Professional Documents
Culture Documents
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
Changelog
Fixes https://github.com/curl/curl/issues/8538
Closes https://github.com/curl/curl/pull/8540
Ref: https://curl.se/mail/lib-2022-03/0004.html
Closes https://github.com/curl/curl/pull/8529
Bug: https://github.com/curl/curl/issues/8381#issuecomment-1055440241
Reported-by: Michael Kaufmann
Closes https://github.com/curl/curl/pull/8519
Closes #8511
- libssh: fix include files and defines use for Windows builds
Reported-by: 梦终无痕
Bug: https://curl.se/mail/lib-2022-02/0131.html
Closes #8511
- RELEASE-NOTES: synced
Closes #8512
Closes #8513
It works now
Closes #8505
Ref: https://github.com/curl/curl/discussions/8498
Closes #8502
Closes https://github.com/curl/curl/pull/8500
Closes #8494
This resolves issues compiling rpg code that includes the curl header
file.
Closes #8494
Closes #8493
Closes #8492
- RELEASE-NOTES: synced
Closes #8489
There was one instance in openssl.c where sessionid was not checked
beforehand and this change fixes that.
Fixes https://github.com/curl/curl/issues/8472
Closes https://github.com/curl/curl/pull/8484
Several years ago a change was made to block user callbacks from calling
back into the API when not supported (recursive calls). One of the calls
blocked was curl_multi_assign. Recently the blocking was extended to the
multi interface API, however curl_multi_assign may need to be called
from within those user callbacks (eg CURLMOPT_SOCKETFUNCTION).
I can't think of any callback where it would be unsafe to call
curl_multi_assign so I removed the restriction entirely.
Ref: https://github.com/curl/curl/commit/b46cfbc
Ref: https://github.com/curl/curl/commit/340bb19
Fixes https://github.com/curl/curl/issues/8480
Closes https://github.com/curl/curl/pull/8483
ssl: reduce allocated space for ssl backend when FTP is disabled
Closes #8471
Closes #8481
Closes https://github.com/curl/curl/pull/8482
Closes https://github.com/curl/curl/pull/8479
Ref: https://github.com/curl/curl/pull/8106
Closes https://github.com/curl/curl/pull/8476
Prior to this change in such a case no key was extracted and that caused
CURLE_SSL_CONNECT_ERROR. The x509_minimal engine will stop parsing if
any validity check fails but the x509_decode won't.
Ref: https://github.com/curl/curl/pull/8106
Closes https://github.com/curl/curl/pull/8475
Ref: https://github.com/curl/curl/pull/8106
Closes https://github.com/curl/curl/pull/8474
Closes #8470
This change also updates the NUM_CIPHERS value to accurately count the
number of ciphers options listed in schannel.c, which is 47 instead of
45. It is unlikely that anyone tries to set all 47 values, but if they
had tried, the last two would not have been set.
Closes #8469
Closes #8455
The wrapper will exit if the system command failed instead of blindly
continuing on.
In addition, only copy docs which exist, since now the copy failure will
cause the build to stop.
Closes #8455
Closes #8455
The explanatory parts are now in the everything curl book (which can
also use images etc). This document now refers to that resource and only
leaves listings of supported versions of libs, tools and operating
systems. See https://everything.curl.dev/internals
Closes #8467
When `USE_OPENSSL` was defined but OpenSSL had no DES support and a
different crypto library was used for that, `Curl_des_set_odd_parity`
was called but not defined. This could for example happen on Windows
and macOS when using OpenSSL v3 with deprecated features disabled.
Use the same condition for the function definition as used at the
caller side, but leaving out the OpenSSL part to avoid including
OpenSSL headers.
Closes https://github.com/curl/curl/pull/8459
Closes #8458
Closes #8460
Spotted on appveyor
Closes #8465
EVP_sha256() does not appear in the OpenSSL source before 0.9.7h, and
does not get built by default until 0.9.8, so trying to use it for all
0.9.7 is wrong, and before 0.9.8 is unreliable.
Closes https://github.com/curl/curl/pull/8464
Follow-up to 96f85a0fef694
We haven't heard about this for a long time and rumours have it they
might have fixed it.
The authentication status should be told by the transfer and not the
connection.
Closes #8454
Closes #8454
Closes #8454
Closes https://github.com/curl/curl/pull/8453
Closes #8448
Closes #8450
Closes #8445
Closes #8444
... and make test 1459 check for the different return code then.
