|
||
|
||
Dan Fandrich (9 Feb 2024)
|
||
|
||
- Revert "CI: run Circle macOS builds on x86 for now"
|
||
|
||
This reverts commit 2683de3078eadc86d9b182e7417f4ee75a247e2c.
|
||
ARM resources are now available in Circle CI, so run these builds on ARM
|
||
again. This platform needs explicit paths set to libpsl and its
|
||
dependency icu4c.
|
||
|
||
Follow-up to 2683de30
|
||
|
||
Closes #12635
|
||
|
||
Viktor Szakats (9 Feb 2024)
|
||
|
||
- cmake: add warning for using TLS libraries without 1.3 support
|
||
|
||
Closes #12900
|
||
|
||
Daniel Stenberg (9 Feb 2024)
|
||
|
||
- configure: add warning for using TLS libraries without 1.3 support
|
||
|
||
Closes #12900
|
||
|
||
Michał Antoniak (9 Feb 2024)
|
||
|
||
- mbedtls: fix building when MBEDTLS_X509_REMOVE_INFO flag is defined
|
||
|
||
Closes #12904
|
||
|
||
Stefan Eissing (9 Feb 2024)
|
||
|
||
- ftp: fix socket wait activity in ftp_domore_getsock
|
||
|
||
- when waiting on the data connection, always add the control socket to
|
||
the pollset on state STOP or let the pingpong add the socket according
|
||
to its needs.
|
||
|
||
Reported-by: Fabian Vogt
|
||
Fixes #12901
|
||
Closes #12913
|
||
|
||
Daniel Stenberg (9 Feb 2024)
|
||
|
||
- dist: make sure the http tests are in the tarball
|
||
|
||
Fixes #12914
|
||
Reported-by: Fabian Vogt
|
||
Closes #12917
|
||
|
||
Stefan Eissing (9 Feb 2024)
|
||
|
||
- multi: add xfer_buf to multi handle
|
||
|
||
- can be borrowed by transfer during recv-write operation
|
||
- needs to be released before borrowing again
|
||
- adjustis size to `data->set.buffer_size`
|
||
- used in transfer.c readwrite_data()
|
||
|
||
Closes #12805
|
||
|
||
Daniel Stenberg (9 Feb 2024)
|
||
|
||
- write-out.md: clarify error handling details
|
||
|
||
- it gets used even if the transfer fails
|
||
|
||
- it does not cause error to be returned even if it fails
|
||
|
||
Closes #12909
|
||
|
||
Stefan Eissing (8 Feb 2024)
|
||
|
||
- ftp: do lineend conversions in client writer
|
||
|
||
- remove the ftp special handling from sendf.c
|
||
- let ftp_do() add a client writer that does
|
||
the linened conversions
|
||
- change the lineend conversion to no longer
|
||
modify the passed buffer, but write smaller
|
||
chunks to the next cwriter instead. The
|
||
inefficiency of this will be mitigated once
|
||
we add output buffering for all client writes.
|
||
|
||
Closes #12878
|
||
|
||
- ftp: tracing improvements
|
||
|
||
- trace socketindex for connection filters when not the first
|
||
- trace socket fd in tcp
|
||
- trace pollset adjusts in vtls
|
||
|
||
Closes #12902
|
||
|
||
Karthikdasari0423 (8 Feb 2024)
|
||
|
||
- HTTP3.md: adjust the OpenSSL QUIC install instructions
|
||
|
||
tried installing with old steps but failed
|
||
tried with newly added setps and able to build
|
||
```
|
||
root@ubuntu:~/curl# ./src/curl -V
|
||
/root/curl/src/.libs/curl: /lib/x86_64-linux-gnu/libssl.so.3: version `OPENSS
|
||
L_3.2.0' not found (required by /root/curl/lib/.libs/libcurl.so.4)
|
||
root@ubuntu:~/curl#
|
||
```
|
||
```
|
||
root@ubuntu:~/curl# ./src/curl -V
|
||
curl 8.6.1-DEV (x86_64-pc-linux-gnu) libcurl/8.6.1-DEV OpenSSL/3.2.0 zlib/1.2
|
||
.11 brotli/1.0.9 libpsl/0.21.0 nghttp3/1.1.0 OpenLDAP/2.5.16
|
||
Release-Date: [unreleased]
|
||
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns
|
||
ldap ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
|
||
Features: alt-svc AsynchDNS brotli HSTS HTTP3 HTTPS-proxy IPv6 Largefile libz
|
||
NTLM PSL SSL threadsafe TLS-SRP UnixSockets
|
||
root@ubuntu:~/curl#
|
||
```
|
||
|
||
Closes #12896
|
||
|
||
Daniel Stenberg (8 Feb 2024)
|
||
|
||
- TODO: align the TOC with the header
|
||
|
||
- docs: make sure curl.1 is included in dist tarballs
|
||
|
||
Ref: https://github.com/curl/curl/issues/12832#issuecomment-1933271873
|
||
|
||
Closes #12892
|
||
|
||
Karthikdasari0423 (8 Feb 2024)
|
||
|
||
- HTTP3.md: remove quiche word in Openssl 3.2
|
||
|
||
Closes #12893
|
||
|
||
Daniel Stenberg (7 Feb 2024)
|
||
|
||
- curl: when allocating variables, add the name into the struct
|
||
|
||
This saves the name from being an extra separate allocation.
|
||
|
||
Closes #12891
|
||
|
||
- lib582: remove code causing warning that is never run
|
||
|
||
The previous realloc code in this code could trigger a compiler warning,
|
||
but since that code path cannot happen in normal circumstances it now
|
||
instead exits with an error message there.
|
||
|
||
Ref: #12887
|
||
Closes #12890
|
||
|
||
Stefan Eissing (7 Feb 2024)
|
||
|
||
- vtls: revert "receive max buffer" + add test case
|
||
|
||
- add test_05_04 for requests using http/1.0, http/1.1 and h2 against an
|
||
Apache resource that does an unclean TLS shutdown.
|
||
- revert special workarund in openssl.c for suppressing shutdown errors
|
||
on multiplexed connections
|
||
- vlts.c restore to its state before 9a90c9dd64d2f03601833a70786d485851bd1b53
|
||
|
||
Fixes #12885
|
||
Fixes #12844
|
||
|
||
Closes #12848
|
||
|
||
Daniel Stenberg (7 Feb 2024)
|
||
|
||
- tests: support setting/using blank content env variables
|
||
|
||
- test450: remove --config from the keywords
|
||
- test2080: change return code
|
||
- test428: add --config as a keyword
|
||
- test428: disable on Windows due to CI problems
|
||
|
||
- curl: exit on config file parser errors
|
||
|
||
Like when trying to import an environment variable that does not exist.
|
||
|
||
Also fix a bug for reading env variables when there is a default value
|
||
set.
|
||
|
||
Bug: https://curl.se/mail/archive-2024-02/0008.html
|
||
Reported-by: Brett Buddin
|
||
|
||
Add test 462 to verify.
|
||
|
||
Closes #12862
|
||
|
||
Daniel Szmulewicz (7 Feb 2024)
|
||
|
||
- CURLOPT_WRITEFUNCTION.md: typo fix
|
||
|
||
The maximum amount of body data that is <be> passed to the write
|
||
callback is defined in the curl.h header file
|
||
|
||
Closes #12889
|
||
|
||
Daniel Stenberg (7 Feb 2024)
|
||
|
||
- lib: convert Curl_get_line to use dynbuf
|
||
|
||
Create the line in a dynbuf. Aborts the reading of the file on
|
||
errors. Avoids having to always allocate maximum amount from the
|
||
start. Avoids direct malloc.
|
||
|
||
Closes #12846
|
||
|
||
- KNOWN_BUGS: unicode on Windows
|
||
|
||
Closes #11461
|
||
Closes #12231
|
||
Closes #12883
|
||
|
||
- tool_operate: change precedence of server Retry-After time
|
||
|
||
- When calculating the retry time, no longer allow a server's requested
|
||
Retry-After time to take precedence over a longer retry time (either
|
||
default algorithmic or user-specified).
|
||
|
||
Prior to this change the server's Retry-After time took precedence over
|
||
curl's retry time in all cases, but that's not always practical for
|
||
short Retry-After times depending on how busy the server is.
|
||
|
||
Bug: https://curl.se/mail/archive-2024-01/0022.html
|
||
Reported-by: Dirk Hünniger
|
||
|
||
Closes https://github.com/curl/curl/pull/12871
|
||
|
||
- cmdline-docs: quote and angle bracket cleanup
|
||
|
||
- make sure angle brackets are escaped
|
||
- remove a lot of superfluous double quotes
|
||
- replace several double quotes with backticks
|
||
|
||
To make nicer-looking markdown.
|
||
|
||
Closes #12884
|
||
|
||
- badwords: use hostname, not host name
|
||
|
||
and username, filename - consistently. Fixed the patterns in
|
||
badwords.txt to catch these.
|
||
|
||
Closes #12888
|
||
|
||
Viktor Szakats (6 Feb 2024)
|
||
|
||
- cmake: fix function description in comment [ci skip]
|
||
|
||
Closes #12879
|
||
|
||
Daniel Stenberg (6 Feb 2024)
|
||
|
||
- header.md: remove backslash, make nicer markdown
|
||
|
||
- remove a leftover backslash before a dash
|
||
- use backticks for "code" strings
|
||
|
||
Closes #12877
|
||
|
||
- docs: add mk-ca-bundle.1 to dist
|
||
|
||
... which also makes it get built. But don't build this or curl-config.1
|
||
if build docs is disabled.
|
||
|
||
Closes #12875
|
||
|
||
Stefan Eissing (6 Feb 2024)
|
||
|
||
- https-proxy: use IP address and cert with ip in alt names
|
||
|
||
- improve info logging when peer verification fails to indicate
|
||
if DNS name or ip address has been tried to match
|
||
- add test case for contacting https proxy with ip address
|
||
- add pytest env check on loaded credentials and re-issue
|
||
when they are no longer valid
|
||
- disable proxy ip address test for bearssl, since not supported there
|
||
|
||
Ref: #12831
|
||
Closes #12838
|
||
|
||
Jiawen Geng (6 Feb 2024)
|
||
|
||
- docs: add necessary setup for nghttp3
|
||
|
||
Now nghttp3 has submodules
|
||
https://github.com/ngtcp2/nghttp3/blob/main/.gitmodules
|
||
|
||
Closes #12859
|
||
|
||
Peter Krefting (6 Feb 2024)
|
||
|
||
- version: allow building with ancient libpsl
|
||
|
||
The psl_check_version_number() API was added in libpsl 0.11.0. CentOS 7
|
||
ships with version 0.7.0 which lacks this API. Revert to using the older
|
||
versioning API if we detect an old libpsl version.
|
||
|
||
Follow-up to 72bd88adde0e8cf6e63644a7d6df1da01a399db4
|
||
Bug: https://curl.se/mail/archive-2024-02/0004.html
|
||
Reported-by: Scott Mutter
|
||
Closes #12872
|
||
|
||
Daniel Stenberg (6 Feb 2024)
|
||
|
||
- TODO: Support latest rustls
|
||
|
||
Closes #12737
|
||
Closes #12874
|
||
|
||
- docs: make curldown do angle brackets like markdown
|
||
|
||
Make sure we use \< and \> in markdown all over so that it renders
|
||
correctly, on GitHub and elsewhere. cd2nroff now outputs a warning if it
|
||
finds an unescaled angle bracket.
|
||
|
||
Ref: #12854
|
||
Closes #12869
|
||
|
||
- docs: fix the --disable-docs for autotools
|
||
|
||
Follow-up to 541321507e386
|
||
|
||
Closes #12870
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- libcurl-security.md: Active FTP passes on the local IP address
|
||
|
||
Reported-by: Harry Sintonen
|
||
Closes #12867
|
||
|
||
Stefan Eissing (5 Feb 2024)
|
||
|
||
- configure: do not link with nghttp3 unless necessary
|
||
|
||
Fixes #12833
|
||
Closes #12864
|
||
Reported-by: Ryan Carsten Schmidt
|
||
|
||
Daniel Stenberg (5 Feb 2024)
|
||
|
||
- THANKS: add Dmitry Tretyakov
|
||
|
||
... since I missed to give credit to the report in the fix of #12861
|
||
|
||
Stefan Eissing (5 Feb 2024)
|
||
|
||
- openssl-quic: check on Windows that socket conv to int is possible
|
||
|
||
Fixes #12861
|
||
Closes #12865
|
||
|
||
Daniel Stenberg (5 Feb 2024)
|
||
|
||
- tool_cb_hdr: only parse etag + content-disposition for 2xx
|
||
|
||
... and ignore them for other response codes.
|
||
|
||
Reported-by: Harry Sintonen
|
||
Closes #12866
|
||
|
||
- md4: include strdup.h for the memdup proto
|
||
|
||
Reported-by: Erik Schnetter
|
||
Fixes #12849
|
||
Closes #12863
|
||
|
||
Joel Depooter (5 Feb 2024)
|
||
|
||
- docs: add missing slashes to SChannel client certificate documentation
|
||
|
||
When setting the CURLOPT_SSLCERT option to a certificate thumprint, it
|
||
is required to have a backslash between the "store location", "store
|
||
name" and "thumbprint" tokens. These slashes were present in the
|
||
previous documentation, but were missed in the transition to markdown
|
||
documentation.
|
||
|
||
Closes #12854
|
||
|
||
Stefan Eissing (5 Feb 2024)
|
||
|
||
- HTTP/2: write response directly
|
||
|
||
- use the new `Curl_xfer_write_resp()` to write incoming responses
|
||
directly to the client
|
||
- eliminates `stream->recvbuf`
|
||
- memory consumption on parallel transfers minimized
|
||
|
||
Closes #12828
|
||
|
||
Daniel Stenberg (5 Feb 2024)
|
||
|
||
- cookie.md: provide an example sending a fixed cookie
|
||
|
||
Closes #12868
|
||
|
||
Lars Kellogg-Stedman (5 Feb 2024)
|
||
|
||
- ALTSVC.md: correct a typo
|
||
|
||
The ALPN documentation erroneously referred to a "host number" instead
|
||
of a "port number".
|
||
|
||
Closes #12852
|
||
|
||
Boris Verkhovskiy (5 Feb 2024)
|
||
|
||
- proxy1.0.md: fix example
|
||
|
||
Closes #12856
|
||
|
||
Chris Webb (5 Feb 2024)
|
||
|
||
- configure: add --disable-docs flag
|
||
|
||
Building man pages from curldown sources now requires perl. Add a
|
||
--disable-docs flag to configure to enable building and installing
|
||
without documentation where perl is not available or man pages are not
|
||
required. This is selected automatically (with a warning) when perl is
|
||
not found by configure.
|
||
|
||
Fixes #12832
|
||
Closes #12857
|
||
|
||
Faraz Fallahi (5 Feb 2024)
|
||
|
||
- connect.c: fix typo
|
||
|
||
Closes #12858
|
||
|
||
Daniel Stenberg (1 Feb 2024)
|
||
|
||
- sendf: ignore response body to HEAD
|
||
|
||
and mark the stream for close, but return OK since the response this far
|
||
was ok - if headers were received. Partly because this is what curl has
|
||
done traditionally.
|
||
|
||
Test 499 verifies. Updates test 689.
|
||
|
||
Reported-by: Sergey Bronnikov
|
||
Bug: https://curl.se/mail/lib-2024-02/0000.html
|
||
Closes #12842
|
||
|
||
- ftp: treat a 226 arriving before data as a signal to read data
|
||
|
||
For active mode transfers.
|
||
|
||
Due to some interesting timing, curl can sometimes get the 226 (transfer
|
||
complete) over the control channel first, before the data connection
|
||
signals readability. If this happens, use that as a signal to check the
|
||
data connection.
|
||
|
||
Additionally, set the socket filter in listen mode *before* the
|
||
PORT/EPRT command is issued, to reduce the risk that the little time gap
|
||
could interfere.
|
||
|
||
This issue never reproduced for me on Debian and takes several hundred
|
||
rounds for me to trigger on my mac.
|
||
|
||
Reported-by: Stefan Eissing
|
||
Fixes #12823
|
||
Closes #12841
|
||
|
||
Patrick Monnerat (1 Feb 2024)
|
||
|
||
- OS400: avoid using awk in the build scripts
|
||
|
||
Awk is a PASE program and its use may cause a failure depending on the
|
||
CCSID of the calling script (IBM bug?).
|
||
|
||
For this reason, revert to an sed-only solution to extract the exported
|
||
symbols from the header files.
|
||
|
||
Closes #12826
|
||
|
||
Jan Macku (1 Feb 2024)
|
||
|
||
- docs: remove `mk-ca-bundle.1` from `man_MANS`
|
||
|
||
It was accidentally added in https://github.com/curl/curl/pull/12730
|
||
|
||
Co-authored-by: Lukáš Zaoral <lzaoral@redhat.com>
|
||
Signed-off-by: Jan Macku <jamacku@redhat.com>
|
||
|
||
Follow-up to eefcc1bda4bccd800f5a56a0fe17a2f44a96e88b
|
||
Closes #12843
|
||
|
||
Daniel Stenberg (1 Feb 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
and bump to 8.6.1 for now
|
||
|
||
- cmdline-docs/Makefile: avoid using a fixed temp file name
|
||
|
||
By appending the pid number two different runs at the same time will not
|
||
trample over the same file.
|
||
|
||
Reported-by: Jon Rumsey
|
||
Fixes #12829
|
||
Closes #12839
|
||
|
||
- asyn-thread: use wakeup_close to close the read descriptor
|
||
|
||
Reported-by: Dan Fandrich
|
||
Ref: #12834
|
||
Closes #12836
|
||
|
||
Stefan Eissing (1 Feb 2024)
|
||
|
||
- ntml_wb: fix buffer type typo
|
||
|
||
Closes #12825
|
||
|
||
Daniel Stenberg (1 Feb 2024)
|
||
|
||
- tool_operate: do not set CURLOPT_QUICK_EXIT in debug builds
|
||
|
||
Since it allows (small) memory leaks that interfere with torture tests
|
||
and regular memory-leak checks.
|
||
|
||
Reported-by: Dan Fandrich
|
||
Fixes #12834
|
||
Closes #12835
|
||
|
||
Boris Verkhovskiy (31 Jan 2024)
|
||
|
||
- form-string.md: correct the example
|
||
|
||
Closes #12822
|
||
|
||
Version 8.6.0 (31 Jan 2024)
|
||
|
||
Daniel Stenberg (31 Jan 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
curl 8.6.0
|
||
|
||
- THANKS: new contributors from 8.5.0
|
||
|
||
Jay Satiro (31 Jan 2024)
|
||
|
||
- cd2nroff: use perl 'strict' and 'warnings'
|
||
|
||
- Use strict and warnings pragmas.
|
||
|
||
- If open() fails then show the reason.
|
||
|
||
- Set STDIN io layer :crlf so that input is properly read on Windows.
|
||
|
||
- When STDIN is used as input, the filename $f is now set to "STDIN".
|
||
|
||
Various error messages in single() use $f for the filename and this way
|
||
it is not undefined when STDIN.
|
||
|
||
Closes https://github.com/curl/curl/pull/12819
|
||
|
||
Daniel Stenberg (30 Jan 2024)
|
||
|
||
- cd2nroff: fix duplicate output issue
|
||
|
||
Assisted-by: Jay Satiro
|
||
Fixes https://github.com/curl/curl-www/issues/321
|
||
Closes #12818
|
||
|
||
- lib: error out on multissl + http3
|
||
|
||
Since the QUIC/h3 code has no knowledge or handling of multissl it might
|
||
bring unintended consequences if we allow it.
|
||
|
||
configure, cmake and curl_setup.h all now reject this combination.
|
||
|
||
Assisted-by: Viktor Szakats
|
||
Assisted-by: Gisle Vanem
|
||
Ref: #12806
|
||
Closes #12807
|
||
|
||
Patrick Monnerat (29 Jan 2024)
|
||
|
||
- OS400: sync ILE/RPG binding
|
||
|
||
Also do not force git CRLF line endings on *.cmd files for OS400.
|
||
|
||
Closes #12815
|
||
|
||
Viktor Szakats (28 Jan 2024)
|
||
|
||
- build: delete/replace 3 more clang warning pragmas
|
||
|
||
- tool_msgs: delete redundant `-Wformat-nonliteral` suppression pragma.
|
||
|
||
- whitespace formatting in `mprintf.h`, lib518, lib537.
|
||
|
||
- lib518: fix wrong variable in `sizeof()`.
|
||
|
||
- lib518: bump variables to `rlim_t`.
|
||
Follow-up to e2b394106d543c4615a60795b7fdce04bd4e5090 #1469
|
||
|
||
- lib518: sync error message with lib537
|
||
Follow-up to 365322b8bcf9efb6a361473d227b70f2032212ce
|
||
|
||
- lib518, lib537: replace `-Wformat-nonliteral` suppression pragmas
|
||
by reworking test code.
|
||
|
||
Follow-up to 5b286c250829e06a135a6ba998e80beb7f43a734 #12812
|
||
Follow-up to aee4ebe59161d0a5281743f96e7738ad97fe1cd4 #12803
|
||
Follow-up to 09230127589eccc7e01c1a7217787ef8e64f3328 #12540
|
||
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12814
|
||
|
||
Richard Levitte (27 Jan 2024)
|
||
|
||
- cmake: freshen up docs/INSTALL.cmake
|
||
|
||
- Turn docs/INSTALL.cmake into a proper markdown file,
|
||
docs/INSTALL-CMAKE.md
|
||
- Move things around to divide the description into configuration,
|
||
building and installing sections
|
||
- Mention the more modern cmake options to configure, build and install,
|
||
but also retain the older variants as fallbacks
|
||
|
||
Closes #12772
|
||
|
||
Viktor Szakats (27 Jan 2024)
|
||
|
||
- build: delete/replace clang warning pragmas
|
||
|
||
- delete redundant warning suppressions for `-Wformat-nonliteral`.
|
||
This now relies on `CURL_PRINTF()` and it's theoratically possible
|
||
that this macro isn't active but the warning is. We're ignoring this
|
||
as a corner-case here.
|
||
|
||
- replace two pragmas with code changes to avoid the warnings.
|
||
|
||
Follow-up to aee4ebe59161d0a5281743f96e7738ad97fe1cd4 #12803
|
||
Follow-up to 09230127589eccc7e01c1a7217787ef8e64f3328 #12540
|
||
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12812
|
||
|
||
Daniel Stenberg (27 Jan 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- http: only act on 101 responses when they are HTTP/1.1
|
||
|
||
For 101 responses claiming to be any other protocol, bail out. This
|
||
would previously trigger an assert.
|
||
|
||
Add test 1704 to verify.