Closes #8444
Ref: https://github.com/curl/curl/pull/8438
projects: remove support for MSVC before VC10 (Visual Studio 2010)
- Remove Visual Studio project files for VC6, VC7, VC7.1, VC8 and VC9.
Closes https://github.com/curl/curl/pull/8442
Closes https://github.com/curl/curl/pull/8438
Closes #8430
Closes #8441
Closes #8428
Closes #8423
Closes #8439
Closes #8439
Closes #8427
Closes #8431
This could otherwise easily leave libcurl "hanging" after the entire
transfer is done but without noticing the end-of-transfer signal.
Closes #8429
Fixes #8425
Closes #8426
Otherwise the build fails when H3 is enabled but the build doesn't
include nghttp2.
Closes #8424
Closes #8418
Closes #8409
Closes #8395
Fix a memory-leak
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43646
Closes #8415
Closes #8404
Closes #8398
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44517
Follow-up to 9f985a11e794
Closes #8414
- RELEASE-NOTES: synced
This script parses the config files for all the CI services currently in
use and output the information in a uniform way. The idea is that the
output from this script should be possible to massage into informational
tables or graphs to help us visualize what they are all testing and NOT
testing.
Closes #8408
Closes #8401
Closes #8397
Closes #8399
Closes #8396
Closes #8396
When OpenSSL 3.0 is built with `--api=3.0` and `no-deprecated`, the SRP
functions exist in the library, but are disabled for user code. Check
if they are actually usable instead of only if they exist. Also, check
for the functions actually required for TLS-SRP.
Closes https://github.com/curl/curl/pull/8394
Also add STRCONST, a macro that returns a string literal and it's length
for functions that take "string,len"
Closes #8391
The other pseudo headers are possible to change indirectly by doing the
rightly crafted request.
Closes #8389
smb: passing a socket for writing and reading data instead of FIRSTSOCKET
Closes #8383
- x509asn1: toggle off functions not needed for diff tls backends
... and clean the header file from private defines/structs (move to C
file) and unused function prototypes.
Closes #8386
Closes #8386
Closes https://github.com/curl/curl/pull/8385
Closes https://github.com/curl/curl/pull/8382
TPF was the only user and support for that was dropped.
Closes #8378
There has been no TPF related changes done since September 2010 (commit
7e1a45e224e57) and since this is a platform that is relatively different
than many others (== needs attention), I draw the conclusion that this
build is broken since a long time.
Closes #8378
Closes https://github.com/curl/curl/pull/8379
Closes #8377
Closes #8376
Closes #8375
- RELEASE-NOTES: synced
Closes #8363
configure: use correct CFLAGS for threaded resolver with xlC on AIX
Fixes #8276
Closes #8374
Ref: https://github.com/ngtcp2/ngtcp2/pull/356
Closes https://github.com/curl/curl/pull/8372
Ref: https://curl.se/mail/lib-2022-02/0006.html
Closes https://github.com/curl/curl/pull/8370
Closes #8362
Closes #8369
Closes #8314
After 'must', the verb is used without 'to'. Correct: "must" or "have
to"
Closes #8368
Closes #8367
Closes #8364
Closes #8358
- openssl-no-verbose
- openssl-no-proxy
Closes #8359
Closes #8357
Closes #8357
Fix a bug that does not require a new CVE as discussed on hackerone.com.
Previously `connection_id` was accessed after returning connection to
the shared pool.
Bug: https://hackerone.com/reports/1463013
Closes #8355
Closes https://github.com/curl/curl/pull/8354
Closes #8353
Closes #8350
- setopt: fix the TLSAUTH #ifdefs for proxy-disabled builds
Closes #8350
Ref: #8346
Closes #8349
Closes https://github.com/curl/curl/pull/8352
Closes #8343
Closes #8344
To execute the test program, we might need the library path so that the
lib is found at runtime.
Closes #8340
Ref: https://github.com/curl/curl/pull/8320#issuecomment-1022957904
Closes https://github.com/curl/curl/pull/8336
Ref: https://www.msys2.org/wiki/Porting/
Fixes https://github.com/curl/curl/issues/8084
Closes https://github.com/curl/curl/pull/8325
Closes #8338
https://github.com/openssl/openssl/commit/56bd17830f2d5855b533d923d4e0649d3ed61d11.
Closes https://github.com/curl/curl/pull/8331
Closes #8334
The TLS backends convert the host name to SNI name and need to use that.
This involves cutting off any trailing dot and lowercasing.