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66184
|
||
Closes #12811
|
||
|
||
Scarlett McAllister (27 Jan 2024)
|
||
|
||
- _VARIABLES.md: add missing 'be' into the sentence
|
||
|
||
Closes #12809
|
||
|
||
Stefan Eissing (27 Jan 2024)
|
||
|
||
- mqtt, remove remaining use of data->state.buffer
|
||
|
||
Closes #12799
|
||
|
||
Daniel Stenberg (27 Jan 2024)
|
||
|
||
- x509asn1: switch from malloc to dynbuf
|
||
|
||
Closes #12808
|
||
|
||
- x509asn1: make utf8asn1str() use dynbuf instead of malloc + memcpy
|
||
|
||
Closes #12808
|
||
|
||
- x509asn1: reduce malloc in Curl_extract_certinfo
|
||
|
||
Using dynbuf
|
||
|
||
Closes #12808
|
||
|
||
Jay Satiro (27 Jan 2024)
|
||
|
||
- THANKS: add Alexander Bartel and Brennan Kinney
|
||
|
||
They reported and investigated #10259 which was fixed by 7b2d98df.
|
||
|
||
Ref: https://github.com/curl/curl/issues/10259
|
||
|
||
Daniel Stenberg (26 Jan 2024)
|
||
|
||
- krb5: add prototype to silence clang warnings on mvsnprintf()
|
||
|
||
"error: format string is not a string literal"
|
||
|
||
Follow-up to 09230127589eccc7 which made the warning appear
|
||
|
||
Assisted-by: Viktor Szakats
|
||
Closes #12803
|
||
|
||
- x509asn1: remove code for WANT_VERIFYHOST
|
||
|
||
No code ever sets this anymore since we dropped gskit
|
||
|
||
Follow-up to 78d6232f1f326b9ab4d
|
||
|
||
Closes #12804
|
||
|
||
- socks: reduce the buffer size to 600 (from 8K)
|
||
|
||
This is malloc'ed memory and it does not more. Test 742 helps us verify
|
||
this.
|
||
|
||
Closes #12789
|
||
|
||
Stefan Eissing (26 Jan 2024)
|
||
|
||
- file+ftp: use stack buffers instead of data->state.buffer
|
||
|
||
Closes #12789
|
||
|
||
- vtls: receive max buffer
|
||
|
||
- do not only receive one TLS record, but try to fill
|
||
the passed buffer
|
||
- consider <4K remaning space is "filled".
|
||
|
||
Closes #12801
|
||
|
||
Daniel Stenberg (26 Jan 2024)
|
||
|
||
- docs: do not start lines/sentences with So, But nor And
|
||
|
||
Closes #12802
|
||
|
||
- docs: remove spurious ampersands from markdown
|
||
|
||
They were leftovers from the nroff conversion.
|
||
|
||
Follow-up to eefcc1bda4bccd800f5a5
|
||
|
||
Closes #12800
|
||
|
||
Patrick Monnerat (26 Jan 2024)
|
||
|
||
- sasl: make login option string override http auth
|
||
|
||
- Use http authentication mechanisms as a default, not a preset.
|
||
|
||
Consider http authentication options which are mapped to SASL options as
|
||
a default (overriding the hardcoded default mask for the protocol) that
|
||
is ignored if a login option string is given.
|
||
|
||
Prior to this change, if some HTTP auth options were given, sasl mapped
|
||
http authentication options to sasl ones but merged them with the login
|
||
options.
|
||
|
||
That caused problems with the cli tool that sets the http login option
|
||
CURLAUTH_BEARER as a side-effect of --oauth2-bearer, because this flag
|
||
maps to more than one sasl mechanisms and the latter cannot be cleared
|
||
individually by the login options string.
|
||
|
||
New test 992 checks this.
|
||
|
||
Fixes https://github.com/curl/curl/issues/10259
|
||
Closes https://github.com/curl/curl/pull/12790
|
||
|
||
Stefan Eissing (26 Jan 2024)
|
||
|
||
- socks: use own buffer instead of data->state.buffer
|
||
|
||
Closes #12788
|
||
|
||
Daniel Stenberg (26 Jan 2024)
|
||
|
||
- socks: fix generic output string to say SOCKS instead of SOCKS4
|
||
|
||
... since it was also logged for SOCKS5.
|
||
|
||
Closes #12797
|
||
|
||
- test742: test SOCKS5 with max length user, password and hostname
|
||
|
||
Adjusted the socksd server accordingly to allow for configuring that
|
||
long user name and password.
|
||
|
||
Closes #12797
|
||
|
||
Stefan Eissing (25 Jan 2024)
|
||
|
||
- ssh: use stack scratch buffer for seeks
|
||
|
||
- instead of data->state.buffer
|
||
|
||
Closes #12794
|
||
|
||
Daniel Stenberg (25 Jan 2024)
|
||
|
||
- krb5: access the response buffer correctly
|
||
|
||
As the pingpong code no longer uses the download buffer.
|
||
|
||
Folllow-up to c2d973627bab12ab
|
||
Pointed-out-by: Stefan Eissing
|
||
Closes #12796
|
||
|
||
Stefan Eissing (25 Jan 2024)
|
||
|
||
- mqtt: use stack scratch buffer for recv+publish
|
||
|
||
- instead of data->state.buffer
|
||
|
||
Closes #12792
|
||
|
||
- telnet, use stack scratch buffer for do
|
||
|
||
- instead of data->state.buffer
|
||
|
||
Closes #12793
|
||
|
||
- http, use stack scratch buffer
|
||
|
||
- instead of data->state.buffer
|
||
|
||
Closes #12791
|
||
|
||
- ntlm_wb: do not use data->state.buf any longer
|
||
|
||
Closes #12787
|
||
|
||
- gitignore: the generated `libcurl-symbols.md`
|
||
|
||
Closes #12795
|
||
|
||
Daniel Stenberg (25 Jan 2024)
|
||
|
||
- tool: fix the listhelp generation command
|
||
|
||
The previous command line to generate the tool_listhelp.c source file
|
||
broke with 2494b8dd5175cee7.
|
||
|
||
Make 'make listhelp' invoked in src/ generate it. Also update the
|
||
comment in the file to mention the right procedure.
|
||
|
||
Closes #12786
|
||
|
||
- http: check for "Host:" case insensitively
|
||
|
||
When checking if the user wants to replace the header, the check should
|
||
be case insensitive.
|
||
|
||
Adding test 461 to verify
|
||
|
||
Found-by: Dan Fandrich
|
||
Ref: #12782
|
||
Closes #12784
|
||
|
||
Tatsuhiro Tsujikawa (25 Jan 2024)
|
||
|
||
- configure: add libngtcp2_crypto_boringssl detection
|
||
|
||
If OpenSSL is found to be BoringSSL or AWS-LC, and ngtcp2 is requested,
|
||
try to detect libngtcp2_crypto_boringssl.
|
||
|
||
Reported-by: ウさん
|
||
Fixes #12724
|
||
Closes #12769
|
||
|
||
Daniel Stenberg (25 Jan 2024)
|
||
|
||
- http: remove comment reference to a removed solution
|
||
|
||
Follow-up to 58974d25d
|
||
|
||
Closes #12785
|
||
|
||
Stefan Eissing (25 Jan 2024)
|
||
|
||
- pytest: Scorecard tracking CPU and RSS
|
||
|
||
Closes #12765
|
||
|
||
Graham Campbell (25 Jan 2024)
|
||
|
||
- GHA: bump ngtcp2, gnutls, mod_h2, quiche
|
||
|
||
- ngtcp2 to v1.2.0
|
||
- gnutls to 3.8.3
|
||
- mod_h2 to 2.0.26
|
||
- quiche to 0.20.0
|
||
|
||
Closes #12778
|
||
Closes #12779
|
||
Closes #12780
|
||
Closes #12781
|
||
|
||
Daniel Stenberg (25 Jan 2024)
|
||
|
||
- ftpserver.pl: send 213 SIZE response without spurious newline
|
||
|
||
- pingpong: stop using the download buffer
|
||
|
||
The pingpong logic now uses its own dynbuf for receiving command
|
||
response data.
|
||
|
||
When the "final" response header for a commanad has been received, that
|
||
final line is left first in the recvbuf for the protocols to parse at
|
||
will. If there is additional data behind the final response line, the
|
||
'overflow' counter is indicate how many bytes.
|
||
|
||
Closes #12757
|
||
|
||
- gen.pl: remove bold from .IP used for ##
|
||
|
||
Reported-by: Viktor Szakats
|
||
Fixes #12776
|
||
Closes #12777
|
||
|
||
Viktor Szakats (24 Jan 2024)
|
||
|
||
- cmake: rework options to enable curl and libcurl docs
|
||
|
||
Rework CMake options for building/using curl tool and libcurl manuals.
|
||
|
||
- rename `ENABLE_MANUAL` to `ENABLE_CURL_MANUAL`, meaning:
|
||
to build man page and built-in manual for curl tool.
|
||
|
||
- rename `BUILD_DOCS` to `BUILD_LIBCURL_DOCS`, meaning:
|
||
to build man pages for libcurl.
|
||
|
||
- `BUILD_LIBCURL_DOCS` now works without having to enable
|
||
`ENABLE_CURL_MANUAL` too.
|
||
|
||
- drop support for existing CMake-level `USE_MANUAL` option to avoid
|
||
confusion. (It used to work with the effect of current
|
||
`ENABLE_CURL_MANUAL`, but only by accident.)
|
||
|
||
Assisted-by: Richard Levitte
|
||
Ref: #12771
|
||
Closes #12773
|
||
|
||
Daniel Stenberg (24 Jan 2024)
|
||
|
||
- urlapi: remove assert
|
||
|
||
This assert triggers wrongly when CURLU_GUESS_SCHEME and
|
||
CURLU_NO_AUTHORITY are both set and the URL is a single path.
|
||
|
||
I think this assert has played out its role. It was introduced in a
|
||
rather big refactor.
|
||
|
||
Follow-up to 4cfa5bcc9a
|
||
|
||
Reported-by: promptfuzz_ on hackerone
|
||
Closes #12775
|
||
|
||
Patrick Monnerat (24 Jan 2024)
|
||
|
||
- tests: avoid int/size_t conversion size/sign warnings
|
||
|
||
Closes #12768
|
||
|
||
Daniel Stenberg (24 Jan 2024)
|
||
|
||
- GHA: add a job scanning for "bad words" in markdown
|
||
|
||
This means words, phrases or things we have decided not to use - words that
|
||
are spelled right according to the dictionary but we want to avoid. In the
|
||
name of consistency and better documentation.
|
||
|
||
Closes #12764
|
||
|
||
Viktor Szakats (23 Jan 2024)
|
||
|
||
- cmake: speed up curldown processing, enable by default
|
||
|
||
- cmake: enable `BUILD_DOCS` by default (this controls converting and
|
||
installing `.3` files from `.md` sources)
|
||
|
||
- cmake: speed up generating `.3` files by using a single command per
|
||
directory, instead of a single command per file. This reduces external
|
||
commands by about a thousand. (There remains some CMake logic kicking
|
||
in resulting in 500 -one per file- external `-E touch_nocreate` calls.)
|
||
|
||
- cd2nroff: add ability to process multiple input files.
|
||
|
||
- cd2nroff: add `-k` option to use the source filename to form the
|
||
output filename. (instead of the default in-file `Title:` line.)
|
||
|
||
Follow-up to 3f08d80b2244524646ce86915c585509ac54fb4c
|
||
Follow-up to ea0b575dab86a3c44dd1d547dc500276266aa382 #12753
|
||
Follow-up to eefcc1bda4bccd800f5a56a0fe17a2f44a96e88b #12730
|
||
|
||
Closes #12762
|
||
|
||
Richard Levitte (23 Jan 2024)
|
||
|
||
- docs: install curl.1 with cmake as well
|
||
|
||
Closes #12759
|
||
|
||
Daniel Stenberg (23 Jan 2024)
|
||
|
||
- osslq: remove the TLS library from the version output
|
||
|
||
Since we only support using a single TLS library at any one time, we
|
||
know that the TLS library for QUIC is the same that is also shown for
|
||
regular TLS.
|
||
|
||
Fixes #12763
|
||
Reported-by: Viktor Szakats
|
||
Closes #12767
|
||
|
||
Stefan Eissing (23 Jan 2024)
|
||
|
||
- CI: remove unnecessary OpenSSL 3 option `enable-tls1_3`
|
||
|
||
.. and switch OpenSSL 3 libdir from lib64 to lib for consistency.
|
||
|
||
Closes https://github.com/curl/curl/pull/12758
|
||
|
||
- GHA: bump nghttp2 version to v1.59.0
|
||
|
||
- Switch to v1.59.0 for GHA CI jobs that use a specific nghttp2-version.
|
||
|
||
Closes https://github.com/curl/curl/pull/12766
|
||
|
||
Daniel Stenberg (23 Jan 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- docs/cmdline: change to .md for cmdline docs
|
||
|
||
- switch all invidual files documenting command line options into .md,
|
||
as the documentation is now markdown-looking.
|
||
|
||
- made the parser treat 4-space indents as quotes
|
||
|
||
- switch to building the curl.1 manpage using the "mainpage.idx" file,
|
||
which lists the files to include to generate it, instead of using the
|
||
previous page-footer/headers. Also, those files are now also .md
|
||
ones, using the same format. I gave them underscore prefixes to make
|
||
them sort separately:
|
||
_NAME.md, _SYNOPSIS.md, _DESCRIPTION.md, _URL.md, _GLOBBING.md,
|
||
_VARIABLES.md, _OUTPUT.md, _PROTOCOLS.md, _PROGRESS.md, _VERSION.md,
|
||
_OPTIONS.md, _FILES.md, _ENVIRONMENT.md, _PROXYPREFIX.md,
|
||
_EXITCODES.md, _BUGS.md, _AUTHORS.md, _WWW.md, _SEEALSO.md
|
||
|
||
- updated test cases accordingly
|
||
|
||
Closes #12751
|
||
|
||
dependabot[bot] (23 Jan 2024)
|
||
|
||
- CI: bump actions/cache from 3 to 4
|
||
|
||
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
|
||
- [Release notes](https://github.com/actions/cache/releases)
|
||
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
|
||
- [Commits](https://github.com/actions/cache/compare/v3...v4)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: actions/cache
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
Closes #12756
|
||
|
||
Daniel Stenberg (23 Jan 2024)
|
||
|
||
- openssl: when verifystatus fails, remove session id from cache
|
||
|
||
To prevent that it gets used in a subsequent transfer that skips the
|
||
verifystatus check since that check can't be done when the session id is
|
||
reused.
|
||
|
||
Reported-by: Hiroki Kurosawa
|
||
Closes #12760
|
||
|
||
Viktor Szakats (23 Jan 2024)
|
||
|
||
- cmake: add option to disable building docs
|
||
|
||
Richard Levitte (23 Jan 2024)
|
||
|
||
- cmake: use curldown to build man pages
|
||
|
||
This throws away the previous HTML and PDF producers, to mimic what
|
||
Makefile.am does as faithfully as possible.
|
||
|
||
Closes #12753
|
||
|
||
Daniel Stenberg (23 Jan 2024)
|
||
|
||
- mksymbolsmanpage.pl: provide references to where the symbol is used
|
||
|
||
- docs: introduce "curldown" for libcurl man page format
|
||
|
||
curldown is this new file format for libcurl man pages. It is markdown
|
||
inspired with differences:
|
||
|
||
- Each file has a set of leading headers with meta-data
|
||
- Supports a small subset of markdown
|
||
- Uses .md file extensions for editors/IDE/GitHub to treat them nicely
|
||
- Generates man pages very similar to the previous ones
|
||
- Generates man pages that still convert nicely to HTML on the website
|
||
- Detects and highlights mentions of curl symbols automatically (when
|
||
their man page section is specified)
|
||
|
||
tools:
|
||
|
||
- cd2nroff: converts from curldown to nroff man page
|
||
- nroff2cd: convert an (old) nroff man page to curldown
|
||
- cdall: convert many nroff pages to curldown versions
|
||
- cd2cd: verifies and updates a curldown to latest curldown
|
||
|
||
This setup generates .3 versions of all the curldown versions at build time.
|
||
|
||
CI:
|
||
|
||
Since the documentation is now technically markdown in the eyes of many
|
||
things, the CI runs many more tests and checks on this documentation,
|
||
including proselint, link checkers and tests that make sure we capitalize the
|
||
first letter after a period...
|
||
|
||
Closes #12730
|
||
|
||
Viktor Szakats (22 Jan 2024)
|
||
|
||
- libssh2: use `libssh2_session_callback_set2()` with v1.11.1
|
||
|
||
To avoid a local hack to pass function pointers and to avoid
|
||
deprecation warnings when building with libssh2 v1.11.1 or newer:
|
||
```
|
||
lib/vssh/libssh2.c:3324:5: warning: 'libssh2_session_callback_set' is depreca
|
||
ted: since libssh2 1.11.1. Use libssh2_session_callback_set2() [-Wdeprecated-
|
||
declarations]
|
||
lib/vssh/libssh2.c:3326:5: warning: 'libssh2_session_callback_set' is depreca
|
||
ted: since libssh2 1.11.1. Use libssh2_session_callback_set2() [-Wdeprecated-
|
||
declarations]
|
||
```
|
||
Ref: https://github.com/curl/curl-for-win/actions/runs/7609484879/job/2072082
|
||
1100#step:3:4982
|
||
|
||
Ref: https://github.com/libssh2/libssh2/pull/1285
|
||
Ref: https://github.com/libssh2/libssh2/commit/c0f69548be902147ce014ffa40b8db
|
||
3cf1d4b0b4
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12754
|
||
|
||
Daniel Stenberg (22 Jan 2024)
|
||
|
||
- transfer: make the select_bits_paused condition check both directions
|
||
|
||
If there is activity in a direction that is not paused, return false.
|
||
|
||
Reported-by: Sergey Bronnikov
|
||
Bug: https://curl.se/mail/lib-2024-01/0049.html
|
||
Closes #12740
|
||
|
||
Stefan Eissing (22 Jan 2024)
|
||
|
||
- http3: initial support for OpenSSL 3.2 QUIC stack
|
||
|
||
- HTTP/3 for curl using OpenSSL's own QUIC stack together
|
||
with nghttp3
|
||
- configure with `--with-openssl-quic` to enable curl to
|
||
build this. This requires the nghttp3 library
|
||
- implementation with the following restrictions:
|
||
* macOS has to use an unconnected UDP socket due to an
|
||
issue in OpenSSL's datagram implementation
|
||
See https://github.com/openssl/openssl/issues/23251
|
||
This makes connections to non-reponsive servers hang.
|
||
* GET requests will send the indicator that they have
|
||
no body in a separate QUIC packet. This may result
|
||
in processing delays or Transfer-Encodings on proxied
|
||
requests
|
||
* uploads that encounter blocks will use 100% cpu as
|
||
detection of these flow control issue is not working
|
||
(we have not figured out to pry that from OpenSSL).
|
||
|
||
Closes #12734
|
||
|
||
Viktor Szakats (22 Jan 2024)
|
||
|
||
- cmake: fix `ENABLE_MANUAL` option
|
||
|
||
Fix the `ENABLE_MANUAL` option. Set it to default to `OFF`.
|
||
|
||
Before this patch `ENABLE_MANUAL=ON` was a no-op, even though it was the
|
||
option designed to enable building and using the built-in curl manual.
|
||
(`USE_MANUAL=ON` option worked for this instead, by accident).
|
||
|
||
Ref: https://github.com/curl/curl/pull/12730#issuecomment-1902572409
|
||
Closes #12749
|
||
|
||
Mohammadreza Hendiani (19 Jan 2024)
|
||
|
||
- TODO: update broken link to ratelimit-headers draft
|
||
|
||
Closes #12741
|
||
|
||
Daniel Stenberg (19 Jan 2024)
|
||
|
||
- cmake: when USE_MANUAL=YES, build the curl.1 man page
|
||
|
||
Fixes KNOWN_BUG 15.4
|
||
|
||
Closes #12742
|
||
|
||
- cmdline-opts/write-out.d: remove spurious double quotes
|
||
|
||
Stefan Eissing (19 Jan 2024)
|
||
|
||
- rtsp: Convert assertion into debug log
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65934
|
||
|
||
- write excess bytes to the client where the standard excess bytes
|
||
checks will report any wrongness and fail the transfer
|
||
|
||
Fixes #12738
|
||
Closes #12739
|
||
|
||
Daniel Stenberg (19 Jan 2024)
|
||
|
||
- headers: remove assert from Curl_headers_push
|
||
|
||
The fuzzer managed to reach the function without a terminating CR or LF
|
||
so let's handle it normally. While there, remove the goto.
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65839
|
||
|
||
Closes #12721
|
||
|
||
- curl_easy_getinfo.3: remove the wrong time value count
|
||
|
||
It said "six" time values but they are eight by now. Remove the mention
|
||
of the amount.
|
||
|
||
Closes #12727
|
||
|
||
Viktor Szakats (18 Jan 2024)
|
||
|
||
- mbedtls: fix `-Wnull-dereference` and `-Wredundant-decls`
|
||
|
||
- Silence warning in mbedTLS v3.5.1 public headers:
|
||
```
|
||
./mbedtls/_x64-linux-musl/usr/include/psa/crypto_extra.h:489:14: warning: r
|
||
edundant redeclaration of 'psa_set_key_domain_parameters' [-Wredundant-decls]
|
||
./mbedtls/_x64-linux-musl/usr/include/psa/crypto_struct.h:354:14: note: pre
|
||
vious declaration of 'psa_set_key_domain_parameters' was here
|
||
```
|
||
Ref: https://github.com/libssh2/libssh2/commit/ecec68a2c13a9c63fe8c2dc457ae
|
||
785a513e157c
|
||
Ref: https://github.com/libssh2/libssh2/pull/1226
|
||
|
||
- Fix compiler warnings seen with gcc 9.2.0 + cmake unity:
|
||
```
|
||
./curl/lib/vtls/mbedtls.c: In function 'mbedtls_bio_cf_read':
|
||
./curl/lib/vtls/mbedtls.c:189:11: warning: null pointer dereference [-Wnull
|
||
-dereference]
|
||
189 | nread = Curl_conn_cf_recv(cf->next, data, (char *)buf, blen, &res
|
||
ult);
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
~~~~
|
||
./curl/lib/vtls/mbedtls.c: In function 'mbedtls_bio_cf_write':
|
||
./curl/lib/vtls/mbedtls.c:168:14: warning: null pointer dereference [-Wnull
|
||
-dereference]
|
||
168 | nwritten = Curl_conn_cf_send(cf->next, data, (char *)buf, blen, &
|
||
result);
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
~~~~~~~
|
||
```
|
||
|
||
- delete stray `#else`.
|
||
|
||
Closes #12720
|
||
|
||
Daniel Stenberg (17 Jan 2024)
|
||
|
||
- docs: cleanup nroff format use
|
||
|
||
- remove use of .BI for code snippet
|
||
- stop using .br, just do a blank line
|
||
- remove use of .PP
|
||
- remove use for .sp
|
||
- remove backslash in .IP
|
||
- use .IP instead of .TP
|
||
|
||
Closes #12731
|
||
|
||
Stefan Eissing (17 Jan 2024)
|
||
|
||
- test2307: fix expected failure code after ws refactoring
|
||
|
||
Fixes #12722
|
||
Closes #12728
|
||
|
||
Jay Satiro (17 Jan 2024)
|
||
|
||
- cf-socket: show errno in tcpkeepalive error messages
|
||
|
||
- If the socket keepalive options (TCP_KEEPIDLE, etc) cannot be set
|
||
then show the errno in the verbose error messages.
|
||
|
||
Ref: https://github.com/curl/curl/discussions/12715#discussioncomment-8151652
|
||
|
||
Closes https://github.com/curl/curl/pull/12726
|
||
|
||
- tool_getparam: stop supporting `@filename` style for --cookie
|
||
|
||
The `@filename` style was never documented for --cookie <data|filename>
|
||
but prior to this change curl would accept it anyway and always treat a
|
||
@ prefixed string as a filename.
|
||
|
||
That's a problem if the string also contains a = sign because then it is
|
||
documented to be interpreted as a cookie string and not a filename.
|
||
|
||
Example:
|
||
|
||
`--cookie @foo=bar`
|
||
|
||
Before: Interpreted as load cookies from filename foo=bar.
|
||
|
||
After: Interpreted as cookie `@foo=bar` (name `@foo` and value `bar`).
|
||
|
||
Other curl options with a data/filename option-value use the `@filename`
|
||
to distinguish filenames which is probably how this happened. The
|
||
--cookie option has never been documented that way.
|
||
|
||
Ref: https://curl.se/docs/manpage.html#-b
|
||
|
||
Closes https://github.com/curl/curl/pull/12645
|
||
|
||
Stefan Eissing (16 Jan 2024)
|
||
|
||
- websockets: refactor decode chain
|
||
|
||
- use client writer stack for decoding frames
|
||
- move websocket protocol handler to ws.c
|
||
|
||
Closes #12713
|
||
|
||
- websockets: check for negative payload lengths
|
||
|
||
- in en- and decoding, check the websocket frame payload lengths for
|
||
negative values (from curl_off_t) and error the operation in that case
|
||
- add test 2307 to verify
|
||
|
||
Closes #12707
|
||
|
||
Daniel Stenberg (16 Jan 2024)
|
||
|
||
- docs: mention env vars not used by schannel
|
||
|
||
Ref: #12704
|
||
|
||
Co-authored-by: Jay Satiro <raysatiro@yahoo.com>
|
||
|
||
Closes #12711
|
||
|
||
- tool_operate: make --remove-on-error only remove "real" files
|
||
|
||
Reported-by: Harry Sintonen
|
||
Assisted-by: Dan Fandrich
|
||
|
||
Closes #12710
|
||
|
||
Jay Wu (16 Jan 2024)
|
||
|
||
- url: don't set default CA paths for Secure Transport backend
|
||
|
||
As the default for this backend is the native CA store.
|
||
|
||
Closes #12704
|
||
|
||
Lin Sun (16 Jan 2024)
|
||
|
||
- asyn-ares: with modern c-ares, use its default timeout
|
||
|
||
Closes #12703
|
||
|
||
Daniel Stenberg (15 Jan 2024)
|
||
|
||
- tool_operate: stop setting the file comment on Amiga
|
||
|
||
- the URL is capped at 80 cols, which ruins it if longer
|
||
- it does not strip off URL credentials
|
||
- it is done unconditonally, not on --xattr
|
||
- we don't have Amiga in the CI which makes fixing it blindly fragile
|
||
|
||
Someone who builds and tests on Amiga can add it back correctly in a
|
||
future if there is a desire.
|
||
|
||
Reported-by: Harry Sintonen
|
||
Closes #12709
|
||
|
||
Stefan Eissing (15 Jan 2024)
|
||
|
||
- rtsp: deal with borked server responses
|
||
|
||
- enforce a response body length of 0, if the
|
||
response has no Content-lenght. This is according
|
||
to the RTSP spec.
|
||
- excess bytes in a response body are forwarded to
|
||
the client writers which will report and fail the
|
||
transfer
|
||
|
||
Follow-up to d7b6ce6
|
||
Fixes #12701
|
||
Closes #12706
|
||
|
||
Daniel Stenberg (14 Jan 2024)
|
||
|
||
- version: show only the libpsl version, not its dependencies
|
||
|
||
The libpsl version output otherwise also includes version number for its
|
||
dependencies, like IDN lib, but since libcurl does not use libpsl's IDN
|
||
functionality those components are not important.
|
||
|
||
Ref: https://github.com/curl/curl-for-win/issues/63
|
||
Closes #12700
|
||
|
||
Brad Harder (14 Jan 2024)
|
||
|
||
- curl.h: CURLOPT_DNS_SERVERS is only available with c-ares
|
||
|
||
Closes #12695
|
||
|
||
Daniel Stenberg (14 Jan 2024)
|
||
|
||
- cmdline-opts/gen.pl: error on initital blank line
|
||
|
||
After the "---" separator, there should be no blank line and this script
|
||
now errors out if one is detected.
|
||
|
||
Ref: #12696
|
||
Closes #12698
|
||
|
||
- cf-h1-proxy: no CURLOPT_USERAGENT in CONNECT with hyper
|
||
|
||
Follow-up to 693cd1679361828a which was incomplete
|
||
|
||
Ref #12680
|
||
Closes #12697
|
||
|
||
- curl_multi_fdset.3: remove mention of null pointer support
|
||
|
||
... since this funtion has not supported null pointer fd_set arguments since
|
||
at least 2006. (That's when I stopped my git blame journey)
|
||
|
||
Fixes #12691
|
||
Reported-by: sfan5 on github
|
||
Closes #12692
|
||
|
||
Mark Huang (14 Jan 2024)
|
||
|
||
- docs/cmdline: remove unnecessary line breaks
|
||
|
||
Closes #12696
|
||
|
||
Daniel Stenberg (14 Jan 2024)
|
||
|
||
- transfer: remove warning: Value stored to 'blen' is never read
|
||
|
||
Detected by scan-build
|
||
|
||
Follow-up from 1cd2f0072f
|
||
|
||
Closes #12693
|
||
|
||
Stefan Eissing (13 Jan 2024)
|
||
|
||
- lib: replace readwrite with write_resp
|
||
|
||
This clarifies the handling of server responses by folding the code for
|
||
the complicated protocols into their protocol handlers. This concerns
|
||
mainly HTTP and its bastard sibling RTSP.
|
||
|
||
The terms "read" and "write" are often used without clear context if
|
||
they refer to the connect or the client/application side of a
|
||
transfer. This PR uses "read/write" for operations on the client side
|
||
and "send/receive" for the connection, e.g. server side. If this is
|
||
considered useful, we can revisit renaming of further methods in another
|
||
PR.
|
||
|
||
Curl's protocol handler `readwrite()` method been changed:
|
||
|
||
```diff
|
||
- CURLcode (*readwrite)(struct Curl_easy *data, struct connectdata *conn,
|
||
- const char *buf, size_t blen,
|
||
- size_t *pconsumed, bool *readmore);
|
||
+ CURLcode (*write_resp)(struct Curl_easy *data, const char *buf, size_t ble
|
||
n,
|
||
+ bool is_eos, bool *done);
|
||
```
|
||
|
||
The name was changed to clarify that this writes reponse data to the
|
||
client side. The parameter changes are:
|
||
|
||
* `conn` removed as it always operates on `data->conn`
|
||
* `pconsumed` removed as the method needs to handle all data on success
|
||
* `readmore` removed as no longer necessary
|
||
* `is_eos` as indicator that this is the last call for the transfer
|
||
response (end-of-stream).
|
||
* `done` TRUE on return iff the transfer response is to be treated as
|
||
finished
|
||
|
||
This change affects many files only because of updated comments in
|
||
handlers that provide no implementation. The real change is that the
|
||
HTTP protocol handlers now provide an implementation.
|
||
|
||
The HTTP protocol handlers `write_resp()` implementation will get passed
|
||
**all** raw data of a server response for the transfer. The HTTP/1.x
|
||
formatted status and headers, as well as the undecoded response
|
||
body. `Curl_http_write_resp_hds()` is used internally to parse the
|
||
response headers and pass them on. This method is public as the RTSP
|
||
protocol handler also uses it.
|
||
|
||
HTTP/1.1 "chunked" transport encoding is now part of the general
|
||
*content encoding* writer stack, just like other encodings. A new flag
|
||
`CLIENTWRITE_EOS` was added for the last client write. This allows
|
||
writers to verify that they are in a valid end state. The chunked
|
||
decoder will check if it indeed has seen the last chunk.
|
||
|
||
The general response handling in `transfer.c:466` happens in function
|
||
`readwrite_data()`. This mainly operates now like:
|
||
|
||
```
|
||
static CURLcode readwrite_data(data, ...)
|
||
{
|
||
do {
|
||
Curl_xfer_recv_resp(data, buf)
|
||
...
|
||
Curl_xfer_write_resp(data, buf)
|
||
...
|
||
} while(interested);
|
||
...
|
||
}
|
||
```
|
||
|
||
All the response data handling is implemented in
|
||
`Curl_xfer_write_resp()`. It calls the protocol handler's `write_resp()`
|
||
implementation if available, or does the default behaviour.
|
||
|
||
All raw response data needs to pass through this function. Which also
|
||
means that anyone in possession of such data may call
|
||
`Curl_xfer_write_resp()`.
|
||
|
||
Closes #12480
|
||
|
||
Daniel Stenberg (13 Jan 2024)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- TODO: TFTP doesn't convert LF to CRLF for mode=netascii
|
||
|
||
Closes #12655
|
||
Closes #12690
|
||
|
||
- gen: do italics/bold for a range of letters, not just single word
|
||
|
||
Previously it would match only on a sequence of non-space, which made it
|
||
miss to highlight for example "public suffix list".
|
||
|
||
Updated the recent cookie.d edit from 5da57193b732 to use bold instead
|
||
of italics.
|
||
|
||
Closes #12689
|
||
|
||
- docs: describe and highlight super cookies
|
||
|
||
Reported-by: Yadhu Krishna M
|
||
|
||
Closes #12687
|
||
|
||
- configure: when enabling QUIC, check that TLS supports QUIC
|
||
|
||
Most importantly perhaps is when using OpenSSL that the used
|
||
build/flavor has the QUIC API: the vanilla OpenSSL does not, only
|
||
BoringSSL, libressl, AWS-LC and quictls do.
|
||
|
||
Ref: https://github.com/curl/curl/commit/5d044ad9480a9f556f4b6a252d7533b1ba7f
|
||
e57e#r136780413
|
||
|
||
Closes #12683
|
||
|
||
Stefan Eissing (11 Jan 2024)
|
||
|
||
- vquic: extract TLS setup into own source
|
||
|
||
- separate ngtcp2 specific parts out
|
||
- provide callback during init to allow ngtcp2 to apply its defaults
|
||
|
||
Closes #12678
|
||
|
||
Sergey Markelov (11 Jan 2024)
|
||
|
||
- multi: remove total timer reset in file_do() while fetching file://
|
||
|
||
The total timer is properly reset in MSTATE_INIT. MSTATE_CONNECT starts
|
||
with resetting the timer that is a start point for further multi states.
|
||
If file://, MSTATE_DO calls file_do() that should not reset the total
|
||
timer. Otherwise, the total time is always less than the pre-transfer
|
||
and the start transfer times.
|
||
|
||
Closes #12682
|
||
|
||
Daniel Stenberg (11 Jan 2024)
|
||
|
||
- http_proxy: a blank CURLOPT_USERAGENT should not be used in CONNECT
|
||
|
||
Extended test 80 to verify this.
|
||
|
||
Reported-by: Stefan Eissing
|
||
Fixes #12680
|
||
Closes #12681
|
||
|
||
- sectransp: do verify_cert without memdup for blobs
|
||
|
||
Since the information is then already stored in memory, this can avoid
|
||
an extra set of malloc + free calls.
|
||
|
||
Closes #12679
|
||
|
||
- hsts: remove assert for zero length domain
|
||
|
||
A zero length domain can happen if the HSTS parser is given invalid
|
||
input data which is not unheard of and is done by the fuzzer.
|
||
|
||
Follow-up from cfe7902111ae547873
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65661
|
||
|
||
Closes #12676
|
||
|
||
- headers: make sure the trailing newline is not stored
|
||
|
||
extended test1940 to verify blank header fields too
|
||
|
||
Bug: https://curl.se/mail/lib-2024-01/0019.html
|
||
Reported-by: Dmitry Karpov
|
||
Closes #12675
|
||
|
||
- curl_easy_header.3: tiny language fix
|
||
|
||
Closes #12672
|
||
|
||
- examples/range.c: add
|
||
|
||
Closes #12671
|
||
|
||
- examples/netrc.c: add
|
||
|
||
Closes #12671
|
||
|
||
- examples/ipv6.c: new example showing IPv6-only internet transfer
|
||
|
||
Closes #12671
|
||
|
||
- examples/address-scope.c: renamed from ipv6.c
|
||
|
||
It shows address scope use really
|
||
|
||
Closes #12671
|
||
|
||
Stefan Eissing (9 Jan 2024)
|
||
|
||
- multi: pollset adjust, init with FIRSTSOCKET during connect
|
||
|
||
- `conn->sockfd` is set by `Curl_setup_transfer()`, but that
|
||
is called *after* the connection has been established
|
||
- use `conn->sock[FIRSTSOCKET]` instead
|
||
|
||
Follow-up to a0f94800d507de
|
||
Closes #12664
|
||
|
||
Daniel Stenberg (9 Jan 2024)
|
||
|
||
- WEBSOCKET.md: remove dead link
|
||
|
||
- CI: spellcheck/appveyor: invoke configure --without-libpsl
|
||
|
||
Follow-up to 2998874bb61ac6
|
||
|
||
- cmdline/docs/*.d: switch to using ## instead of .IP
|
||
|
||
To make the editing easier. To write and to read.
|
||
|
||
Closes #12667
|
||
|
||
- gen.pl: support ## for doing .IP in table-like lists
|
||
|
||
Warn on use of .RS/.IP/.RE
|
||
|
||
Closes #12667
|
||
|
||
Jay Satiro (9 Jan 2024)
|
||
|
||
- cookie.d: Document use of empty string to enable cookie engine
|
||
|
||
- Explain that --cookie "" can be used to enable the cookie engine
|
||
without reading any initial cookies.
|
||
|
||
As is documented in CURLOPT_COOKIEFILE.
|
||
|
||
Ref: https://curl.se/libcurl/c/CURLOPT_COOKIEFILE.html
|
||
|
||
Bug: https://github.com/curl/curl/issues/12643#issuecomment-1879844420
|
||
Reported-by: janko-js@users.noreply.github.com
|
||
|
||
Closes https://github.com/curl/curl/pull/12646
|
||
|
||
Daniel Stenberg (9 Jan 2024)
|
||
|
||
- setopt: use memdup0 when cloning COPYPOSTFIELDS
|
||
|
||
Closes #12651
|
||
|
||
- telnet: use dynbuf instad of malloc for escape buffer
|
||
|
||
Previously, send_telnet_data() would malloc + free a buffer every time
|
||
for escaping IAC codes. Now, it reuses a dynbuf for this purpose.
|
||
|
||
Closes #12652
|
||
|
||
- CI: install libpsl or configure --without-libpsl in builds
|
||
|
||
As a follow-up to the stricted libpsl check in configure
|
||
|
||
- configure: make libpsl detection failure cause error
|
||
|
||
To force users to explictily disable it if they really don't want it
|
||
used and make it harder to accidentally miss it.
|
||
|
||
--without-libpsl is the option to use if PSL is not wanted.
|
||
|
||
Closes #12661
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- pop3: replace calloc + memcpy with memdup0
|
||
|
||
... and make sure to return error on out of memory.
|
||
|
||
Closes #12650
|
||
|
||
- lib: add debug log outputs for CURLE_BAD_FUNCTION_ARGUMENT
|
||
|
||
Closes #12658
|
||
|
||
- mime: use memdup0 instead of malloc + memcpy
|
||
|
||
Closes #12649
|
||
|
||
- tool_getparam: move the --rate logic into set_rate()
|
||
|
||
- tool_getparam: switch to an enum for every option
|
||
|
||
To make the big switch much easier to read/understand and to make it
|
||
easier to add new options.
|
||
|
||
- tool_getparam: build post data using dynbuf (more)
|
||
|
||
- tool_getparam: replace malloc + copy by dynbuf for --data
|
||
|
||
- tool_getparam: make data_urlencode avoid direct malloc
|
||
|
||
use aprintf() instead
|
||
|
||
- tool_getparam: move the --url-query logic into url_query()
|
||
|
||
This function is not doing post at all so it was always weirdly placed.
|
||
|
||
- tool_getparam: move the --data logic into set_data()
|
||
|
||
- tool_getparam: unify the cmdline switch() into a single one
|
||
|
||
- easier to follow, easier to modify, easier to extend, possibly slightly
|
||
faster
|
||
|
||
- each case now has the long option as a comment
|
||
|
||
- tool_getparam: bsearch cmdline options
|
||
|
||
- the option names are now alpha sorted and lookup is a lot faster
|
||
|
||
- use case sensitive matching. It was previously case insensitive, but that
|
||
was not documented nor tested.
|
||
|
||
- remove "partial match" feature. It was not documented, not tested and
|
||
was always fragile as existing use could break when we add a new
|
||
option
|
||
|
||
- lookup short options via a table
|
||
|
||
Closes #12631
|
||
|
||
Gabe (8 Jan 2024)
|
||
|
||
- COPYING: update copyright year
|
||
|
||
Closes #12654
|
||
|
||
Stefan Eissing (8 Jan 2024)
|
||
|
||
- url: init conn->sockfd and writesockfd to CURL_SOCKET_BAD
|
||
|
||
Also add more tracing to test 19
|
||
|
||
Follow-up to a0f9480
|
||
|
||
Fixes #12657
|
||
Closes #12659
|
||
|
||
Daniel Stenberg (8 Jan 2024)
|
||
|
||
- connect: remove margin from eyeballer alloc
|
||
|
||
Presumably leftovers from debugging
|
||
|
||
Closes #12647
|
||
|
||
- ftp: only consider entry path if it has a length
|
||
|
||
Follow-up from 8edcfedc1a144f438bd1cdf814a0016cb
|
||
|
||
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65631
|
||
|
||
Avoids a NULL pointer deref.
|
||
|
||
Closes #12648
|
||
|
||
Stefan Eissing (7 Jan 2024)
|
||
|
||
- transfer: adjust_pollset improvements
|
||
|
||
- let `multi_getsock()` initialize the pollset in what the
|
||
transfer state requires in regards to SEND/RECV
|
||
- change connection filters `adjust_pollset()` implementation
|
||
to react on the presence of POLLIN/-OUT in the pollset and
|
||
no longer check CURL_WANT_SEND/CURL_WANT_RECV
|
||
- cf-socket will no longer add POLLIN on its own
|
||
- http2 and http/3 filters will only do adjustments if the
|
||
passed pollset wants to POLLIN/OUT for the transfer on
|
||
the socket. This is similar to the HTTP/2 proxy filter
|
||
and works in stacked filters.
|
||
|
||
Closes #12640
|
||
|
||
Daniel Stenberg (6 Jan 2024)
|
||
|
||
- ftp: use memdup0 to store the OS from a SYST 215 response
|
||
|
||
avoid malloc + direct buffer fiddle
|
||
|
||
Closes #12639
|
||
|
||
- ftp: use dynbuf to store entrypath
|
||
|
||
avoid direct malloc
|
||
|
||
Closes #12638
|
||
|
||
Lealem Amedie (6 Jan 2024)
|
||
|
||
- wolfssl: load certificate *chain* for PEM client certs
|
||
|
||
Closes #12634
|
||
|
||
Stefan Eissing (4 Jan 2024)
|
||
|
||
- http: adjust_pollset fix
|
||
|
||
do not add a socket for POLLIN when the transfer does not want to send
|
||
(for example is paused).
|
||
|
||
Follow-up to 47f5b1a
|
||
|
||
Reported-by: bubbleguuum on github
|
||
Fixes #12632
|
||
Closes #12633
|
||
|
||
Daniel Stenberg (3 Jan 2024)
|
||
|
||
- tool: make parser reject blank arguments if not supported
|
||
|
||
Already in the getstr() function that clones the input argument.
|
||
|
||
Closes #12620
|
||
|
||
dependabot[bot] (3 Jan 2024)
|
||
|
||
- build(deps): bump github/codeql-action from 2 to 3
|
||
|
||
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2
|
||
to 3.
|
||
- [Release notes](https://github.com/github/codeql-action/releases)
|
||
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
|
||
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: github/codeql-action
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
Closes #12625
|
||
|
||
- build(deps): bump actions/checkout from 3 to 4
|
||
|
||
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
|
||
- [Release notes](https://github.com/actions/checkout/releases)
|
||
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
|
||
- [Commits](https://github.com/actions/checkout/compare/v3...v4)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: actions/checkout
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
Closes #12624
|
||
|
||
- build(deps): bump actions/upload-artifact from 3 to 4
|
||
|
||
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) f
|
||
rom 3 to 4.
|
||
- [Release notes](https://github.com/actions/upload-artifact/releases)
|
||
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: actions/upload-artifact
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
Closes #12627
|
||
|
||
- build(deps): bump actions/download-artifact from 3 to 4
|
||
|
||
Bumps [actions/download-artifact](https://github.com/actions/download-artifac
|
||
t) from 3 to 4.
|
||
- [Release notes](https://github.com/actions/download-artifact/releases)
|
||
- [Commits](https://github.com/actions/download-artifact/compare/v3...v4)
|
||
|
||
---
|
||
updated-dependencies:
|
||
- dependency-name: actions/download-artifact
|
||
dependency-type: direct:production
|
||
update-type: version-update:semver-major
|
||
...
|
||
|
||
Signed-off-by: dependabot[bot] <support@github.com>
|
||
|
||
Closes #12626
|
||
|
||
Stefan Eissing (3 Jan 2024)
|
||
|
||
- http3/quiche: fix result code on a stream reset
|
||
|
||
- fixes pytest failures in test 07_22
|
||
- aligns CURLcode values on stream reset with ngtcp2
|
||
|
||
Closes #12629
|
||
|
||
Daniel Stenberg (2 Jan 2024)
|
||
|
||
- setopt: clear mimepost when formp is freed
|
||
|
||
A precaution to avoid a possibly dangling pointer left behind.
|
||
|
||
Reported-by: Thomas Ferguson
|
||
Fixes #12608
|
||
Closes #12621
|
||
|
||
Andy Alt (2 Jan 2024)
|
||
|
||
- CI: Add dependabot.yml
|
||
|
||
This will cause dependabot to open a PR when various actions are
|
||
updated, provided that the action maintainer has issued a release.
|
||
|
||
Closes #12623
|
||
|
||
Gisle Vanem (2 Jan 2024)
|
||
|
||
- content_encoding: change return code to typedef'ed enum
|
||
|
||
... to work around a clang ubsan warning.
|
||
|
||
Fixes #12618
|
||
Closes #12622
|
||
|
||
Daniel Stenberg (2 Jan 2024)
|
||
|
||
- tool: prepend output_dir in header callback
|
||
|
||
When Content-Disposition parsing is used and an output dir is prepended,
|
||
make sure to store that new file name correctly so that it can be used
|
||
for setting the file timestamp when --remote-time is used.
|
||
|
||
Extended test 3012 to verify.