Keep the dot in names for everything except the SNI to make curl behave
more similar to current browsers. This means 'name' and 'name.' send the
same SNI for different 'Host:' headers.
Fixes #8290
Reported-by: Charles Cazabon
Closes #8320
Closes #8333
Closes #8330
- RELEASE-NOTES: synced
Avoids the need to clone the strings before check, thus avoiding
mallocs, which for cases where there are many SAN names in a cert could
end up numerous.
Closes #8321
Closes #8322
Closes #8268
Closes https://github.com/curl/curl/pull/8319
- md5: refactor for standard compliance
Depending on how curl was built the old way may have used a dllimport
function address during static initialization, which is not standard
compliant, resulting in Visual Studio warning C4232 (nonstandard
extension). Instead the function pointers now point to the wrappers
which call the MD5 functions.
This change only affects OpenSSL and wolfSSL because calls to other SSL
libraries' md5 functions were already wrapped. Also sha256.c already
does this for all SSL libraries.
Ref: https://github.com/curl/curl/pull/8298
Closes https://github.com/curl/curl/pull/8318
The tools.ietf.org domain has been deprecated a while now, with the
links being redirected to datatracker.ietf.org.
Rather than make people eat that redirect time, this change switches the
URL to a more canonical source.
Closes #8317
Closes #8315
put all #include of openssl files behind wolfssl ifdefs so that we can
use the wolfssl/ prefixed include paths. Without these curl only builds
when wolfssl is built with enable-all.
Fixes #8292
Closes #8315
Closes #8316
wolfSSL offers OpenSSL API compatibility that libcurl uses, and some
recent change in libcurl included an include file for wolfSSL like
openssl/foo.h, which has a path like wolfssl\wolfssl\openssl\foo.h.
The include directory issue was reported in #8292 but it's currently
unclear whether this type of change is needed for other build systems.
Bug: https://github.com/curl/curl/issues/8292
Reported-by: Harry Sarson
Closes https://github.com/curl/curl/pull/8298
Closes #8232
Closes #8307
Closes #8303
Closes #8299
Valgrind and gdb implement this feature: as this highly slows down tests,
disable it.
Closes #8291
- RELEASE-NOTES: synced
Closes #8286
This makes most libcurl functions return error if called from within a
callback using the same multi handle. For example timer or socket
callbacks calling curl_multi_socket_action.
Follow-up to bbf8cae44dedc495e6
Closes #8287
There has not been a mention of this OS in any commit since December
2004 (58f4af7973e3d2). The OS is also long gone.
Closes #8288
Just silently accepting the options and then not having any effect is
not good.
Ref: #8283
Closes #8285
Unless muted (with -s) When doing globbing, curl would output mime-like
separators between the separate transfers. This is not documented
anywhere, surprises users and clobbers the output. Gone now.
Ref: https://github.com/curl/curl/commit/867ad1c#r63439893
Ref: https://github.com/curl/curl/pull/8146
Closes https://github.com/curl/curl/pull/8260
Fixes #8173
Closes #8275
Closes #8281
Fixes #8279
Reported-by: Satadru Pramanik
Closes #8280
Oss-fuzz found an issue when the "sendleftovers" pointer could leak memory.
Fix this by always freeing it (if still assigned) in the done function.
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43515
Closes #8274
Typically a problem for platforms with 32 bit long and 64 bit size_t
- RELEASE-NOTES: synced
This makes the behavior consistent between GCC 10 and earlier versions.
Closes https://github.com/curl/curl/pull/8271
Closes https://github.com/curl/curl/pull/8271
Fixes https://github.com/curl/curl/issues/8248
Closes https://github.com/curl/curl/pull/8265
Closes https://github.com/curl/curl/pull/8265
1. The callback is better described in the option for setting it. Having
it in a single place reduces the risk that one of them is wrong.
Closes #8262
Mostly reverts ba0657c343f, but now instead just run the plain macro on
darwin. The approach as used on other platforms is simply not necessary
on macOS.
Fixes #8229
Reported-by: Ryan Schmidt
Closes #8247
Closes #8152
Closes https://github.com/curl/curl/pull/8258
Closes #8239
Closes #8239
Closes #7964
Fixes #8188
Closes #8191
For consistency, use the same return code for URL malformats,
independently of what scheme that is used. Previously this would return
CURLE_LDAP_INVALID_URL, but starting now that error cannot be returned.