|
||
|
||
Co-Authored-by: Jay Satiro
|
||
Reported-by: hgdagon on github
|
||
Fixes #12614
|
||
Closes #12617
|
||
|
||
- test1254: fix typo in name plus shorten it
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Viktor Szakats (2 Jan 2024)
|
||
|
||
- schannel: fix `-Warith-conversion` gcc 13 warning
|
||
|
||
```
|
||
lib/vtls/schannel.c:1201:22: warning: conversion to 'unsigned int' from 'int'
|
||
may change the sign of the result [-Warith-conversion]
|
||
1201 | *extension_len = *list_len +
|
||
| ^
|
||
```
|
||
|
||
Closes #12616
|
||
|
||
- asyn-thread: silence `-Wcast-align` warning for Windows
|
||
|
||
Seen with llvm/clang 17:
|
||
```
|
||
lib/asyn-thread.c:310:5: warning: cast from 'PCHAR' (aka 'char *') to 'struct
|
||
thread_sync_data *' increases required alignment from 1 to 8 [-Wcast-align]
|
||
310 | CONTAINING_RECORD(overlapped, struct thread_sync_data, w8.overlap
|
||
ped);
|
||
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
~~~~
|
||
.../llvm-mingw/aarch64-w64-mingw32/include/winnt.h:717:48: note: expanded fro
|
||
m macro 'CONTAINING_RECORD'
|
||
717 | #define CONTAINING_RECORD(address,type,field) ((type *)((PCHAR)(addre
|
||
ss) - (ULONG_PTR)(&((type *)0)->field)))
|
||
| ^~~~~~~~~~~~~~~~~~~~~~
|
||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||
```
|
||
|
||
Follow-up to a6bbc87f9e9ffb46a1801dfb983e7534825ed56b #12482
|
||
|
||
Ref: https://github.com/curl/curl/pull/12482#issuecomment-1873017261
|
||
Closes #12615
|
||
|
||
Daniel Stenberg (2 Jan 2024)
|
||
|
||
- tool_listhelp: regenerate after recent .d updates
|
||
|
||
Makes it survive test 1478
|
||
|
||
Closes #12612
|
||
|
||
- test1478: verify src/tool_listhelp.c
|
||
|
||
Verify that the source file on disk is identical to the output of gen.pl
|
||
listhelp, as otherwise they are out of sync and need attention.
|
||
|
||
Closes #12612
|
||
|
||
- testutil: make runtests support %include
|
||
|
||
Using this instruction, a test case can include the contents of a file
|
||
into the test during the preprocessing.
|
||
|
||
Closes #12612
|
||
|
||
- runtests: for mode="text" on <stdout>, fix newlines on both parts
|
||
|
||
Closes #12612
|
||
|
||
Jay Satiro (2 Jan 2024)
|
||
|
||
- quiche: return CURLE_HTTP3 on send to invalid stream
|
||
|
||
Prior to this change if a send failed on a stream in an invalid state
|
||
(according to quiche) and not marked as closed (according to libcurl)
|
||
then the send function would return CURLE_SEND_ERROR.
|
||
|
||
We already have similar code for ngtcp2 to return CURLE_HTTP3 in this
|
||
case.
|
||
|
||
Caught by test test_07_upload.py: test_07_22_upload_parallel_fail.
|
||
|
||
Fixes https://github.com/curl/curl/issues/12590
|
||
Closes https://github.com/curl/curl/pull/12597
|
||
|
||
Daniel Stenberg (1 Jan 2024)
|
||
|
||
- cmdline-opts: update availability for the *-ca-native options
|
||
|
||
Closes #12613
|
||
|
||
Patrick Monnerat (31 Dec 2023)
|
||
|
||
- openldap: fix STARTTLS
|
||
|
||
It was not working anymore since introduction of connection filters.
|
||
|
||
Also do not attempt to recover from a failing TLS negotiation with
|
||
CURLUSESSL_TRY.
|
||
|
||
Closes #12610
|
||
|
||
Daniel Stenberg (31 Dec 2023)
|
||
|
||
- haproxy-clientip.d: document the arg
|
||
|
||
The arg keyword was missing and therefore not present in the man page.
|
||
|
||
Closes #12611
|
||
|
||
annalee (29 Dec 2023)
|
||
|
||
- configure: fix no default int compile error in ipv6 detection
|
||
|
||
Closes #12607
|
||
|
||
Dan Fandrich (28 Dec 2023)
|
||
|
||
- CI: Fix use of any-glob-to-all-files in the labeler
|
||
|
||
Despite its name, this atom acts like one-glob-to-all-files and a
|
||
different syntax with braces must be used to get
|
||
any-glob-to-all-files semantics. Unfortunately, this makes the file
|
||
completely unreadable.
|
||
|
||
Ref: https://github.com/actions/labeler/issues/731
|
||
|
||
Daniel Stenberg (29 Dec 2023)
|
||
|
||
- CURLOPT_AUTOREFERER.3: mention CURLINFO_REFERER
|
||
|
||
- CURLINFO_REFERER.3: clarify that it is the *request* header
|
||
|
||
That libcurl itself sent in the most recent request
|
||
|
||
Closes #12605
|
||
|
||
Jay Satiro (28 Dec 2023)
|
||
|
||
- system_win32: fix a function pointer assignment warning
|
||
|
||
- Use CURLX_FUNCTION_CAST to suppress a function pointer assignment
|
||
warning.
|
||
|
||
a6bbc87f added lookups of some Windows API functions and then cast them
|
||
like `*(FARPROC*)&Curl_funcname = address`. Some versions of gcc warn
|
||
about that as breaking strict-aliasing rules so this PR changes those
|
||
assignments to use CURLX_FUNCTION_CAST.
|
||
|
||
Bug: https://github.com/curl/curl/pull/12581#issuecomment-1869804317
|
||
Reported-by: Marcel Raad
|
||
|
||
Closes https://github.com/curl/curl/pull/12602
|
||
|
||
- verify-examples.pl: fail verification on unescaped backslash
|
||
|
||
- Check that all backslashes in EXAMPLE are properly escaped.
|
||
|
||
eg manpage must always use `\\n` never `\n`.
|
||
|
||
This is because the manpage requires we always double blackslash to show
|
||
a single backslash. Prior to this change an erroneous single backslash
|
||
would pass through and compile even though it would not show correctly
|
||
in the manpage.
|
||
|
||
Co-authored-by: Daniel Stenberg
|
||
|
||
Ref: https://github.com/curl/curl/pull/12588
|
||
|
||
Closes https://github.com/curl/curl/pull/12589
|
||
|
||
- vtls: fix missing multissl version info
|
||
|
||
- Fix erroneous buffer copy logic from ff74cef5.
|
||
|
||
Prior to this change the MultiSSL version info returned to the user
|
||
was empty.
|
||
|
||
Closes https://github.com/curl/curl/pull/12599
|
||
|
||
Daniel Stenberg (27 Dec 2023)
|
||
|
||
- KNOWN_BUGS: [RTSP] Some methods do not support response bodies
|
||
|
||
Closes #12414
|
||
|
||
Patrick Monnerat (27 Dec 2023)
|
||
|
||
- openldap: fix an LDAP crash
|
||
|
||
Reported-by: Ozan Cansel
|
||
Fixes #12593
|
||
Closes #12600
|
||
|
||
Daniel Stenberg (27 Dec 2023)
|
||
|
||
- getinfo: CURLINFO_QUEUE_TIME_T
|
||
|
||
Returns the time, in microseconds, during which this transfer was held
|
||
in a waiting queue before it started "for real". A transfer might be put
|
||
in a queue if after getting started, it cannot create a new connection
|
||
etc due to set conditions and limits imposed by the application.
|
||
|
||
Ref: #12293
|
||
Closes #12368
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Jay Satiro (26 Dec 2023)
|
||
|
||
- examples/sendrecv: fix comment line length
|
||
|
||
Caught by checksrc.
|
||
|
||
Haydar Alaidrus (23 Dec 2023)
|
||
|
||
- CURLOPT_POSTFIELDS.3: fix incorrect C string escape in example
|
||
|
||
- Escape inner quotes with two backslashes.
|
||
|
||
Two backslashes escapes the backslash for the man page and will show as
|
||
a single backslash.
|
||
|
||
eg: "{\\"name\\": \\"daniel\\"}" shows as "{\"name\": \"daniel\"}".
|
||
|
||
Closes https://github.com/curl/curl/pull/12588
|
||
|
||
Viktor Szakats (23 Dec 2023)
|
||
|
||
- appveyor: tidy-ups
|
||
|
||
- replace two remaining backslashes with forward slashes.
|
||
- tidy up the way we form and pass `TFLAGS`.
|
||
|
||
Follow-up to 2d4d0c1fd32f5cc3f946c407c8eccd5477b287df #12572
|
||
|
||
Closes #12582
|
||
|
||
Stefan Eissing (22 Dec 2023)
|
||
|
||
- transfer: fix upload rate limiting, add test cases
|
||
|
||
- add test cases for rate limiting uploads for all
|
||
http versions
|
||
- fix transfer loop handling of limits. Signal a re-receive
|
||
attempt only on exhausting maxloops without an EAGAIN
|
||
- fix `data->state.selectbits` forcing re-receive to also
|
||
set re-sending when transfer is doing this.
|
||
|
||
Reported-by: Karthikdasari0423 on github
|
||
Fixes #12559
|
||
Closes #12586
|
||
|
||
Daniel Stenberg (22 Dec 2023)
|
||
|
||
- mbedtls: free the entropy when threaded
|
||
|
||
The entropy_free was never done for threaded builds, causing a small
|
||
(fixed) memory leak.
|
||
|
||
Reported-by: RevaliQaQ on github
|
||
Fixes #12584
|
||
Closes #12585
|
||
|
||
Stefan Eissing (22 Dec 2023)
|
||
|
||
- http2: improved on_stream_close/data_done handling
|
||
|
||
- there seems to be a code path that cleans up easy handles without
|
||
triggering DONE or DETACH events to the connection filters. This
|
||
would explain wh nghttp2 still holds stream user data
|
||
- add GOOD check to easy handle used in on_close_callback to
|
||
prevent crashes, ASSERTs in debug builds.
|
||
- NULL the stream user data early before submitting RST
|
||
- add checks in on_stream_close() to identify UNGOOD easy handles
|
||
|
||
Reported-by: Hans-Christian Egtvedt
|
||
Fixes #10936
|
||
Closes #12562
|
||
|
||
Daniel Stenberg (22 Dec 2023)
|
||
|
||
- mprintf: overhaul and bugfixes
|
||
|
||
In a test case using lots of snprintf() calls using many commonly used
|
||
%-codes per call, this version is around 30% faster than previous
|
||
version.
|
||
|
||
It also fixes the #12561 bug which made it not behave correctly when
|
||
given unknown %-sequences. Fixing that flaw required a different take on
|
||
the problem, which resulted in the new two-arrays model.
|
||
|
||
lib557: extended - Verify the #12561 fix and test more printf features
|
||
|
||
unit1398: fix test: It used a <num>$ only for one argument, which is not
|
||
supported.
|
||
|
||
Fixes #12561
|
||
Closes #12563
|
||
|
||
Viktor Szakats (21 Dec 2023)
|
||
|
||
- appveyor: replace PowerShell with bash + parallel autotools
|
||
|
||
PowerShell works (after a steep development curve), but one property of
|
||
it stuck and kept causing unresolvable usability issues: With
|
||
`$ErrorActionPreference=Stop`, it does abort on failures, but shows only
|
||
the first line of the error message. In `Continue` mode, it shows the
|
||
full error message, but doesn't stop on all errors. Another issue is
|
||
PowerShell considering any stderr output as if the command failed (this
|
||
has been improved in 7.2 (2021-Nov), but fixed versions aren't running
|
||
in CI and will not be for a long time in all test images.)
|
||
|
||
Thus, we're going with bash.
|
||
|
||
Also:
|
||
- use `-j2` with autotools tests, making them finish 5-15 minutes per
|
||
job faster.
|
||
- omit `POSIX_PATH_PREFIX`.
|
||
- use `WINDIR`.
|
||
- prefer forward slashes.
|
||
|
||
Follow-up to: 75078a415d9c769419aed4153d3d525a8eba95af #11999
|
||
Ref: #12444
|
||
|
||
Fixes #12560
|
||
Closes #12572
|
||
|
||
Pavel Pavlov (21 Dec 2023)
|
||
|
||
- asyn-thread: use GetAddrInfoExW on >= Windows 8
|
||
|
||
For doing async DNS resolution instead of starting a thread for each
|
||
request.
|
||
|
||
Fixes #12481
|
||
Closes #12482
|
||
|
||
Daniel Stenberg (21 Dec 2023)
|
||
|
||
- strerror: repair get_winsock_error()
|
||
|
||
It would try to read longer than the provided string and crash.
|
||
|
||
Follow-up to ff74cef5d4a0cf60106517a1c7384
|
||
Reported-by: calvin2021y on github
|
||
Fixes #12578
|
||
Closes #12579
|
||
|
||
- CURLOPT_SSH_*_KEYFILE: clarify
|
||
|
||
Closes #12554
|
||
|
||
ivanfywang (21 Dec 2023)
|
||
|
||
- ngtcp2: put h3 at the front of alpn
|
||
|
||
Closes #12576
|
||
|
||
Daniel Stenberg (21 Dec 2023)
|
||
|
||
- test460: verify a command line using --expand with no argument
|
||
|
||
This verifies the fix for #12565
|
||
|
||
- tool_getparam: do not try to expand without an argument
|
||
|
||
This would lead to a segfault.
|
||
|
||
Fixes #12565
|
||
Reported-by: Geeknik Labs
|
||
Closes #12575
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Bumped version to 8.6.0 because of changes
|
||
|
||
- Makefile.am: fix the MSVC project generation
|
||
|
||
It made the vcxproj files not get included in dist tarballs.
|
||
|
||
Regression since 74423b5df4c8117891eb89 (8.5.0)
|
||
|
||
Reported-by: iAroc on github
|
||
Fixes #12564
|
||
Closes #12567
|
||
|
||
zengwei2000 (21 Dec 2023)
|
||
|
||
- altsvc: free 'as' when returning error
|
||
|
||
Closes #12570
|
||
|
||
Signed-off-by: zengwei <zengwei1@uniontech.com>
|
||
|
||
Viktor Szakats (20 Dec 2023)
|
||
|
||
- build: fix `-Wconversion`/`-Wsign-conversion` warnings
|
||
|
||
Fix remaining warnings in examples and tests which are not suppressed
|
||
by the pragma in `lib/curl_setup.h`.
|
||
|
||
Silence a toolchain issue causing warnings in `FD_SET()` calls with
|
||
older Cygwin/MSYS2 builds. Likely fixed on 2020-08-03 by:
|
||
https://cygwin.com/git/?p=newlib-cygwin.git;a=commitdiff;h=5717262b8ecfed0f7f
|
||
ab63e2c09c78991e36f9dd
|
||
|
||
Follow-up to 2dbe75bd7f3c36837aa06fd87a442bdf3fb7faef #12492
|
||
|
||
Closes #12557
|
||
|
||
- build: fix some `-Wsign-conversion`/`-Warith-conversion` warnings
|
||
|
||
- enable `-Wsign-conversion` warnings, but also setting them to not
|
||
raise errors.
|
||
- fix `-Warith-conversion` warnings seen in CI.
|
||
These are triggered by `-Wsign-converion` and causing errors unless
|
||
explicitly silenced. It makes more sense to fix them, there just a few
|
||
of them.
|
||
- fix some `-Wsign-conversion` warnings.
|
||
- hide `-Wsign-conversion` warnings with a `#pragma`.
|
||
- add macro `CURL_WARN_SIGN_CONVERSION` to unhide them on a per-build
|
||
basis.
|
||
- update a CI job to unhide them with the above macro:
|
||
https://github.com/curl/curl/actions/workflows/linux.yml -> OpenSSL -O3
|
||
|
||
Closes #12492
|
||
|
||
- cmake: tidy-up `OtherTests.cmake`
|
||
|
||
- make more obvious which detection uses which prep steps.
|
||
- merge and streamline conditions.
|
||
- these should not alter detection results.
|
||
|
||
Also align log output messages from
|
||
`Macros.cmake` / `curl_internal_test` with rest of the build.
|
||
|
||
Closes #12551
|
||
|
||
- appveyor: switch to out-of-tree builds
|
||
|
||
With cmake and autotools.
|
||
|
||
Closes #12550
|
||
|
||
Daniel Stenberg (19 Dec 2023)
|
||
|
||
- DEPRECATE.md: mention that NTLM_WB no longer works
|
||
|
||
Ref: #12479
|
||
Closes #12553
|
||
|
||
- CURLOPT_SERVER_RESPONSE_TIMEOUT_MS: add
|
||
|
||
Proposed-by: Yifei Kong
|
||
Ref: https://curl.se/mail/lib-2023-11/0023.html
|
||
Closes #12369
|
||
|
||
Viktor Szakats (18 Dec 2023)
|
||
|
||
- build: more `-Wformat` fixes
|
||
|
||
- memdebug: update to not trigger `-Wformat-nonliteral` warnings.
|
||
- imap: mark `imap_sendf()` with `CURL_PRINTF()`.
|
||
- tool_msgs: mark static function with `CURL_PRINTF()`.
|
||
|
||
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489
|
||
|
||
Closes #12540
|
||
|
||
- windows: delete redundant headers
|
||
|
||
`winsock2.h` pulls in `windows.h`. `ws2tcpip.h` pulls in `winsock2.h`.
|
||
`winsock2.h` and `ws2tcpip.h` are also pulled by `curl/curl.h`.
|
||
|
||
Keep only those headers that are not already included, or the code under
|
||
it uses something from that specific header.
|
||
|
||
Closes #12539
|
||
|
||
- cmake: prefill/cache `HAVE_STRUCT_SOCKADDR_STORAGE`
|
||
|
||
Also add missing include to `OtherTests.cmake`. It didn't cause an issue
|
||
because the parent already included this earlier by chance.
|
||
|
||
Closes #12537
|
||
|
||
Daniel Stenberg (18 Dec 2023)
|
||
|
||
- runner.pm: fix perl warning when running tests
|
||
|
||
Use of uninitialized value $runner::gdbthis in numeric eq (==) at runner.
|
||
pm
|
||
|
||
Follow-up from 3dcf301752a09d9
|
||
|
||
Closes #12549
|
||
|
||
- runtests: support -gl. Like -g but for lldb.
|
||
|
||
Follow-up to 63b5748
|
||
|
||
Invokes the test case via lldb instead of gdb. Since using gdb is such a
|
||
pain on mac, using lldb is sometimes less quirky.
|
||
|
||
Closes #12547
|
||
|
||
- curl.h: add CURLE_TOO_LARGE
|
||
|
||
A new error code to be used when an internal field grows too large, like
|
||
when a dynbuf reaches its maximum. Previously it would return
|
||
CURLE_OUT_OF_MEMORY for this, which is highly misleading.
|
||
|
||
Ref: #12268
|
||
Closes #12269
|
||
|
||
- CI/circleci: disable MQTT in the HTTP-only build
|
||
|
||
And remove the use of configure options that don't actually exist
|
||
|
||
Closes #12546
|
||
|
||
Yedaya Katsman (18 Dec 2023)
|
||
|
||
- tests: respect $TMPDIR when creating unix domain sockets
|
||
|
||
When running on termux, where $TMPDIR isn't /tmp, running the tests
|
||
failed, since the server config tried creating sockets in /tmp, without
|
||
checking the temp dir config. Use the TMPDIR variable that makes it find
|
||
the correct directory everywhere [0]
|
||
|
||
[0] https://perldoc.perl.org/File::Temp#tempfile
|
||
|
||
Closes #12545
|
||
|
||
Viktor Szakats (17 Dec 2023)
|
||
|
||
- ssh: fix namespace of two local macros
|
||
|
||
Avoid using the libssh and libssh2 macro namespaces by prefixing
|
||
these local macro names with `CURL_`.
|
||
|
||
Follow-up to 413a0fedd02c8c6df1d294534b8c6e306fcca7a2 #12346
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12544
|
||
|
||
- cmake: whitespace tidy-up in `OtherTests.cmake`
|
||
|
||
Closes #12538
|
||
|
||
Mark Sinkovics (16 Dec 2023)
|
||
|
||
- cmake: fix generation for system name iOS
|
||
|
||
This PR fixes a problem that happens during CMake configuration when
|
||
the `CMAKE_SYSTEM_NAME` set to `iOS` and not `Darwin`. This value is
|
||
available (as far as I remember) version 3.14. The final solution
|
||
(thanks to @vszakats) is to use `APPLE` which contains all the Apple
|
||
platforms https://cmake.org/cmake/help/latest/variable/APPLE.html.
|
||
|
||
This issue was found when during vcpkg installation. Running command
|
||
`vcpkg install curl:arm64-ios` and `vcpkg install curl:x64-ios` failed
|
||
with message:
|
||
```
|
||
CMake Error: try_run() invoked in cross-compiling mode, please set the follow
|
||
ing cache variables appropriately:
|
||
HAVE_H_ERRNO_ASSIGNABLE_EXITCODE (advanced)
|
||
```
|
||
After this fix, I was able to compile the compile the binary without
|
||
any issue.
|
||
|
||
In addition to that fix, this PR also contains an simplification to
|
||
check if the platform is not APPLE.
|
||
|
||
Co-authored-by: Viktor Szakats
|
||
Closes #12515
|
||
|
||
Daniel Stenberg (16 Dec 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Baruch Siach (16 Dec 2023)
|
||
|
||
- gnutls: fix build with --disable-verbose
|
||
|
||
infof() parameters must be defined event with --disable-verbose since
|
||
commit dac293cfb702 ("lib: apache style infof and trace
|
||
macros/functions").
|
||
|
||
Move also 'ptr' definition under !CURL_DISABLE_VERBOSE_STRINGS.
|
||
|
||
Fixes the following build failure:
|
||
|
||
In file included from ../lib/sendf.h:29,
|
||
from vtls/gtls.c:44:
|
||
vtls/gtls.c: In function 'Curl_gtls_verifyserver':
|
||
vtls/gtls.c:841:34: error: 'version' undeclared (first use in this function);
|
||
did you mean 'session'?
|
||
841 | gnutls_protocol_get_name(version), ptr);
|
||
| ^~~~~~~
|
||
|
||
Closes #12505
|
||
|
||
Viktor Szakats (16 Dec 2023)
|
||
|
||
- build: delete unused `HAVE_{GSSHEIMDAL,GSSMIT,HEIMDAL}`
|
||
|
||
Stop setting `HAVE_GSSHEIMDAL`, `HAVE_GSSMIT` and `HAVE_HEIMDAL`.
|
||
There was no place in the build system or source code that used them.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12506
|
||
|
||
- build: remove redundant `CURL_PULL_*` settings
|
||
|
||
These macros were not propagated to the source code from CMake.
|
||
|
||
autotools set only one of them (`CURL_PULL_SYS_POLL_H`), initially to
|
||
address an AIX issue [1]. This later broke when introducing `system.h`
|
||
[2] without the logic it enabled. A subsequent fix [3] re-added the
|
||
logic, and also enabled it for AIX before its use, directly in
|
||
`system.h`.
|
||
|
||
[1] 2012-11-23: 665adcd4b7bcdb7deb638cdc499fbe71f8d777f2
|
||
[2] 2017-03-29: 9506d01ee50d5908138ebad0fd9fbd39b66bd64d #1373
|
||
[3] 2017-08-25: 8a84fcc4b59e8b78d2acc6febf44a43d6bc81b59 #1828 #1833
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12502
|
||
|
||
- system.h: sync mingw `CURL_TYPEOF_CURL_SOCKLEN_T` with other compilers
|
||
|
||
Align mingw with the other Windows compilers and use the `int` type for
|
||
`CURL_TYPEOF_CURL_SOCKLEN_T` (and thus for `curl_socklent_t`). This
|
||
makes it unnecessary to make a mingw-specific trick and pull all Windows
|
||
headers early just for this type definition. This type is specific to
|
||
Windows, not to the compiler. mingw-w64's Windows header maps it to
|
||
`int` too.
|
||
|
||
With this we also delete all remaining uses of `CURL_PULL_WS2TCPIP_H`.
|
||
|
||
[ The official solution is to use `socklen_t` for all Windows compilers.
|
||
In this case we may want to update `curl/curl.h` to pull in Windows
|
||
headers before `system.h`. ]
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12501
|
||
|
||
- windows: simplify detecting and using system headers
|
||
|
||
- autotools, cmake: assume that if we detect Windows, `windows.h`,
|
||
`winsock2.h` and `ws2tcpip.h` do exist.
|
||
- lib: fix 3 outlier `#if` conditions to use `USE_WINSOCK` instead of
|
||
looking for `winsock2.h`.
|
||
- autotools: merge 3 Windows check methods into one.
|
||
- move Watt-32 and lwIP socket support to `setup-win32.h` from
|
||
`config-win32.h`. It opens up using these with all build tools. Also
|
||
merge logic with Windows Sockets.
|
||
- fix to assume Windows sockets with the mingw32ce toolchain.
|
||
Follow-up to: 2748c64d605b19fb419ae56810ad8da36487a2d4
|
||
- cmake: delete unused variable `signature_call_conv` since
|
||
eb33ccd5332435fa50f1758e5debb869c6942b7f.
|
||
- autotools: simplify `CURL_CHECK_WIN32_LARGEFILE` detection.
|
||
- examples/externalsocket: fix header order.
|
||
- cmake/OtherTests.cmake: delete Windows-specific `_source_epilogue`
|
||
that wasn't used anymore.
|
||
- cmake/OtherTests.cmake: set `WIN32_LEAN_AND_MEAN` for test
|
||
`SIZEOF_STRUCT_SOCKADDR_STORAGE`.
|
||
|
||
After this patch curl universally uses `_WIN32` to guard
|
||
Windows-specific logic. It guards Windows Sockets-specific logic with
|
||
`USE_WINSOCK` (this might need further work).
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12495
|
||
|
||
- build: enable missing OpenSSF-recommended warnings, with fixes
|
||
|
||
https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening
|
||
-Guide-for-C-and-C++.html
|
||
as of 2023-11-29 [1].
|
||
|
||
Enable new recommended warnings (except `-Wsign-conversion`):
|
||
|
||
- enable `-Wformat=2` for clang (in both cmake and autotools).
|
||
- add `CURL_PRINTF()` internal attribute and mark functions accepting
|
||
printf arguments with it. This is a copy of existing
|
||
`CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible
|
||
with redefinting the `printf` symbol:
|
||
https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94
|
||
- fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for
|
||
mingw-w64 and enable it on this platform.
|
||
- enable `-Wimplicit-fallthrough`.
|
||
- enable `-Wtrampolines`.
|
||
- add `-Wsign-conversion` commented with a FIXME.
|
||
- cmake: enable `-pedantic-errors` the way we do it with autotools.
|
||
Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747
|
||
- lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format
|
||
checks. Previously it was always disabled due to the internal `printf`
|
||
macro.
|
||
|
||
Fix them:
|
||
|
||
- fix bug where an `set_ipv6_v6only()` call was missed in builds with
|
||
`--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`.
|
||
- add internal `FALLTHROUGH()` macro.
|
||
- replace obsolete fall-through comments with `FALLTHROUGH()`.
|
||
- fix fallthrough markups: Delete redundant ones (showing up as
|
||
warnings in most cases). Add missing ones. Fix indentation.
|
||
- silence `-Wformat-nonliteral` warnings with llvm/clang.
|
||
- fix one `-Wformat-nonliteral` warning.
|
||
- fix new `-Wformat` and `-Wformat-security` warnings.
|
||
- fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its
|
||
definition to `lib/curl_setup.h` allowing use in `tests/server`.
|
||
- lib: fix two wrongly passed string arguments in log outputs.
|
||
Co-authored-by: Jay Satiro
|
||
- fix new `-Wformat` warnings on mingw-w64.
|
||
|
||
[1] https://github.com/ossf/wg-best-practices-os-developers/blob/56c0fde3895b
|
||
fc55c8a973ef49a2572c507b2ae1/docs/Compiler-Hardening-Guides/Compiler-Options-
|
||
Hardening-Guide-for-C-and-C%2B%2B.md
|
||
|
||
Closes #12489
|
||
|
||
- Makefile.mk: drop Windows support
|
||
|
||
And DLL-support with it. This leaves `Makefile.mk` for MS-DOS and Amiga.
|
||
|
||
We recommend CMake instead. With unity mode it's much faster, and about
|
||
the same without.
|
||
|
||
Ref: https://github.com/curl/curl/pull/12221#issuecomment-1783761806
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12224
|
||
|
||
Daniel Stenberg (16 Dec 2023)
|
||
|
||
- cmdline-docs: use .IP consistently
|
||
|
||
Remove use of .TP and some .B. The idea is to reduce nroff syntax as
|
||
much as possible and to use it consistently. Ultimately, we should be
|
||
able to introduce our own easier-to-use-and-read syntax/formatting and
|
||
convert on generation time.
|
||
|
||
Closes #12535
|
||
|
||
Tatsuhiko Miyagawa (16 Dec 2023)
|
||
|
||
- http: fix off-by-one error in request method length check
|
||
|
||
It should allow one more byte.
|
||
|
||
Closes #12534
|
||
|
||
Daniel Stenberg (15 Dec 2023)
|
||
|
||
- curl: show ipfs and ipns as supported "protocols"
|
||
|
||
They are accepted schemes in URLs passed to curl (the tool, not the
|
||
library).
|
||
|
||
Also makes curl-config show the same list.
|
||
|
||
Co-Authored-by: Jay Satiro
|
||
Reported-by: Chara White
|
||
Bug: https://curl.se/mail/archive-2023-12/0026.html
|
||
Closes #12508
|
||
|
||
- Revert "urldata: move async resolver state from easy handle to connectdata"
|
||
|
||
This reverts commit 56a4db2e4e2bcb9a0dcb75b83560a78ef231fcc8 (#12198)
|
||
|
||
We want the c-ares channel to be held in the easy handle, not per
|
||
connection - for performance.
|
||
|
||
Closes #12524
|
||
|
||
Viktor Szakats (15 Dec 2023)
|
||
|
||
- openssl: re-match LibreSSL deinit with init
|
||
|
||
Earlier we switched to use modern initialization with LibreSSL v2.7.0
|
||
and up, but did not touch deinitialization [1]. Fix it in this patch.
|
||
|
||
Regression from bec0c5bbf34369920598678161d2df8bea0e243b #11611
|
||
|
||
[1] https://github.com/curl/curl/pull/11611#issuecomment-1668654014
|
||
|
||
Reported-by: Mike Hommey
|
||
Reviewed-by: Daniel Stenberg
|
||
Fixes #12525
|
||
Closes #12526
|
||
|
||
Daniel Stenberg (14 Dec 2023)
|
||
|
||
- libssh: supress warnings without version check
|
||
|
||
Define unconditionally.
|
||
|
||
Follow-up from d21bd2190c46ad7fa
|
||
|
||
Closes #12523
|
||
|
||
- hostip: return error immediately when Curl_ip2addr() fails
|
||
|
||
Closes #12522
|
||
|
||
Theo (14 Dec 2023)
|
||
|
||
- libssh: improve the deprecation warning dismissal
|
||
|
||
Previous code was compiler dependant, and dismissed all deprecation warnings
|
||
indiscriminately.
|
||
|
||
libssh provides a way to disable the deprecation warnings for libssh only, an
|
||
d
|
||
naturally this is the preferred way.
|
||
|
||
This commit uses that, to prevent the erroneous hiding of potential, unrelate
|
||
d
|
||
deprecation warnings.
|
||
|
||
Fixes #12519
|
||
Closes #12520
|
||
|
||
Daniel Stenberg (14 Dec 2023)
|
||
|
||
- test1474: removed
|
||
|
||
The test was already somewhat flaky and disabled on several platforms,
|
||
and after 1da640abb688 even more unstable.
|
||
|
||
- readwrite_data: loop less
|
||
|
||
This function is made to loop in order to drain incoming data
|
||
faster. Completely removing the loop has a measerably negative impact on
|
||
transfer speeds.
|
||
|
||
Downsides with the looping include
|
||
|
||
- it might call the progress callback much more seldom. Especially if
|
||
the write callback is slow.
|
||
|
||
- rate limiting becomes less exact
|
||
|
||
- a single transfer might "starve out" other parallel transfers
|
||
|
||
- QUIC timers for other connections can't be maintained correctly
|
||
|
||
The long term fix should be to remove the loop and optimize coming back
|
||
to avoid the transfer speed penalty.
|
||
|
||
This fix lower the max loop count to reduce the starvation problem, and
|
||
avoids the loop completely for when rate-limiting is in progress.
|
||
|
||
Ref: #12488
|
||
Ref: https://curl.se/mail/lib-2023-12/0012.html
|
||
Closes #12504
|
||
|
||
Stefan Eissing (14 Dec 2023)
|
||
|
||
- lib: eliminate `conn->cselect_bits`
|
||
|
||
- use `data->state.dselect_bits` everywhere instead
|
||
- remove `bool *comeback` parameter as non-zero
|
||
`data->state.dselect_bits` will indicate that IO is
|
||
incomplete.
|
||
|
||
Closes #12512
|
||
|
||
- connect: refactor `Curl_timeleft()`
|
||
|
||
- less local vars, "better" readability
|
||
- added documentation
|
||
|
||
Closes #12518
|
||
|
||
Dmitry Karpov (14 Dec 2023)
|
||
|
||
- cookie: avoid fopen with empty file name
|
||
|
||
Closes #12514
|
||
|
||
Viktor Szakats (13 Dec 2023)
|
||
|
||
- tests/server: delete workaround for old-mingw
|
||
|
||
mingw-w64 1.0 comes with w32api v3.12, thus doesn't need this.
|
||
|
||
Follow-up to 38029101e2d78ba125732b3bab6ec267b80a0e72 #11625
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12510
|
||
|
||
- cmake: delete obsolete TODOs more [ci skip]
|
||
|
||
- manual completed: 898b012a9bf388590c4be7f526815b5ab74feca1 #1288
|
||
- soname completed: 5de6848f104d7cb0017080e31216265ac19d0dde #10023
|
||
- bunch of others that are completed
|
||
- `NTLM_WB_ENABLED` is implemented in a basic form, and now also
|
||
scheduled for removal, so a TODO at this point isn't useful.
|
||
|
||
And this 'to-check' item:
|
||
|
||
Q: "The cmake build selected to run gcc with -fPIC on my box while the
|
||
plain configure script did not."
|
||
|
||
A: With CMake, since 2ebc74c36a19a1700af394c16855ce144d9878e3 #11546
|
||
and fc9bfb14520712672b4784e8b48256fb29204011 #11627, we explicitly
|
||
enable PIC for libcurl shared lib. Or when building libcurl for
|
||
shared and static lib in a single pass. We do this by default for
|
||
Windows or when enabled by the user via `SHARE_LIB_OBJECT`.
|
||
Otherwise we don't touch this setting. Meaning the default set by
|
||
CMake (if any) or the toolchain is used. On Debian Bookworm, this
|
||
means that PIC is disabled for static libs by default. Some platforms
|
||
(like macOS), has PIC enabled by default.
|
||
autotools supports the double-pass mode only, and in that case
|
||
CMake seems to match PIC behaviour now (as tested on Linux with gcc.)
|
||
|
||
Follow-up to 5d5dfdbd1a6c40bd75e982b66f49e1fa3a7eeae7 #12500
|
||
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12509
|
||
|
||
Stefan Eissing (12 Dec 2023)
|
||
|
||
- CLIENT-WRITERS: design and use documentation
|
||
|
||
Closes #12507
|
||
|
||
Viktor Szakats (12 Dec 2023)
|
||
|
||
- cmake: delete obsolete TODO items [ci skip]
|
||
|
||
There is always room for improvement, but CMake is up to par now with
|
||
autotools, so there is no longer a good reason to keep around these
|
||
inline TODO items.
|
||
|
||
Answering one of questions:
|
||
|
||
Q: "The gcc command line use neither -g nor any -O options. As a
|
||
developer, I also treasure our configure scripts's --enable-debug
|
||
option that sets a long range of "picky" compiler options."
|
||
|
||
A: CMake offers the `CMAKE_BUILD_TYPE` variable to control debug info
|
||
and optimization level. E.g.:
|
||
- `Release` = `-O3` + no debug info
|
||
- `MinSizeRel` = `-Os` + no debug info
|
||
- `Debug` = `-O0` + debug info
|
||
|
||
https://stackoverflow.com/questions/48754619/what-are-cmake-build-type-deb
|
||
ug-release-relwithdebinfo-and-minsizerel/59314670#59314670
|
||
https://cmake.org/cmake/help/latest/manual/cmake-buildsystem.7.html#defaul
|
||
t-and-custom-configurations
|
||
|
||
For picky warnings we have the `PICKY_COMPILER` options, enabled by
|
||
default.
|
||
|
||
Closes #12500
|
||
|
||
Stefan Eissing (11 Dec 2023)
|
||
|
||
- CONNECTION-FILTERS: update documentation
|
||
|
||
Closes #12497
|
||
|
||
Daniel Stenberg (11 Dec 2023)
|
||
|
||
- lib: reduce use of strncpy
|
||
|
||
- bearssl: select cipher without buffer copies
|
||
- http_aws_sigv4: avoid strncpy, require exact timestamp length
|
||
- http_aws_sigv4: use memcpy isntead of strncpy
|
||
- openssl: avoid strncpy calls
|
||
- schannel: check for 1.3 algos without buffer copies
|
||
- strerror: avoid strncpy calls
|
||
- telnet: avoid strncpy, return error on too long inputs
|
||
- vtls: avoid strncpy in multissl_version()
|
||
|
||
Closes #12499
|
||
|
||
- CI/distcheck: run full tests
|
||
|
||
To be able to detect missing files better, this now runs the full CI
|
||
test suite. If done before, it would have detected #12462 before
|
||
release.
|
||
|
||
Closes #12503
|
||
|
||
- docs: clean up Protocols: for cmdline options
|
||
|
||
... and some other minor polish.
|
||
|
||
Closes #12496
|
||
|
||
- cmdline/gen: fix the sorting of the man page options
|
||
|
||
They were previously sorted based on the file names, which use a .d
|
||
extension, making "data" get placed after "data-binary" etc. Making the
|
||
sort ignore the extention fixes the ordering.
|
||
|
||
Reported-by: Boris Verkhovskiy
|
||
Bug: https://curl.se/mail/archive-2023-12/0014.html
|
||
Closes #12494
|
||
|
||
Daniel Gustafsson (9 Dec 2023)
|
||
|
||
- doh: remove unused local variable
|
||
|
||
The nurl variable is no longer used during probing following
|
||
a refactoring, so remove.
|
||
|
||
Closes #12491
|
||
|
||
Jay Satiro (8 Dec 2023)
|
||
|
||
- build: fix Windows ADDRESS_FAMILY detection
|
||
|
||
- Include winsock2.h for Windows ADDRESS_FAMILY detection.
|
||
|
||
Prior to this change cmake detection didn't work because it included
|
||
ws2def.h by itself, which is missing needed types from winsock2.h.
|
||
|
||
Prior to this change autotools detection didn't work because it did not
|
||
include any Windows header.
|
||
|
||
In both cases libcurl would fall back on unsigned short as the address
|
||
family type, which is the same as ADDRESS_FAMILY.
|
||
|
||
Co-authored-by: Viktor Szakats
|
||
|
||
Closes https://github.com/curl/curl/pull/12441
|
||
|
||
Daniel Stenberg (8 Dec 2023)
|
||
|
||
- lib: rename Curl_strndup to Curl_memdup0 to avoid misunderstanding
|
||
|
||
Since the copy does not stop at a null byte, let's not call it anything
|
||
that makes you think it works like the common strndup() function.
|
||
|
||
Based on feedback from Jay Satiro, Stefan Eissing and Patrick Monnerat
|
||
|
||
Closes #12490
|
||
|
||
- convsrctest.pl: removed: not used, not shipped in tarballs
|
||
|
||
- tests: rename tests scripts to the test number
|
||
|
||
It is hard to name the scripts sensibly. Lots of them are similarly
|
||
named and the name did not tell which test that used them.
|
||
|
||
The new approach is rather to name them based on the test number that
|
||
runs them. Also helps us see which scripts are for individual tests
|
||
rather than for general test infra.
|
||
|
||
- badsymbols.pl -> test1167.pl
|
||
- check-deprecated.pl -> test1222.pl
|
||
- check-translatable-options.pl -> test1544.pl
|
||
- disable-scan.pl -> test1165.pl
|
||
- error-codes.pl -> test1175.pl
|
||
- errorcodes.pl -> test1477.pl
|
||
- extern-scan.pl -> test1135.pl
|
||
- manpage-scan.pl -> test1139.pl
|
||
- manpage-syntax.pl -> test1173.pl
|
||
- markdown-uppercase.pl -> test1275.pl
|
||
- mem-include-scan.pl -> test1132.pl
|
||
- nroff-scan.pl -> test1140.pl
|
||
- option-check.pl -> test1276.pl
|
||
- options-scan.pl -> test971.pl
|
||
- symbol-scan.pl -> test1119.pl
|
||
- version-scan.pl -> test1177.pl
|
||
|
||
Closes #12487
|
||
|
||
Michał Antoniak (8 Dec 2023)
|
||
|
||
- sendf: fix compiler warning with CURL_DISABLE_HEADERS_API
|
||
|
||
fix MSVC warning C4189: 'htype': local variable is initialized but not
|
||
referenced - when CURL_DISABLE_HEADERS_API is defined.
|
||
|
||
Closes #12485
|
||
|
||
Viktor Szakats (8 Dec 2023)
|
||
|
||
- tidy-up: whitespace
|
||
|
||
Closes #12484
|
||
|
||
Stefan Eissing (7 Dec 2023)
|
||
|
||
- test_02_download: fix paramters to test_02_27
|
||
|
||
- it is a special client that only ever uses http/2
|
||
|
||
Closes #12467
|
||
|
||
Michał Antoniak (7 Dec 2023)
|
||
|
||
- vtls: remove the Curl_cft_ssl_proxy object if CURL_DISABLE_PROXY
|
||
|
||
Closes #12459
|
||
|
||
Daniel Stenberg (7 Dec 2023)
|
||
|
||
- lib: strndup/memdup instead of malloc, memcpy and null-terminate
|
||
|
||
- bufref: use strndup
|
||
- cookie: use strndup
|
||
- formdata: use strndup
|
||
- ftp: use strndup
|
||
- gtls: use aprintf instead of malloc + strcpy * 2
|
||
- http: use strndup
|
||
- mbedtls: use strndup
|
||
- md4: use memdup
|
||
- ntlm: use memdup
|
||
- ntlm_sspi: use strndup
|
||
- pingpong: use memdup
|
||
- rtsp: use strndup instead of malloc, memcpy and null-terminate
|
||
- sectransp: use strndup
|
||
- socks_gssapi.c: use memdup
|
||
- vtls: use dynbuf instead of malloc, snprintf and memcpy
|
||
- vtls: use strdup instead of malloc + memcpy
|
||
- wolfssh: use strndup
|
||
|
||
Closes #12453
|
||
|
||
- strdup: remove the memchr check from Curl_strndup
|
||
|
||
It makes it possible to clone a binary chunk of data.
|
||
|
||
Closes #12453
|
||
|
||
- ftp: handle the PORT parsing without allocation
|
||
|
||
Also reduces amount of *cpy() calls.
|
||
|
||
Closes #12456
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Bumped to 8.5.1
|
||
|
||
- url: for disabled protocols, mention if found in redirect
|
||
|
||
To help users better understand where the URL (and denied scheme) comes
|
||
from. Also removed "in libcurl" from the message, since the disabling
|
||
can be done by the application.
|
||
|
||
The error message now says "not supported" or "disabled" depending on
|
||
why it was denied:
|
||
|
||
Protocol "hej" not supported
|
||
Protocol "http" disabled
|
||
|
||
And in redirects:
|
||
|
||
Protocol "hej" not supported (in redirect)
|
||
Protocol "http" disabled (in redirect)
|
||
|
||
Reported-by: Mauricio Scheffer
|
||
Fixes #12465
|
||
Closes #12469
|
||
|
||
Stefan Eissing (6 Dec 2023)
|
||
|
||
- sectransp_ make TLSCipherNameForNumber() available in non-verbose config
|
||
|
||
Reported-by: Cajus Pollmeier
|
||
Closes #12476
|
||
Fixes #12474
|
||
|
||
YX Hao (6 Dec 2023)
|
||
|
||
- lib: fix variable undeclared error caused by `infof` changes
|
||
|
||
`--disable-verbose` yields `CURL_DISABLE_VERBOSE_STRINGS` defined.
|
||
`infof` isn't `Curl_nop_stmt` anymore: dac293c.
|
||
|
||
Follow-up to dac293c
|
||
|
||
Closes #12470
|
||
|
||
Viktor Szakats (6 Dec 2023)
|
||
|
||
- tidy-up: fix yamllint whitespace issues in labeler.yml
|
||
|
||
Follow-up to bda212911457c6fadfbba50be61afc4ca513fa56 #12466
|
||
|
||
Reviewed-by: Dan Fandrich
|
||
Closes #12475
|
||
|
||
- tidy-up: fix yamllint whitespace issues
|
||
|
||
Closes #12466
|
||
|
||
Chris Sauer (6 Dec 2023)
|
||
|
||
- cmake: fix typo
|
||
|
||
Follow-up to aace27b
|
||
Closes #12464
|
||
|
||
Daniel Stenberg (6 Dec 2023)
|
||
|
||
- dist: add tests/errorcodes.pl to the tarball
|
||
|
||
Used by test 1477
|
||
|
||
Reported-by: Xi Ruoyao
|
||
Follow-up to 0ca3a4ec9a7
|
||
Fixes #12462
|
||
Closes #12463
|
||
|
||
Dan Fandrich (6 Dec 2023)
|
||
|
||
- github/labeler: update a missed key in the v5 upgrade
|
||
|
||
Follow-up to ce03fe3ba
|
||
|
||
Version 8.5.0 (6 Dec 2023)
|
||
|
||
Daniel Stenberg (6 Dec 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
The curl 8.5.0 release.
|
||
|
||
Dan Fandrich (5 Dec 2023)
|
||
|
||
- github/labeler: switch from the beta to labeler v5
|
||
|
||
Some keys were renamed and the dot option was made default.
|
||
|
||
Closes #12458
|
||
|
||
Daniel Stenberg (5 Dec 2023)
|
||
|
||
- DEPRECATE: remove NTLM_WB in June 2024
|
||
|
||
Ref: https://curl.se/mail/lib-2023-12/0010.html
|
||
|
||
Closes #12451
|
||
|
||
Jacob Hoffman-Andrews (4 Dec 2023)
|
||
|
||
- rustls: implement connect_blocking
|
||
|
||
Closes #11647
|
||
|
||
Daniel Stenberg (4 Dec 2023)
|
||
|
||
- examples/rtsp-options.c: add
|
||
|
||
Just a bare bones RTSP example using CURLOPT_RTSP_SESSION_ID and
|
||
CURLOPT_RTSP_REQUEST set to CURL_RTSPREQ_OPTIONS.
|
||
|
||
Closes #12452
|
||
|
||
Stefan Eissing (4 Dec 2023)
|
||
|
||
- ngtcp2: ignore errors on unknown streams
|
||
|
||
- expecially in is_alive checks on connections, we might
|
||
see incoming packets on streams already forgotten and closed,
|
||
leading to errors reported by nghttp3. Ignore those.
|
||
|
||
Closes #12449
|
||
|
||
Daniel Stenberg (4 Dec 2023)
|
||
|
||
- docs: make all examples in all libcurl man pages compile
|
||
|
||
Closes #12448
|
||
|
||
- checksrc.pl: support #line instructions
|
||
|
||
makes it identify the correct source file and line
|
||
|
||
- GHA/man-examples: verify libcurl man page examples
|
||
|
||
- verify-examples.pl: verify that all man page examples compile clean
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Graham Campbell (2 Dec 2023)
|
||
|
||
- http3: bump ngtcp2 and nghttp3 versions
|
||
|
||
nghttp3 v1.1.0
|
||
ngtcp2 v1.1.0
|
||
|
||
In docs and CI
|
||
|
||
Closes #12446
|
||
|
||
- CI/quiche: use `3.1.4+quic` consistently in CI workflows
|
||
|
||
Closes #12447
|
||
|
||
Viktor Szakats (2 Dec 2023)
|
||
|
||
- test1545: disable deprecation warnings
|
||
|
||
Fixes:
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48631551/job/bhx74e0i66yr
|
||
p6pk#L1205
|
||
|
||
Same with details:
|
||
https://ci.appveyor.com/project/curlorg/curl/builds/48662893/job/ol8a78q9gmil
|
||
b6wt#L1263
|
||
```
|
||
tests/libtest/lib1545.c:38:3: error: 'curl_formadd' is deprecated: since 7.56
|
||
.0. Use curl_mime_init() [-Werror=deprecated-declarations]
|
||
38 | curl_formadd(&m_formpost, &lastptr, CURLFORM_COPYNAME, "file",
|
||
| ^~~~~~~~~~~~
|
||
[...]
|
||
```
|
||
|
||
Follow-up to 07a3cd83e0456ca17dfd8c3104af7cf45b7a1ff5 #12421
|
||
|
||
Fixes #12445
|
||
Closes #12444
|
||
|
||
Daniel Stenberg (2 Dec 2023)
|
||
|
||
- INSTALL: update list of ports and CPU archs
|
||
|
||
- symbols-in-versions: the CLOSEPOLICY options are deprecated
|
||
|
||
The were used with the CURLOPT_CLOSEPOLICY option, which *never* worked.
|
||
|
||
z2_ (1 Dec 2023)
|
||
|
||
- build: fix builds that disable protocols but not digest auth
|
||
|
||
- Build base64 functions if digest auth is not disabled.
|
||
|
||
Prior to this change if some protocols were disabled but not digest auth
|
||
then a build error would occur due to missing base64 functions.
|
||
|
||
Fixes https://github.com/curl/curl/issues/12440
|
||
Closes https://github.com/curl/curl/pull/12442
|
||
|
||
Michał Antoniak (1 Dec 2023)
|
||
|
||
- connect: reduce number of transportation providers
|
||
|
||
Use only the ones necessary - the ones that are built-in. Saves a few
|
||
bytes in the resulting code.
|
||
|
||
Closes #12438
|
||
|
||
David Benjamin (1 Dec 2023)
|
||
|
||
- vtls: consistently use typedef names for OpenSSL structs
|
||
|
||
The foo_st names don't appear in OpenSSL public API documentation. The
|
||
FOO typedefs are more common. This header was already referencing
|
||
SSL_CTX via <openssl/ssl.h>. There is a comment about avoiding
|
||
<openssl/x509v3.h>, but OpenSSL actually declares all the typedefs in
|
||
<openssl/ossl_typ.h>, which is already included by <openssl/ssl.h> (and
|
||
every other OpenSSL header), so just use that. Though I've included it
|
||
just to be explicit.
|
||
|
||
(I'm also fairly sure including <openssl/ssl.h> already triggers the
|
||
Schannel conflicts anyway. The comment was probably just out of date.)
|
||
|
||
Closes #12439
|
||
|
||
Lau (1 Dec 2023)
|
||
|
||
- libcurl-security.3: fix typo
|
||
|
||
Fixed minimal typo.
|
||
|
||
Closes #12437
|
||
|
||
Stefan Eissing (1 Dec 2023)
|
||
|
||
- ngtcp2: fix races in stream handling
|
||
|
||
- fix cases where ngtcp2 invokes callbacks on streams that
|
||
nghttp3 has already forgotten. Ignore the NGHTTP3_ERR_STREAM_NOT_FOUND
|
||
in these cases as it is normal behaviour.
|
||
|
||
Closes #12435
|
||
|
||
Emanuele Torre (1 Dec 2023)
|
||
|
||
- tool_writeout_json: fix JSON encoding of non-ascii bytes
|
||
|
||
char variables if unspecified can be either signed or unsigned depending
|
||
on the platform according to the C standard; in most platforms, they are
|
||
signed.
|
||
|
||
This meant that the *i<32 waas always true for bytes with the top bit
|
||
set. So they were always getting encoded as \uXXXX, and then since they
|
||
were also signed negative, they were getting extended with 1s causing
|
||
'\xe2' to be expanded to \uffffffe2, for example:
|
||
|
||
$ curl --variable 'v=“' --expand-write-out '{{v:json}}\n' file:///dev/nul
|
||
l
|
||
\uffffffe2\uffffff80\uffffff9c
|
||
|
||
I fixed this bug by making the code use explicitly unsigned char*
|
||
variables instead of char* variables.
|
||
|
||
Test 268 verifies
|
||
|
||
Reported-by: iconoclasthero
|
||
Closes #12434
|
||
|
||
Stefan Eissing (1 Dec 2023)
|
||
|
||
- cf-socket: TCP trace output local address used in connect
|
||
|
||
Closes #12427
|
||
|
||
Jay Satiro (1 Dec 2023)
|
||
|
||
- CURLINFO_PRETRANSFER_TIME_T.3: fix time explanation
|
||
|
||
- Change CURLINFO_PRETRANSFER_TIME_T explanation to say that it
|
||
includes protocol-specific instructions that trigger a transfer.
|
||
|
||
Prior to this change it explicitly said that it did not include those
|
||
instructions in the time, but that is incorrect.
|
||
|
||
The change is a copy of the fixed explanation already in
|
||
CURLINFO_PRETRANSFER_TIME, fixed by ec8dcd7b.
|
||
|
||
Reported-by: eeverettrbx@users.noreply.github.com
|
||
|
||
Fixes https://github.com/curl/curl/issues/12431
|
||
Closes https://github.com/curl/curl/pull/12432
|
||
|
||
Daniel Stenberg (30 Nov 2023)
|
||
|
||
- multi: during ratelimit multi_getsock should return no sockets
|
||
|
||
... as there is nothing to wait for then, it just waits. Otherwise, this
|
||
causes much more CPU work and updates than necessary during ratelimit
|
||
periods.
|
||
|
||
Ref: https://curl.se/mail/lib-2023-11/0056.html
|
||
Closes #12430
|
||
|
||
Dmitry Karpov (30 Nov 2023)
|
||
|
||
- transfer: abort pause send when connection is marked for closing
|
||
|
||
This handles cases of some bi-directional "upgrade" scenarios
|
||
(i.e. WebSockets) where sending is paused until some "upgrade" handshake
|
||
is completed, but server rejects the handshake and closes the
|
||
connection.
|
||
|
||
Closes #12428
|
||
|
||
Daniel Stenberg (28 Nov 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- openssl: when a session-ID is reused, skip OCSP stapling
|
||
|
||
Fixes #12399
|
||
Reported-by: Alexey Larikov
|
||
Closes #12418
|
||
|
||
- test1545: test doing curl_formadd twice with missing file
|
||
|
||
Reproduces #12410
|
||
Verifies the fix
|
||
Closes #12421
|
||
|
||
- Curl_http_body: cleanup properly when Curl_getformdata errors
|
||
|
||
Reported-by: yushicheng7788 on github
|
||
Based-on-work-by: yushicheng7788 on github
|
||
Fixes #12410
|
||
Closes #12421
|
||
|
||
- test1477: verify that libcurl-errors.3 and public headers are synced
|
||
|
||
The script errorcodes.pl extracts all error codes from all headers and
|
||
checks that they are all documented, then checks that all documented
|
||
error codes are also specified in a header file.
|
||
|
||
Closes #12424
|
||
|
||
- libcurl-errors.3: sync with current public headers
|
||
|
||
Closes #12424
|
||
|
||
Stefan Eissing (28 Nov 2023)
|
||
|
||
- test459: fix for parallel runs
|
||
|
||
- change warniing message to work better with varying filename
|
||
length.
|
||
- adapt test output check to new formatting
|
||
|
||
Follow-up to 97ccc4479f77ba3191c6
|
||
Closes #12423
|
||
|
||
Daniel Stenberg (27 Nov 2023)
|
||
|
||
- tool_cb_prg: make the carriage return fit for wide progress bars
|
||
|
||
When the progress bar was made max width (256 columns), the fly()
|
||
function attempted to generate its output buffer too long so that the
|
||
trailing carriage return would not fit and then the output would show
|
||
wrongly. The fly function is called when the expected total transfer is
|
||
unknown, which could be one or more progress calls before the actual
|
||
progress meter get shown when the expected transfer size is provided.
|
||
|
||
This new take also replaces the msnprintf() call with a much simpler
|
||
memset() for speed.
|
||
|
||
Reported-by: Tim Hill
|
||
Fixes #12407
|
||
Closes #12415
|
||
|
||
- tool_parsecfg: make warning output propose double-quoting
|
||
|
||
When the config file parser detects a word that *probably* should be
|
||
quoted, mention double-quotes as a possible remedy.
|
||
|
||
Test 459 verifies.
|
||
|
||
Proposed-by: Jiehong on github
|
||
Fixes #12409
|
||
Closes #12412
|
||
|
||
Jay Satiro (26 Nov 2023)
|
||
|
||
- curl.rc: switch out the copyright symbol for plain ASCII
|
||
|
||
.. like we already do for libcurl.rc.
|
||
|
||
libcurl.rc copyright symbol used to cause a "non-ascii 8-bit codepoint"
|
||
warning so it was switched to ascii.
|
||
|
||
Ref: https://github.com/curl/curl/commit/1ca62bb5#commitcomment-133474972
|
||
|
||
Suggested-by: Robert Southee
|
||
|
||
Closes https://github.com/curl/curl/pull/12403
|
||
|
||
Daniel Stenberg (26 Nov 2023)
|
||
|
||
- conncache: use the closure handle when disconnecting surplus connections
|
||
|
||
Use the closure handle for disconnecting connection cache entries so
|
||
that anything that happens during the disconnect is not stored and
|
||
associated with the 'data' handle which already just finished a transfer
|
||
and it is important that details from the unrelated disconnect does not
|
||
taint meta-data in the data handle.
|
||
|
||
Like storing the response code.
|
||
|
||
This also adjust test 1506. Unfortunately it also removes a key part of
|
||
the test that verifies that a connection is closed since when this
|
||
output vanishes (because the closure handle is used), we don't know
|
||
exactly that the connection actually gets closed in this test...
|
||
|
||
Reported-by: ohyeaah on github
|
||
Fixes #12367
|
||
Closes #12405
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Stefan Eissing (24 Nov 2023)
|
||
|
||
- quic: make eyeballers connect retries stop at weird replies
|
||
|
||
- when a connect immediately goes into DRAINING state, do
|
||
not attempt retries in the QUIC connection filter. Instead,
|
||
return CURLE_WEIRD_SERVER_REPLY
|
||
- When eyeballing, interpret CURLE_WEIRD_SERVER_REPLY as an
|
||
inconclusive answer. When all addresses have been attempted,
|
||
rewind the address list once on an inconclusive answer.
|
||
- refs #11832 where connects were retried indefinitely until
|
||
the overall timeout fired
|
||
|
||
Closes #12400
|
||
|
||
Daniel Stenberg (24 Nov 2023)
|
||
|
||
- CI: verify libcurl function SYNPOSIS sections
|
||
|
||
With the .github/scripits/verify-synopsis.pl script
|
||
|
||
Closes #12402
|
||
|
||
- docs/libcurl: SYNSOPSIS cleanup
|
||
|
||
- use the correct include file
|
||
- make sure they are declared as in the header file
|
||
- fix minor nroff syntax mistakes (missing .fi)
|
||
|
||
These are verified by verify-synopsis.pl, which extracts the SYNPOSIS
|
||
code and runs it through gcc.
|
||
|
||
Closes #12402
|
||
|
||
- sendf: fix comment typo
|
||
|
||
- fopen: allocate the dir after fopen
|
||
|
||
Move the allocation of the directory name down to after the fopen() call
|
||
to allow that shortcut code path to avoid a superfluous malloc+free
|
||
cycle.
|
||
|
||
Follow-up to 73b65e94f35311
|
||
|
||
Closes #12398
|
||
|
||
Stefan Eissing (24 Nov 2023)
|
||
|
||
- transfer: cleanup done+excess handling
|
||
|
||
- add `SingleRequest->download_done` as indicator that
|
||
all download bytes have been received
|
||
- remove `stop_reading` bool from readwrite functions
|
||
- move excess body handling into client download writer
|
||
|
||
Closes #12371
|
||
|
||
Daniel Stenberg (23 Nov 2023)
|
||
|
||
- fopen: create new file using old file's mode
|
||
|
||
Because the function renames the temp file to the target name as a last
|
||
step, if the file was previously owned by a different user, not ORing
|
||
the old mode could otherwise end up creating a file that was no longer
|
||
readable by the original owner after save.
|
||
|
||
Reported-by: Loïc Yhuel
|
||
Fixes #12299
|
||
Closes #12395
|
||
|
||
- test1476: require proxy
|
||
|
||
Follow-up from 323df4261c3542
|
||
|
||
Closes #12394
|
||
|
||
- fopen: create short(er) temporary file name
|
||
|
||
Only using random letters in the name plus a ".tmp" extension. Not by
|
||
appending characters to the final file name.
|
||
|
||
Reported-by: Maksymilian Arciemowicz
|
||
|
||
Closes #12388
|
||
|
||
Stefan Eissing (23 Nov 2023)
|
||
|
||
- tests: git ignore generated second-hsts.txt file
|
||
|
||
File is generated in test lib1900
|
||
|
||
Follow-up to 7cb03229d9e9c5
|
||
|
||
Closes #12393
|
||
|
||
Viktor Szakats (23 Nov 2023)
|
||
|
||
- openssl: enable `infof_certstack` for 1.1 and LibreSSL 3.6
|
||
|
||
Lower the barrier to enable `infof_certstack()` from OpenSSL 3 to
|
||
OpenSSL 1.1.x, and LibreSSL 3.6 or upper.
|
||
|
||
With the caveat, that "group name" and "type name" are missing from
|
||
the log output with these TLS backends.
|
||
|
||
Follow-up to b6e6d4ff8f253c8b8055bab9d4d6a10f9be109f3 #12030
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12385
|
||
|
||
Daniel Stenberg (23 Nov 2023)
|
||
|
||
- urldata: fix typo in comment
|
||
|
||
- CI: codespell
|
||
|
||
The list of words to ignore is in the file
|
||
.github/scripts/codespell-ignore.txt
|
||
|
||
Closes #12390
|
||
|
||
- lib: fix comment typos
|
||
|
||
Five separate ones, found by codespell
|
||
|
||
Closes #12390
|
||
|
||
- test1476: verify cookie PSL mixed case
|
||
|
||
- cookie: lowercase the domain names before PSL checks
|
||
|
||
Reported-by: Harry Sintonen
|
||
|
||
Closes #12387
|
||
|
||
Viktor Szakats (23 Nov 2023)
|
||
|
||
- openssl: fix building with v3 `no-deprecated` + add CI test
|
||
|
||
- build quictls with `no-deprecated` in CI to have test coverage for
|
||
this OpenSSL 3 configuration.
|
||
|
||
- don't call `OpenSSL_add_all_algorithms()`, `OpenSSL_add_all_digests()`.
|
||
The caller code is meant for OpenSSL 3, while these two functions were
|
||
only necessary before OpenSSL 1.1.0. They are missing from OpenSSL 3
|
||
if built with option `no-deprecated`, causing build errors:
|
||
```
|
||
vtls/openssl.c:4097:3: error: call to undeclared function 'OpenSSL_add_all_
|
||
algorithms'; ISO C99 and later do not support implicit function declaration
|
||
s [-Wimplicit-function-declaration]
|
||
vtls/openssl.c:4098:3: error: call to undeclared function 'OpenSSL_add_all_
|
||
digests'; ISO C99 and later do not support implicit function declarations [
|
||
-Wimplicit-function-declaration]
|
||
```
|
||
Ref: https://ci.appveyor.com/project/curlorg/curl-for-win/builds/48587418?f
|
||
ullLog=true#L7667
|
||
|
||
Regression from b6e6d4ff8f253c8b8055bab9d4d6a10f9be109f3 #12030
|
||
Bug: https://github.com/curl/curl/issues/12380#issuecomment-1822944669
|
||
Reviewed-by: Alex Bozarth
|
||
|
||
- vquic/curl_ngtcp2: fix using `SSL_get_peer_certificate` with
|
||
`no-deprecated` quictls 3 builds.
|
||
Do it by moving an existing solution for this from `vtls/openssl.c`
|
||
to `vtls/openssl.h` and adjusting caller code.
|
||
```
|
||
vquic/curl_ngtcp2.c:1950:19: error: implicit declaration of function 'SSL_g
|
||
et_peer_certificate'; did you mean 'SSL_get1_peer_certificate'? [-Wimplicit
|
||
-function-declaration]
|
||
```
|
||
Ref: https://github.com/curl/curl/actions/runs/6960723097/job/18940818625#s
|
||
tep:24:1178
|
||
|
||
- curl_ntlm_core: fix `-Wunused-parameter`, `-Wunused-variable` and
|
||
`-Wunused-function` when trying to build curl with NTLM enabled but
|
||
without the necessary TLS backend (with DES) support.
|
||
|
||
Closes #12384
|
||
|
||
- curl.h: delete Symbian OS references
|
||
|
||
curl deprecated Symbian OS in 3d64031fa7a80ac4ae3fd09a5939196268b92f81
|
||
via #5989. Delete references to it from public headers, because there
|
||
is no fresh release to use those headers with.
|
||
|
||
Reviewed-by: Dan Fandrich
|
||
Reviewed-by: Jay Satiro
|
||
Closes #12378
|
||
|
||
- windows: use built-in `_WIN32` macro to detect Windows
|
||
|
||
Windows compilers define `_WIN32` automatically. Windows SDK headers
|
||
or build env defines `WIN32`, or we have to take care of it. The
|
||
agreement seems to be that `_WIN32` is the preferred practice here.
|
||
Make the source code rely on that to detect we're building for Windows.
|
||
|
||
Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for
|
||
Windows detection, next to the official `_WIN32`. After this patch it
|
||
only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`.
|
||
|
||
There is a slight chance these break compatibility with Windows
|
||
compilers that fail to define `_WIN32`. I'm not aware of any obsolete
|
||
or modern compiler affected, but in case there is one, one possible
|
||
solution is to define this macro manually.
|
||
|
||
grepping for `WIN32` remains useful to discover Windows-specific code.
|
||
|
||
Also:
|
||
|
||
- extend `checksrc` to ensure we're not using `WIN32` anymore.
|
||
|
||
- apply minor formatting here and there.
|
||
|
||
- delete unnecessary checks for `!MSDOS` when `_WIN32` is present.
|
||
|
||
Co-authored-by: Jay Satiro
|
||
Reviewed-by: Daniel Stenberg
|
||
|
||
Closes #12376
|
||
|
||
Stefan Eissing (22 Nov 2023)
|
||
|
||
- url: ConnectionExists revisited
|
||
|
||
- have common pattern of `if not match, continue`
|
||
- revert pages long if()s to return early
|
||
- move dead connection check to later since it may
|
||
be relatively expensive
|
||
- check multiuse also when NOT building with NGHTTP2
|
||
- for MULTIUSE bundles, verify that the inspected
|
||
connection indeed supports multiplexing when in use
|
||
(bundles may contain a mix of connection, afaict)
|
||
|
||
Closes #12373
|
||
|
||
Daniel Stenberg (22 Nov 2023)
|
||
|
||
- CURLMOPT_MAX_CONCURRENT_STREAMS: make sure the set value is within range
|
||
|
||
... or use the default value.
|
||
|
||
Also clarify the documentation language somewhat.
|
||
|
||
Closes #12382
|
||
|
||
- urldata: make maxconnects a 32 bit value
|
||
|
||
"2^32 idle connections ought to be enough for anybody"
|
||
|
||
Closes #12375
|
||
|
||
- FEATURES: update the URL phrasing
|
||
|
||
The URL is length limited since a while back so "no limit" simply is not
|
||
true anymore. Mention the URL RFC standard used instead.
|
||
|
||
Closes #12383
|
||
|
||
- wolfssh: remove redundant static prototypes
|
||
|
||
vssh/wolfssh.c:346:18: error: redundant redeclaration of ‘wscp_recv’ [-We
|
||
rror=redundant-decls]
|
||
|
||
Closes #12381
|
||
|
||
- setopt: remove superfluous use of ternary expressions
|
||
|
||
Closes #12374
|
||
|
||
- mime: store "form escape" as a single bit
|
||
|
||
Closes #12374
|
||
|
||
- setopt: check CURLOPT_TFTP_BLKSIZE range on set
|
||
|
||
... instead of later when the transfer is about to happen.
|
||
|
||
Closes #12374
|
||
|
||
Viktor Szakats (21 Nov 2023)
|
||
|
||
- build: add more picky warnings and fix them
|
||
|
||
Enable more picky compiler warnings. I've found these options in the
|
||
nghttp3 project when implementing the CMake quick picky warning
|
||
functionality for it [1].
|
||
|
||
`-Wunused-macros` was too noisy to keep around, but fixed a few issues
|
||
it revealed while testing.
|
||
|
||
- autotools: reflect the more precisely-versioned clang warnings.
|
||
Follow-up to 033f8e2a08eb1d3102f08c4d8c8e85470f8b460e #12324
|
||
- autotools: sync between clang and gcc the way we set `no-multichar`.
|
||
- autotools: avoid setting `-Wstrict-aliasing=3` twice.
|
||
- autotools: disable `-Wmissing-noreturn` for MSYS gcc targets [2].
|
||
It triggers in libtool-generated stub code.
|
||
|
||
- lib/timeval: delete a redundant `!MSDOS` guard from a `WIN32` branch.
|
||
|
||
- lib/curl_setup.h: delete duplicate declaration for `fileno`.
|
||
Added in initial commit ae1912cb0d494b48d514d937826c9fe83ec96c4d
|
||
(1999-12-29). This suggests this may not be needed anymore, but if
|
||
it does, we may restore this for those specific (non-Windows) systems.
|
||
- lib: delete unused macro `FTP_BUFFER_ALLOCSIZE` since
|
||
c1d6fe2aaa5a26e49a69a4f2495b3cc7a24d9394.
|
||
- lib: delete unused macro `isxdigit_ascii` since
|
||
f65f750742068f579f4ee6d8539ed9d5f0afcb85.
|
||
- lib/mqtt: delete unused macro `MQTT_HEADER_LEN`.
|
||
- lib/multi: delete unused macro `SH_READ`/`SH_WRITE`.
|
||
- lib/hostip: add `noreturn` function attribute via new `CURL_NORETURN`
|
||
macro.
|
||
- lib/mprintf: delete duplicate declaration for `Curl_dyn_vprintf`.
|
||
- lib/rand: fix `-Wunreachable-code` and related fallouts [3].
|
||
- lib/setopt: fix `-Wunreachable-code-break`.
|
||
- lib/system_win32 and lib/timeval: fix double declarations for
|
||
`Curl_freq` and `Curl_isVistaOrGreater` in CMake UNITY mode [4].
|
||
- lib/warnless: fix double declarations in CMake UNITY mode [5].
|
||
This was due to force-disabling the header guard of `warnless.h` to
|
||
to reapply it to source code coming after `warnless.c` in UNITY
|
||
builds. This reapplied declarations too, causing the warnings.
|
||
Solved by adding a header guard for the lines that actually need
|
||
to be reapplied.
|
||
- lib/vauth/digest: fix `-Wunreachable-code-break` [6].
|
||
- lib/vssh/libssh2: fix `-Wunreachable-code-break` and delete redundant
|
||
block.
|
||
- lib/vtls/sectransp: fix `-Wunreachable-code-break` [7].
|
||
- lib/vtls/sectransp: suppress `-Wunreachable-code`.
|
||
Detected in `else` branches of dynamic feature checks, with results
|
||
known at compile-time, e.g.
|
||
```c
|
||
if(SecCertificateCopySubjectSummary) /* -> true */
|
||
```
|
||
Likely fixable as a separate micro-project, but given SecureTransport
|
||
is deprecated anyway, let's just silence these locally.
|
||
- src/tool_help: delete duplicate declaration for `helptext`.
|
||
- src/tool_xattr: fix `-Wunreachable-code`.
|
||
- tests: delete duplicate declaration for `unitfail` [8].
|
||
- tests: delete duplicate declaration for `strncasecompare`.
|
||
- tests/libtest: delete duplicate declaration for `gethostname`.
|
||
Originally added in 687df5c8c39c370a59999b9afc0917d808d978b7
|
||
(2010-08-02).
|
||
Got complicated later: c49e9683b85ba9d12cbb6eebc4ab2c8dba68fbdc
|
||
If there are still systems around with warnings, we may restore the
|
||
prototype, but limited for those systems.
|
||
- tests/lib2305: delete duplicate declaration for
|
||
`libtest_debug_config`.
|
||
- tests/h2-download: fix `-Wunreachable-code-break`.
|
||
|
||
[1] https://github.com/ngtcp2/nghttp3/blob/a70edb08e954d690e8fb2c1df999b5a056
|
||
f8bf9f/cmake/PickyWarningsC.cmake
|
||
[2] https://ci.appveyor.com/project/curlorg/curl/builds/48553586/job/3qkgjaui
|
||
qla5fj45?fullLog=true#L1675
|
||
[3] https://github.com/curl/curl/actions/runs/6880886309/job/18716044703?pr=1
|
||
2331#step:7:72
|
||
https://github.com/curl/curl/actions/runs/6883016087/job/18722707368?pr=1
|
||
2331#step:7:109
|
||
[4] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrr
|
||
iklpf1ut#L204
|
||
[5] https://ci.appveyor.com/project/curlorg/curl/builds/48555101/job/9g15qkrr
|
||
iklpf1ut#L218
|
||
[6] https://github.com/curl/curl/actions/runs/6880886309/job/18716042927?pr=1
|
||
2331#step:7:290
|
||
[7] https://github.com/curl/curl/actions/runs/6891484996/job/18746659406?pr=1
|
||
2331#step:9:1193
|
||
[8] https://github.com/curl/curl/actions/runs/6882803986/job/18722082562?pr=1
|
||
2331#step:33:1870
|
||
|
||
Closes #12331
|
||
|
||
Daniel Stenberg (21 Nov 2023)
|
||
|
||
- transfer: avoid unreachable expression
|
||
|
||
If curl_off_t and size_t have the same size (which is common on modern
|
||
64 bit systems), a condition cannot occur which Coverity pointed
|
||
out. Avoid the warning by having the code conditionally only used if
|
||
curl_off_t actually is larger.
|
||
|
||
Follow-up to 1cd2f0072fa482e25baa2
|
||
|
||
Closes #12370
|
||
|
||
Stefan Eissing (21 Nov 2023)
|
||
|
||
- transfer: readwrite improvements
|
||
|
||
- changed header/chunk/handler->readwrite prototypes to accept `buf`,
|
||
`blen` and a `pconsumed` pointer. They now get the buffer to work on
|
||
and report back how many bytes they consumed
|
||
- eliminated `k->str` in SingleRequest
|
||
- improved excess data handling to properly calculate with any body data
|
||
left in the headerb buffer
|
||
- eliminated `k->badheader` enum to only be a bool
|
||
|
||
Closes #12283
|
||
|
||
Daniel Stenberg (21 Nov 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Jiří Hruška (21 Nov 2023)
|
||
|
||
- transfer: avoid calling the read callback again after EOF
|
||
|
||
Regression since 7f43f3dc5994d01b12 (7.84.0)
|
||
|
||
Bug: https://curl.se/mail/lib-2023-11/0017.html
|
||
|
||
Closes #12363
|
||
|
||
Daniel Stenberg (21 Nov 2023)
|
||
|
||
- doh: provide better return code for responses w/o addresses
|
||
|
||
Previously it was wrongly returning CURLE_OUT_OF_MEMORY when the
|
||
response did not contain any addresses. Now it more accurately returns
|
||
CURLE_COULDNT_RESOLVE_HOST.
|
||
|
||
Reported-by: lRoccoon on github
|
||
|
||
Fixes #12365
|
||
Closes #12366
|
||
|
||
Stefan Eissing (21 Nov 2023)
|
||
|
||
- HTTP/2, HTTP/3: handle detach of onoing transfers
|
||
|
||
- refs #12356 where a UAF is reported when closing a connection
|
||
with a stream whose easy handle was cleaned up already
|
||
- handle DETACH events same as DONE events in h2/h3 filters
|
||
|
||
Fixes #12356
|
||
Reported-by: Paweł Wegner
|
||
Closes #12364
|
||
|
||
Viktor Szakats (20 Nov 2023)
|
||
|
||
- autotools: stop setting `-std=gnu89` with `--enable-warnings`
|
||
|
||
Do not alter the C standard when building with `--enable-warnings` when
|
||
building with gcc.
|
||
|
||
On one hand this alters warning results compared to a default build.
|
||
On the other, it may produce different binaries, which is unexpected.
|
||
|
||
Also fix new warnings that appeared after removing `-std=gnu89`:
|
||
|
||
- include: fix public curl headers to use the correct printf mask for
|
||
`CURL_FORMAT_CURL_OFF_T` and `CURL_FORMAT_CURL_OFF_TU` with mingw-w64
|
||
and Visual Studio 2013 and newer. This fixes the printf mask warnings
|
||
in examples and tests. E.g. [1]
|
||
|
||
- conncache: fix printf format string [2].
|
||
|
||
- http2: fix potential null pointer dereference [3].
|
||
(seen on Slackware with gcc 11.)
|
||
|
||
- libssh: fix printf format string in SFTP code [4].
|
||
Also make MSVC builds compatible with old CRT versions.
|
||
|
||
- libssh2: fix printf format string in SFTP code for MSVC.
|
||
Applying the same fix as for libssh above.
|
||
|
||
- unit1395: fix `argument is null` and related issues [5]:
|
||
- stop calling `strcmp()` with NULL to avoid undefined behaviour.
|
||
- fix checking results if some of them were NULL.
|
||
- do not pass NULL to printf `%s`.
|
||
|
||
- ci: keep a build job with `-std=gnu89` to continue testing for
|
||
C89-compliance. We can apply this to other gcc jobs as needed.
|
||
Ref: b23ce2cee7329bbf425f18b49973b7a5f23dfcb4 (2022-09-23) #9542
|
||
|
||
[1] https://dev.azure.com/daniel0244/curl/_build/results?buildId=18581&view=l
|
||
ogs&jobId=ccf9cc6d-2ef1-5cf2-2c09-30f0c14f923b
|
||
[2] https://github.com/curl/curl/actions/runs/6896854263/job/18763831142?pr=1
|
||
2346#step:6:67
|
||
[3] https://github.com/curl/curl/actions/runs/6896854253/job/18763839238?pr=1
|
||
2346#step:30:214
|
||
[4] https://github.com/curl/curl/actions/runs/6896854253/job/18763838007?pr=1
|
||
2346#step:29:895
|
||
[5] https://github.com/curl/curl/actions/runs/6896854253/job/18763836775?pr=1
|
||
2346#step:33:1689
|
||
|
||
Closes #12346
|
||
|
||
- autotools: fix/improve gcc and Apple clang version detection
|
||
|
||
- Before this patch we expected `n.n` `-dumpversion` output, but Ubuntu
|
||
may return `n-win32` (also with `-dumpfullversion`). Causing these
|
||
errors and failing to enable picky warnings:
|
||
```
|
||
../configure: line 23845: test: : integer expression expected
|
||
```
|
||
Ref: https://github.com/libssh2/libssh2/actions/runs/6263453828/job/1700789
|
||
3718#step:5:143
|
||
|
||
Fix that by stripping any dash-suffix and handling a dotless (major-only)
|
||
version number by assuming `.0` in that case.
|
||
|
||
`9.3-posix`, `9.3-win32`, `6`, `9.3.0`, `11`, `11.2`, `11.2.0`
|
||
Ref: https://github.com/mamedev/mame/pull/9767
|
||
|
||
- fix Apple clang version detection for releases between
|
||
'Apple LLVM version 7.3.0' and 'Apple LLVM version 10.0.1' where the
|
||
version was under-detected as 3.7 llvm/clang equivalent.
|
||
|
||
- fix Apple clang version detection for 'Apple clang version 11.0.0'
|
||
and newer where the Apple clang version was detected, instead of its
|
||
llvm/clang equivalent.
|
||
|
||
- display detected clang/gcc/icc compiler version.
|
||
|
||
Via libssh2:
|
||
- https://github.com/libssh2/libssh2/commit/00a3b88c51cdb407fbbb347a2e38c5c7d
|
||
89875ad
|
||
https://github.com/libssh2/libssh2/pull/1187
|
||
- https://github.com/libssh2/libssh2/commit/89ccc83c7da73e7ca3a112e3500081319
|
||
42b592e
|
||
https://github.com/libssh2/libssh2/pull/1232
|
||
|
||
Closes #12362
|
||
|
||
- autotools: delete LCC compiler support bits
|
||
|
||
Follow-up to fd7ef00f4305a2919e6950def1cf83d0110a4acd #12222
|
||
|
||
Closes #12357
|
||
|
||
- cmake: add test for `DISABLE` options, add `CURL_DISABLE_HEADERS_API`
|
||
|
||
- tests: verify CMake `DISABLE` options.
|
||
|
||
Make an exception for 2 CMake-only ones, and one more that's
|
||
using a different naming scheme, also in autotools and source.
|
||
|
||
- cmake: add support for `CURL_DISABLE_HEADERS_API`.
|
||
|
||
Suggested-by: Daniel Stenberg
|
||
Ref: https://github.com/curl/curl/pull/12345#pullrequestreview-1736238641
|
||
|
||
Closes #12353
|
||
|
||
Jacob Hoffman-Andrews (20 Nov 2023)
|
||
|
||
- hyper: temporarily remove HTTP/2 support
|
||
|
||
The current design of the Hyper integration requires rebuilding the
|
||
Hyper clientconn for each request. However, building the clientconn
|
||
requires resending the HTTP/2 connection preface, which is incorrect
|
||
from a protocol perspective. That in turn causes servers to send GOAWAY
|
||
frames, effectively degrading performance to "no connection reuse" in
|
||
the best case. It may also be triggering some bugs where requests get
|
||
dropped entirely and reconnects take too long.
|
||
|
||
This doesn't rule out HTTP/2 support with Hyper, but it may take a
|
||
redesign of the Hyper integration in order to make things work.
|
||
|
||
Closes #12191
|
||
|
||
Jay Satiro (20 Nov 2023)
|
||
|
||
- schannel: fix unused variable warning
|
||
|
||
Bug: https://github.com/curl/curl/pull/12349#issuecomment-1818000846
|
||
Reported-by: Viktor Szakats
|
||
|
||
Closes https://github.com/curl/curl/pull/12361
|
||
|
||
Daniel Stenberg (19 Nov 2023)
|
||
|
||
- url: find scheme with a "perfect hash"
|
||
|
||
Instead of a loop to scan over the potentially 30+ scheme names, this
|
||
uses a "perfect hash" table. This works fine because the set of schemes
|
||
is known and cannot change in a build. The hash algorithm and table size
|
||
is made to only make a single scheme index per table entry.
|
||
|
||
The perfect hash is generated by a separate tool (scripts/schemetable.c)
|
||
|
||
Closes #12347
|
||
|
||
- scripts: add schemetable.c
|
||
|
||
This tool generates a scheme-matching table.
|
||
|
||
It iterates over a number of different initial and shift values in order
|
||
to find the hash algorithm that needs the smallest possible table.
|
||
|
||
The generated hash function, table and table size then needs to be used
|
||
by the url.c:Curl_getn_scheme_handler() function.
|
||
|
||
Stefan Eissing (19 Nov 2023)
|
||
|
||
- vtls/vquic, keep peer name information together
|
||
|
||
- add `struct ssl_peer` to keep hostname, dispname and sni
|
||
for a filter
|
||
- allocate `sni` for use in VTLS backend
|
||
- eliminate `Curl_ssl_snihost()` and its use of the download buffer
|
||
- use ssl_peer in SSL and QUIC filters
|
||
|
||
Closes #12349
|
||
|
||
Viktor Szakats (18 Nov 2023)
|
||
|
||
- build: always revert `#pragma GCC diagnostic` after use
|
||
|
||
Before this patch some source files were overriding gcc warning options,
|
||
but without restoring them at the end of the file. In CMake UNITY builds
|
||
these options spilled over to the remainder of the source code,
|
||
effecitvely disabling them for a larger portion of the codebase than
|
||
intended.
|
||
|
||
`#pragma clang diagnostic` didn't have such issue in the codebase.
|
||
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12352
|
||
|
||
- tidy-up: casing typos, delete unused Windows version aliases
|
||
|
||
- cmake: fix casing of `UnixSockets` to match the rest of the codebase.
|
||
|
||
- curl-compilers.m4: fix casing in a comment.
|
||
|
||
- setup-win32: delete unused Windows version constant aliases.
|
||
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12351
|
||
|
||
- keylog: disable if unused
|
||
|
||
Fully disable keylog code if there is no TLS or QUIC subsystem using it.
|
||
|
||
Closes #12350
|
||
|
||
- cmake: add `CURL_DISABLE_BINDLOCAL` option
|
||
|
||
To match similar autotools option.
|
||
|
||
Default is `ON`.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12345
|
||
|
||
- url: fix `-Wzero-length-array` with no protocols
|
||
|
||
Fixes:
|
||
```
|
||
./lib/url.c:178:56: warning: use of an empty initializer is a C2x extension [
|
||
-Wc2x-extensions]
|
||
178 | static const struct Curl_handler * const protocols[] = {
|
||
| ^
|
||
./lib/url.c:178:56: warning: zero size arrays are an extension [-Wzero-length
|
||
-array]
|
||
```
|
||
|
||
Closes #12344
|
||
|
||
- url: fix builds with `CURL_DISABLE_HTTP`
|
||
|
||
Fixes:
|
||
```
|
||
./lib/url.c:456:35: error: no member named 'formp' in 'struct UrlState'
|
||
456 | Curl_mime_cleanpart(data->state.formp);
|
||
| ~~~~~~~~~~~ ^
|
||
```
|
||
|
||
Regression from 74b87a8af13a155c659227f5acfa78243a8b2aa6 #11682
|
||
|
||
Closes #12343
|
||
|
||
- http: fix `-Wunused-parameter` with no auth and no proxy
|
||
|
||
```
|
||
lib/http.c:734:26: warning: unused parameter 'proxy' [-Wunused-parameter]
|
||
bool proxy)
|
||
^
|
||
```
|
||
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12338
|
||
|
||
Daniel Stenberg (16 Nov 2023)
|
||
|
||
- TODO: Some TLS options are not offered for HTTPS proxies
|
||
|
||
Closes #12286
|
||
Closes #12342
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- duphandle: make dupset() not return with pointers to old alloced data
|
||
|
||
As the blob pointers are to be duplicated, the function must not return
|
||
mid-function with lingering pointers to the old handle's allocated data,
|
||
as that would lead to double-free in OOM situations.
|
||
|
||
Make sure to clear all destination pointers first to avoid this risk.
|
||
|
||
Closes #12337
|
||
|
||
Viktor Szakats (16 Nov 2023)
|
||
|
||
- http: fix `-Wunused-variable` compiler warning
|
||
|
||
Fix compiler warnings in builds with disabled auths, NTLM and SPNEGO.
|
||
|
||
E.g. with `CURL_DISABLE_BASIC_AUTH` + `CURL_DISABLE_BEARER_AUTH` +
|
||
`CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_NEGOTIATE_AUTH` +
|
||
`CURL_DISABLE_NTLM` on non-Windows.
|
||
|
||
```
|
||
./curl/lib/http.c:737:12: warning: unused variable 'result' [-Wunused-variabl
|
||
e]
|
||
CURLcode result = CURLE_OK;
|
||
^
|
||
./curl/lib/http.c:995:18: warning: variable 'availp' set but not used [-Wunus
|
||
ed-but-set-variable]
|
||
unsigned long *availp;
|
||
^
|
||
./curl/lib/http.c:996:16: warning: variable 'authp' set but not used [-Wunuse
|
||
d-but-set-variable]
|
||
struct auth *authp;
|
||
^
|
||
```
|
||
|
||
Regression from e92edfbef64448ef461117769881f3ed776dec4e #11490
|
||
|
||
Fixes #12228
|
||
Closes #12335
|
||
|
||
Jay Satiro (16 Nov 2023)
|
||
|
||
- tool: support bold headers in Windows
|
||
|
||
- If virtual terminal processing is enabled in Windows then use ANSI
|
||
escape codes Esc[1m and Esc[22m to turn bold on and off.
|
||
|
||
Suggested-by: Gisle Vanem
|
||
|
||
Ref: https://github.com/curl/curl/discussions/11770
|
||
|
||
Closes https://github.com/curl/curl/pull/12321
|
||
|
||
Viktor Szakats (15 Nov 2023)
|
||
|
||
- build: fix libssh2 + `CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_AWS`
|
||
|
||
Builds with libssh2 + `-DCURL_DISABLE_DIGEST_AUTH=ON` +
|
||
`-DCURL_DISABLE_AWS=ON` in combination with either Schannel on Windows,
|
||
or `-DCURL_DISABLE_NTLM=ON` on other operating systems failed while
|
||
compiling due to a missing HMAC declaration.
|
||
|
||
The reason is that HMAC is required by `lib/sha256.c` which publishes
|
||
`Curl_sha256it()` which is required by `lib/vssh/libssh2.c` when
|
||
building for libssh2 v1.8.2 (2019-05-25) or older.
|
||
|
||
Make sure to compile the HMAC bits for a successful build.
|
||
|
||
Both HMAC and `Curl_sha256it()` rely on the same internals, so splitting
|
||
them into separate sources isn't practical.
|
||
|
||
Fixes:
|
||
```
|
||
[...]
|
||
In file included from ./curl/_x64-win-ucrt-cmake-llvm-bld/lib/CMakeFiles/libc
|
||
url_object.dir/Unity/unity_0_c.c:310:
|
||
./curl/lib/sha256.c:527:42: error: array has incomplete element type 'const s
|
||
truct HMAC_params'
|
||
527 | const struct HMAC_params Curl_HMAC_SHA256[] = {
|
||
| ^
|
||
./curl/lib/curl_sha256.h:34:21: note: forward declaration of 'struct HMAC_par
|
||
ams'
|
||
[...]
|
||
```
|
||
|
||
Regression from e92edfbef64448ef461117769881f3ed776dec4e #11490
|
||
|
||
Fixes #12273
|
||
Closes #12332
|
||
|
||
Daniel Stenberg (15 Nov 2023)
|
||
|
||
- duphandle: also free 'outcurl->cookies' in error path
|
||
|
||
Fixes memory-leak when OOM mid-function
|
||
|
||
Use plain free instead of safefree, since the entire struct is
|
||
freed below.
|
||
|
||
Remove some free calls that is already freed in Curl_freeset()
|
||
|
||
Closes #12329
|
||
|
||
Viktor Szakats (15 Nov 2023)
|
||
|
||
- config-win32: set `HAVE_SNPRINTF` for mingw-w64
|
||
|
||
It's available in all mingw-w64 releases. We already pre-fill this
|
||
detection in CMake.
|
||
|
||
Closes #12325
|
||
|
||
- sasl: fix `-Wunused-function` compiler warning
|
||
|
||
In builds with disabled auths.
|
||
|
||
```
|
||
lib/curl_sasl.c:266:17: warning: unused function 'get_server_message' [-Wunus
|
||
ed-function]
|
||
static CURLcode get_server_message(struct SASL *sasl, struct Curl_easy *data,
|
||
^
|
||
1 warning generated.
|
||
```
|
||
Ref: https://github.com/curl/trurl/actions/runs/6871732122/job/18689066151#st
|
||
ep:3:3822
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12326
|
||
|
||
- build: picky warning updates
|
||
|
||
- cmake: sync some picky gcc warnings with autotools.
|
||
- cmake, autotools: add `-Wold-style-definition` for clang too.
|
||
- cmake: more precise version info for old clang options.
|
||
- cmake: use `IN LISTS` syntax in `foreach()`.
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12324
|
||
|
||
Daniel Stenberg (15 Nov 2023)
|
||
|
||
- urldata: move cookielist from UserDefined to UrlState
|
||
|
||
1. Because the value is not strictly set with a setopt option.
|
||
|
||
2. Because otherwise when duping a handle when all the set.* fields are
|
||
first copied and an error happens (think out of memory mid-function),
|
||
the function would easily free the list *before* it was deep-copied,
|
||
which could lead to a double-free.
|
||
|
||
Closes #12323
|
||
|
||
Viktor Szakats (14 Nov 2023)
|
||
|
||
- autotools: avoid passing `LDFLAGS` twice to libcurl
|
||
|
||
autotools passes `LDFLAGS` automatically linker commands. curl's
|
||
`lib/Makefile.am` customizes libcurl linker flags. In that
|
||
customization, it added `LDFLAGS` to the custom flags. This resulted in
|
||
passing `LDFLAGS` _twice_ to the `libtool` command.
|
||
|
||
Most of the time this is benign, but some `LDFLAGS` options can break
|
||
the build when passed twice. One such example is passing `.o` files,
|
||
e.g. `crt*.o` files necessary when customizing the C runtime, e.g. for
|
||
MUSL builds.
|
||
|
||
Passing them twice resulted in duplicate symbol errors:
|
||
```
|
||
libtool: link: clang-15 --target=aarch64-unknown-linux-musl [...] /usr/lib/a
|
||
arch64-linux-musl/crt1.o [...] /usr/lib/aarch64-linux-musl/crt1.o [...]
|
||
ld.lld-15: error: duplicate symbol: _start
|
||
>>> defined at crt1.c
|
||
>>> /usr/lib/aarch64-linux-musl/crt1.o:(.text+0x0)
|
||
>>> defined at crt1.c
|
||
>>> /usr/lib/aarch64-linux-musl/crt1.o:(.text+0x0)
|
||
[...]
|
||
clang: error: linker command failed with exit code 1 (use -v to see invocatio
|
||
n)
|
||
```
|
||
|
||
This behaviour came with commit 1a593191c2769a47b8c3e4d9715ec9f6dddf5e36
|
||
(2013-07-23) as a fix for bug https://curl.haxx.se/bug/view.cgi?id=1217.
|
||
The patch was a works-for-me hack that ended up merged in curl:
|
||
https://sourceforge.net/p/curl/bugs/1217/#06ef
|
||
With the root cause remaining unclear.
|
||
|
||
Perhaps the SUNPro 12 linker was sensitive to `-L` `-l` order, requiring
|
||
`-L` first? This would be unusual and suggests a bug in either the
|
||
linker or in `libtool`.
|
||
|
||
The curl build does pass the list of detected libs via its own
|
||
`LIBCURL_LIBS` variable, which ends up before `LDFLAGS` on the `libtool`
|
||
command line, but it's the job of `libtool` to ensure that even
|
||
a peculiar linker gets the options in the expected order. Also because
|
||
autotools passes `LDFLAGS` last, making it hardly possible to pass
|
||
anything after it.
|
||
|
||
Perhaps in the 10 years since this issue, this already got a fix
|
||
upstream.
|
||
|
||
This patch deletes `LDFLAGS` from our customized libcurl options,
|
||
leaving a single copy of them as passed by autotools automatically.
|
||
|
||
Reverts 1a593191c2769a47b8c3e4d9715ec9f6dddf5e36
|
||
Closes #12310
|
||
|
||
- autotools: accept linker flags via `CURL_LDFLAGS_{LIB,BIN}`
|
||
|
||
To allow passing `LDFLAGS` specific to libcurl (`CURL_LDFLAGS_LIB`) and
|
||
curl tool (`CURL_LDFLAGS_BIN`).
|
||
|
||
This makes it possible to build libcurl and curl with a single
|
||
invocation with lib- and tool-specific custom linker flags.
|
||
|
||
Such flag can be enabling `.map` files, a `.def` file for libcurl DLL,
|
||
controlling static/shared, incl. requesting a static curl tool (with
|
||
`-static-libtool-libs`) while building both shared and static libcurl.
|
||
|
||
curl-for-win uses the above and some more.
|
||
|
||
These options are already supported in `Makefile.mk`. CMake has built-in
|
||
variables for this.
|
||
|
||
Closes #12312
|
||
|
||
Jay Satiro (14 Nov 2023)
|
||
|
||
- tool_cb_hdr: add an additional parsing check
|
||
|
||
- Don't dereference the past-the-end element when parsing the server's
|
||
Content-disposition header.
|
||
|
||
As 'p' is advanced it can point to the past-the-end element and prior
|
||
to this change 'p' could be dereferenced in that case.
|
||
|
||
Technically the past-the-end element is not out of bounds because dynbuf
|
||
(which manages the header line) automatically adds a null terminator to
|
||
every buffer and that is not included in the buffer length passed to
|
||
the header callback.
|
||
|
||
Closes https://github.com/curl/curl/pull/12320
|
||
|
||
Philip Heiduck (14 Nov 2023)
|
||
|
||
- .cirrus.yml: freebsd 14
|
||
|
||
ensure curl works on latest freebsd version
|
||
|
||
Closes #12053
|
||
|
||
Daniel Stenberg (13 Nov 2023)
|
||
|
||
- easy: in duphandle, init the cookies for the new handle
|
||
|
||
... not the source handle.
|
||
|
||
Closes #12318
|
||
|
||
- duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set
|
||
|
||
Previously it would unconditionally use the size, which is set to -1
|
||
when strlen is requested.
|
||
|
||
Updated test 544 to verify.
|
||
|
||
Closes #12317
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- curl_easy_duphandle.3: clarify how HSTS and alt-svc are duped
|
||
|
||
Closes #12315
|
||
|
||
- urldata: move hstslist from 'set' to 'state'
|
||
|
||
To make it work properly with curl_easy_duphandle(). This, because
|
||
duphandle duplicates the entire 'UserDefined' struct by plain copy while
|
||
'hstslist' is a linked curl_list of file names. This would lead to a
|
||
double-free when the second of the two involved easy handles were
|
||
closed.
|
||
|
||
Closes #12315
|
||
|
||
- test1900: verify duphandle with HSTS using multiple files
|
||
|
||
Closes #12315
|
||
|
||
Goro FUJI (13 Nov 2023)
|
||
|
||
- http: allow longer HTTP/2 request method names
|
||
|
||
- Increase the maximum request method name length from 11 to 23.
|
||
|
||
For HTTP/1.1 and earlier there's not a specific limit in libcurl for
|
||
method length except that it is limited by the initial HTTP request
|
||
limit (DYN_HTTP_REQUEST). Prior to fc2f1e54 HTTP/2 was treated the same
|
||
and there was no specific limit.
|
||
|
||
According to Internet Assigned Numbers Authority (IANA) the longest
|
||
registered method is UPDATEREDIRECTREF which is 17 characters.
|
||
|
||
Also there are unregistered methods used by some companies that are
|
||
longer than 11 characters.
|
||
|
||
The limit was originally added by 61f52a97 but not used until fc2f1e54.
|
||
|
||
Ref: https://www.iana.org/assignments/http-methods/http-methods.xhtml
|
||
|
||
Closes https://github.com/curl/curl/pull/12311
|
||
|
||
Jay Satiro (12 Nov 2023)
|
||
|
||
- CURLOPT_CAINFO_BLOB.3: explain what CURL_BLOB_COPY does
|
||
|
||
- Add an explanation of the CURL_BLOB_COPY flag to CURLOPT_CAINFO_BLOB
|
||
and CURLOPT_PROXY_CAINFO_BLOB docs.
|
||
|
||
All the other _BLOB option docs already have the same explanation.
|
||
|
||
Closes https://github.com/curl/curl/pull/12277
|
||
|
||
Viktor Szakats (11 Nov 2023)
|
||
|
||
- tidy-up: dedupe Windows system libs in cmake
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Closes #12307
|
||
|
||
Junho Choi (11 Nov 2023)
|
||
|
||
- ci: test with latest quiche release (0.19.0)
|
||
|
||
Closes #12180
|
||
|
||
- quiche: use quiche_conn_peer_transport_params()
|
||
|
||
In recent quiche, transport parameter API is separated
|
||
with quiche_conn_peer_transport_params().
|
||
(https://github.com/cloudflare/quiche/pull/1575)
|
||
It breaks with bulding with latest(post 0.18.0) quiche.
|
||
|
||
Closes #12180
|
||
|
||
Daniel Stenberg (11 Nov 2023)
|
||
|
||
- Makefile: generate the VC 14.20 project files at dist-time
|
||
|
||
Follow-up to 28287092cc5a6d6ef8 (#12282)
|
||
|
||
Closes #12290
|
||
|
||
Sam James (11 Nov 2023)
|
||
|
||
- misc: fix -Walloc-size warnings
|
||
|
||
GCC 14 introduces a new -Walloc-size included in -Wextra which gives:
|
||
|
||
```
|
||
src/tool_operate.c: In function ‘add_per_transfer’:
|
||
src/tool_operate.c:213:5: warning: allocation of insufficient size ‘1’ fo
|
||
r type ‘struct per_transfer’ with size ‘480’ [-Walloc-size]
|
||
213 | p = calloc(sizeof(struct per_transfer), 1);
|
||
| ^
|
||
src/var.c: In function ‘addvariable’:
|
||
src/var.c:361:5: warning: allocation of insufficient size ‘1’ for type <20><>
|
||
<20>struct var’ with size ‘32’ [-Walloc-size]
|
||
361 | p = calloc(sizeof(struct var), 1);
|
||
| ^
|
||
```
|
||
|
||
The calloc prototype is:
|
||
```
|
||
void *calloc(size_t nmemb, size_t size);
|
||
```
|
||
|
||
So, just swap the number of members and size arguments to match the
|
||
prototype, as we're initialising 1 struct of size `sizeof(struct
|
||
...)`. GCC then sees we're not doing anything wrong.
|
||
|
||
Closes #12292
|
||
|
||
Mark Gaiser (11 Nov 2023)
|
||
|
||
- IPFS: bugfixes
|
||
|
||
- Fixed endianness bug in gateway file parsing
|
||
- Use IPFS_PATH in tests where IPFS_DATA was used
|
||
- Fixed typos from traling -> trailing
|
||
- Fixed broken link in IPFS.md
|
||
|
||
Follow-up to 859e88f6533f9e
|
||
|
||
Reported-by: Michael Kaufmann
|
||
Bug: https://github.com/curl/curl/pull/12152#issuecomment-1798214137
|
||
Closes #12305
|
||
|
||
Daniel Stenberg (11 Nov 2023)
|
||
|
||
- VULN-DISCLOSURE-POLIC: remove broken link to hackerone
|
||
|
||
It should ideally soon not be done from hackerone anyway
|
||
|
||
Closes #12308
|
||
|
||
Andrew Kurushin (11 Nov 2023)
|
||
|
||
- schannel: add CA cache support for files and memory blobs
|
||
|
||
- Support CA bundle and blob caching.
|
||
|
||
Cache timeout is 24 hours or can be set via CURLOPT_CA_CACHE_TIMEOUT.
|
||
|
||
Closes https://github.com/curl/curl/pull/12261
|
||
|
||
Daniel Stenberg (10 Nov 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
Charlie C (10 Nov 2023)
|
||
|
||
- cmake: option to disable install & drop `curlu` target when unused
|
||
|
||
This patch makes the following changes:
|
||
- adds the option `CURL_DISABLE_INSTALL` - to disable 'install' targets.
|
||
- Removes the target `curlu` when the option `BUILD_TESTING` is set to
|
||
`OFF` - to prevent it from being loaded in Visual Studio.
|
||
|
||
Closes #12287
|
||
|
||
Kai Pastor (10 Nov 2023)
|
||
|
||
- cmake: fix multiple include of CURL package
|
||
|
||
Fixes errors on second `find_package(CURL)`. This is a frequent case
|
||
with transitive dependencies:
|
||
```
|
||
CMake Error at ...:
|
||
add_library cannot create ALIAS target "CURL::libcurl" because another
|
||
target with the same name already exists.
|
||
```
|
||
|
||
Test to reproduce:
|
||
```cmake
|
||
cmake_minimum_required(VERSION 3.27) # must be 3.18 or higher
|
||
|
||
project(curl)
|
||
|
||
set(CURL_DIR "example/lib/cmake/CURL/")
|
||
find_package(CURL CONFIG REQUIRED)
|
||
find_package(CURL CONFIG REQUIRED) # fails
|
||
|
||
add_executable(main main.c)
|
||
target_link_libraries(main CURL::libcurl)
|
||
```
|
||
|
||
Ref: https://cmake.org/cmake/help/latest/release/3.18.html#other-changes
|
||
Ref: https://cmake.org/cmake/help/v3.18/policy/CMP0107.html
|
||
Ref: #12300
|
||
Assisted-by: Harry Mallon
|
||
Closes #11913
|
||
|
||
Viktor Szakats (8 Nov 2023)
|
||
|
||
- tidy-up: use `OPENSSL_VERSION_NUMBER`
|
||
|
||
Uniformly use `OPENSSL_VERSION_NUMBER` to check for OpenSSL version.
|
||
Before this patch some places used `OPENSSL_VERSION_MAJOR`.
|
||
|
||
Also fix `lib/md4.c`, which included `opensslconf.h`, but that doesn't
|
||
define any version number in these implementations: BoringSSL, AWS-LC,
|
||
LibreSSL, wolfSSL. (Only in mainline OpenSSL/quictls). Switch that to
|
||
`opensslv.h`. This wasn't causing a deeper problem because the code is
|
||
looking for v3, which is only provided by OpenSSL/quictls as of now.
|
||
|
||
According to https://github.com/openssl/openssl/issues/17517, the macro
|
||
`OPENSSL_VERSION_NUMBER` is safe to use and not deprecated.
|
||
|
||
Reviewed-by: Marcel Raad
|
||
Closes #12298
|
||
|
||
Daniel Stenberg (8 Nov 2023)
|
||
|
||
- resolve.d: drop a multi use-sentence
|
||
|
||
Since the `multi:` keyword adds that message.
|
||
|
||
Reported-by: 積丹尼 Dan Jacobson
|
||
Fixes https://github.com/curl/curl/discussions/12294
|
||
Closes #12295
|
||
|
||
- content_encoding: make Curl_all_content_encodings allocless
|
||
|
||
- Fixes a memory leak pointed out by Coverity
|
||
- Also found by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?
|
||
id=63947
|
||
- Avoids unncessary allocations
|
||
|
||
Follow-up ad051e1cbec68b2456a22661b
|
||
|
||
Closes #12289
|
||
|
||
Michael Kaufmann (7 Nov 2023)
|
||
|
||
- vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0
|
||
|
||
Some servers don't support the ALPN protocol "http/1.0" (e.g. IIS 10),
|
||
avoid it and use "http/1.1" instead.
|
||
|
||
This reverts commit df856cb5c9 (#10183).
|
||
|
||
Fixes #12259
|
||
Closes #12285
|
||
|
||
Daniel Stenberg (7 Nov 2023)
|
||
|
||
- Makefile.am: drop vc10, vc11 and vc12 projects from dist
|
||
|
||
They are end of life products. Support for generating them remain in the
|
||
repo for a while but this change drops them from distribution.
|
||
|
||
Closes #12288
|
||
|
||
David Suter (7 Nov 2023)
|
||
|
||
- projects: add VC14.20 project files
|
||
|
||
Windows projects included VC14, VC14.10, VC14.30 but not VC14.20.
|
||
OpenSSL and Wolf SSL scripts mention VC14.20 so I don't see a reason why
|
||
this is missing. Updated the templates to produce a VC14.20 project.
|
||
Project opens in Visual Studio 2019 as expected.
|
||
|
||
Closes #12282
|
||
|
||
Daniel Stenberg (7 Nov 2023)
|
||
|
||
- curl: move IPFS code into src/tool_ipfs.[ch]
|
||
|
||
- convert ensure_trailing into ensure_trailing_slash
|
||
- strdup the URL string to own it proper
|
||
- use shorter variable names
|
||
- combine some expressions
|
||
- simplify error handling in ipfs_gateway()
|
||
- add MAX_GATEWAY_URL_LEN + proper bailout if maximum is reached
|
||
- ipfs-gateway.d polish and simplification
|
||
- shorten ipfs error message + make them "synthetic"
|
||
|
||
Closes #12281
|
||
|
||
Viktor Szakats (6 Nov 2023)
|
||
|
||
- build: delete support bits for obsolete Windows compilers
|
||
|
||
- Pelles C: Unclear status, failed to obtain a fresh copy a few months
|
||
ago. Possible website is HTTP-only. ~10 years ago I left this compiler
|
||
dealing with crashes and other issues with no response on the forum
|
||
for years. It has seen some activity in curl back in 2021.
|
||
- LCC: Last stable release in September 2002.
|
||
- Salford C: Misses winsock2 support, possibly abandoned? Last mentioned
|
||
in 2006.
|
||
- Borland C++: We dropped Borland C++ support in 2018.
|
||
- MS Visual C++ 6.0: Released in 1998. curl already requires VS 2010
|
||
(or possibly 2008) as a minimum.
|
||
|
||
Closes #12222
|
||
|
||
- build: delete `HAVE_STDINT_H` and `HAVE_INTTYPES_H`
|
||
|
||
We use `stdint.h` unconditionally in all places except one. These uses
|
||
are imposed by external dependencies / features. nghttp2, quic, wolfSSL
|
||
and `HAVE_MACH_ABSOLUTE_TIME` do require this C99 header. It means that
|
||
any of these features make curl require a C99 compiler. (In case of
|
||
MSVC, this means Visual Studio 2010 or newer.)
|
||
|
||
This patch changes the single use of `stdint.h` guarded by
|
||
`HAVE_STDINT_H` to use `stdint.h` unconditionally. Also stop using
|
||
`inttypes.h` as an alternative there. `HAVE_INTTYPES_H` wasn't used
|
||
anywhere else, allowing to delete this feature check as well.
|
||
|
||
Closes #12275
|
||
|
||
Daniel Stenberg (6 Nov 2023)
|
||
|
||
- tool_operate: do not mix memory models
|
||
|
||
Make sure 'inputpath' only points to memory allocated by libcurl so that
|
||
curl_free works correctly.
|
||
|
||
Pointed out by Coverity
|
||
|
||
Follow-up to 859e88f6533f9e1f890
|
||
|
||
Closes #12280
|
||
|
||
Stefan Eissing (6 Nov 2023)
|
||
|
||
- lib: client writer, part 2, accounting + logging
|
||
|
||
This PR has these changes:
|
||
|
||
Renaming of unencode_* to cwriter, e.g. client writers
|
||
- documentation of sendf.h functions
|
||
- move max decode stack checks back to content_encoding.c
|
||
- define writer phase which was used as order before
|
||
- introduce phases for monitoring inbetween decode phases
|
||
- offering default implementations for init/write/close
|
||
|
||
Add type paramter to client writer's do_write()
|
||
- always pass all writes through the writer stack
|
||
- writers who only care about BODY data will pass other writes unchanged
|
||
|
||
add RAW and PROTOCOL client writers
|
||
- RAW used for Curl_debug() logging of CURLINFO_DATA_IN
|
||
- PROTOCOL used for updates to data->req.bytecount, max_filesize checks and
|
||
Curl_pgrsSetDownloadCounter()
|
||
- remove all updates of data->req.bytecount and calls to
|
||
Curl_pgrsSetDownloadCounter() and Curl_debug() from other code
|
||
- adjust test457 expected output to no longer see the excess write
|
||
|
||
Closes #12184
|
||
|
||
Daniel Stenberg (6 Nov 2023)
|
||
|
||
- VULN-DISCLOSURE-POLICY: escape sequences are not a security flaw
|
||
|
||
Closes #12278
|
||
|
||
Viktor Szakats (6 Nov 2023)
|
||
|
||
- rand: fix build error with autotools + LibreSSL
|
||
|
||
autotools unexpectedly detects `arc4random` because it is also looking
|
||
into dependency libs. One dependency, LibreSSL, happens to publish an
|
||
`arc4random` function (via its shared lib before v3.7, also via static
|
||
lib as of v3.8.2). When trying to use this function in `lib/rand.c`,
|
||
its protoype is missing. To fix that, curl included a prototype, but
|
||
that used a C99 type without including `stdint.h`, causing:
|
||
|
||
```
|
||
../../lib/rand.c:37:1: error: unknown type name 'uint32_t'
|
||
37 | uint32_t arc4random(void);
|
||
| ^
|
||
1 error generated.
|
||
```
|
||
|
||
This patch improves this by dropping the local prototype and instead
|
||
limiting `arc4random` use for non-OpenSSL builds. OpenSSL builds provide
|
||
their own random source anyway.
|
||
|
||
The better fix would be to teach autotools to not link dependency libs
|
||
while detecting `arc4random`.
|
||
|
||
LibreSSL publishing a non-namespaced `arc4random` tracked here:
|
||
https://github.com/libressl/portable/issues/928
|
||
|
||
Regression from 755ddbe901cd0c921fbc3ac5b3775c0dc683bc73 #10672
|
||
|
||
Reviewed-by: Daniel Stenberg
|
||
Fixes #12257
|
||
Closes #12274
|
||
|
||
Daniel Stenberg (5 Nov 2023)
|
||
|
||
- RELEASE-NOTES: synced
|
||
|
||
- strdup: do Curl_strndup without strncpy
|
||
|
||
To avoid (false positive) gcc-13 compiler warnings.
|
||
|
||
Follow-up to 4855debd8a2c1cb
|
||
|
||
Assisted-by: Jay Satiro
|
||
Reported-by: Viktor Szakats
|
||
Fixes #12258
|
||
|
||
Enno Boland (5 Nov 2023)
|
||
|
||
- HTTP: fix empty-body warning
|
||
|
||
This change fixes a compiler warning with gcc-12.2.0 when
|
||
`-DCURL_DISABLE_BEARER_AUTH=ON` is used.
|
||
|
||
/home/tox/src/curl/lib/http.c: In function 'Curl_http_input_auth':
|
||
/home/tox/src/curl/lib/http.c:1147:12: warning: suggest braces around emp
|
||
ty body in an 'else' statement [-Wempty-body]
|
||
1147 | ;
|
||
| ^
|
||
|
||
Closes #12262
|
||
|
||
Daniel Stenberg (5 Nov 2023)
|
||
|
||
- openssl: identify the "quictls" backend correctly
|
||
|
||
Since vanilla OpenSSL does not support the QUIC API I think it helps
|
||
users to identify the correct OpenSSL fork in version output. The best
|
||
(crude) way to do that right now seems to be to check if ngtcp2 support
|
||
is enabled.
|
||
|
||
Closes #12270
|
||
|
||
Mark Gaiser (5 Nov 2023)
|
||
|
||
- curl: improved IPFS and IPNS URL support
|
||
|
||
Previously just ipfs://<cid> and ipns://<cid> was supported, which is
|
||
too strict for some usecases.
|
||
|
||
This patch allows paths and query arguments to be used too.
|
||
Making this work according to normal http semantics:
|
||
|
||
ipfs://<cid>/foo/bar?key=val
|
||
ipns://<cid>/foo/bar?key=val
|
||
|
||
The gateway url support is changed.
|
||
It now only supports gateways in the form of:
|
||
|
||
http://<gateway>/foo/bar
|
||
http://<gateway>
|
||
|
||
Query arguments here are explicitly not allowed and trigger an intended
|
||
malformed url error.
|
||
|
||
There also was a crash when IPFS_PATH was set with a non trailing
|
||
forward slash. This has been fixed.
|
||
|
||
Lastly, a load of test cases have been added to verify the above.
|
||
|
||
Reported-by: Steven Allen
|
||
Fixes #12148
|
||
Closes #12152
|
||
|
||
Harry Mallon (5 Nov 2023)
|
||
|
||
- docs: KNOWN_BUGS cleanup
|
||
|
||
* Remove other mention of hyper memory-leaks from `KNOWN_BUGS`.
|
||
Should have been removed in 629723ecf22a8eae78d64cceec2f3bdae703ec95
|
||
|
||
* Remove mention of aws-sigv4 sort query string from `KNOWN_BUGS`.
|
||
Fixed in #11806
|
||
|
||
* Remove mention of aws-sigv4 query empty value problems
|
||
|
||
* Remove mention of aws-sigv4 missing amz-content-sha256
|
||
Fixed in #9995
|
||
|
||
- http_aws_sigv4: canonicalise valueless query params
|
||
|
||
Fixes #8107
|
||
Closes #12244
|
||
|
||
Michael Kaufmann (4 Nov 2023)
|
||
|
||
- docs: preserve the modification date when copying the prebuilt man page
|
||
|
||
The previously built man page "curl.1" must be copied with the original
|
||
modification date, otherwise the man page is never updated.
|
||
|
||
This fixes a bug that has been introduced with commit 2568441cab.
|
||
|
||
Reviewed-by: Dan Fandrich
|
||
Reviewed-by: Daniel Stenberg
|
||
|
||
Closes #12199
|
||
|
||
Daniel Stenberg (4 Nov 2023)
|
||
|
||
- docs: remove bold from some man page SYNOPSIS sections
|
||
|
||
In the name of consistency
|
||
|
||
Closes #12267
|
||
|
||
- openssl: two multi pointer checks should probably rather be asserts
|
||
|
||
... so add the asserts now and consider removing the dynamic checks in a
|
||
future.
|
||
|
||
Ref: #12261
|
||
Closes #12264
|
||
|
||
boilingoden (4 Nov 2023)
|
||
|
||
- docs: add supported version for the json write-out
|
||
|
||
xref: https://curl.se/changes.html#7_70_0
|
||
|
||
Closes #12266
|