Closes #8170
Closes #8254
I was able to build and run this on Windows, pulling trusted certs from
the system and then add them to rustls by setting
`CURLOPT_CAINFO_BLOB`. Handy!
Closes #8255
- RELEASE-NOTES: synced
- data/DISABLED: disable test 313 for wolfssl builds
Closes #8252
Closes #8252
Closes #8252
Closes #8251
Disables tests that don't yet work with the rustls backend.
Fixes #8004
Closes #8250
- remote-header-name.d: clarify
Ref: https://curl.se/mail/archive-2022-01/0032.html
Closes #8249
- url: given a user in the URL, find pwd for that user in netrc
Closes #8238
Follow-up to 8fbd6feddfa587cfd3
Closes #8245
Fixes #8240
Reported-by: Jan Ehrhardt
Closes #8246
Follow-up to 764e4f066d5
Closes #8242
... after the initial checks for .curlrc and if XDG_CONFIG_HOME is not
set, use $HOME and $CURL_HOME to check if ~/.config/curlrc is present.
Follow-up to 30aea2b1ede
Closes #8233
Fixes #8234
Reported-by: Melroy van den Berg
Closes #8236
- RELEASE-NOTES: synced
Closes #8228
Closes #8228
Closes #8228
Fixes #8229
Closes #8230
Bug: https://github.com/curl/curl/pull/8223#issuecomment-1005188696
Reported-by: Marc Hörsken
Closes #8226
Follow-up to effd2bd7ba2a5fd244
Reported-by: Marc Hörsken
Bug: https://github.com/curl/curl/pull/8217#issuecomment-1004681145
Closes #8223
Added to FILEFORMAT.md
To allow the test suite to verify that the right data arrived
Closes #8218
- ftp: disable warning 4706 in MSVC
Follow-up to 21248e052d
Closes #8218
Closes #8210
Closes #8215
Closes #8215
Closes #8215
"As a last resort, you can access the field foo of a structure bar by
writing bar.MBEDTLS_PRIVATE(foo). Note that you do so at your own risk,
since such code is likely to break in a future minor version of Mbed
TLS." -
https://github.com/ARMmbed/mbedtls/blob/f2d1199edc5834df4297f247f213e614f7782d1d/
docs/3.0-migration-guide.md
That future minor version is v3.1.0. I set the >= to == for the version
checks because v3.1.0 is a release, and I am not sure when the private
designation was reverted after v3.0.0.
Closes #8214
-- curl version=[7.81.0-DEV]
CMake Warning (dev) at
/usr/share/cmake-3.22.1/Modules/FindPackageHandleStandardArgs.cmake:438 (message):
The package name passed to `find_package_handle_standard_args` (MBEDTLS)
does not match the name of the calling package (MbedTLS). This can lead to
problems in calling code that expects `find_package` result variables
(e.g., `_FOUND`) to follow a certain pattern.
Call Stack (most recent call first):
deps/curl/CMake/FindMbedTLS.cmake:31 (find_package_handle_standard_args)
deps/curl/CMakeLists.txt:473 (find_package)
This warning is for project developers. Use -Wno-dev to suppress it.
Closes #8207
Closes #8206
Closes #8212
Follow-up to 1914465cf180d32b3d
As it isn't used.
Fixes #8197
Closes #8198
... and double-check in the OpenSSL shutdown that the socket is actually
still there before it is used.
Fixes #8193
Closes #8195
Reported-by: Leszek Kubik
Closes #8178
The name check now uses a function from lib/vtls/openssl.c which will
need attention for when TLS is not done by OpenSSL or is disabled while
QUIC is enabled.
Ref: #8173
Closes #8178
Closes #8196
Fixes #8184
Closes #8189
- RELEASE-NOTES: synced
Closes #8183
Closes #8182
Closes #8181
Closes #8185
- docs/HTTP3: describe how to setup a h3 reverse-proxy for testing
Closes #8177
Since 4a4b63daaa0
The httpcode < 100 check was also triggered when none of the fields were
parsed, thus making the if(!nc) block unreachable.
Closes #8171
- RELEASE-NOTES: synced
- language: "email"
Follow-up to 7a92f86
The string is set by the user and needs to remain intact for proper
connection reuse etc.
- misc: s/e-mail/email
Closes #8159
Closes #8162
Closes #8158
- BINDINGS.md: "markdown-link-check-disable"
It feels a bit unfortunate to litter an ugly tag for this functionality,
but if we get link scans of all markdown files, this might be worth the
price.
Before:
After:
Reported-by: lllaffer@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/8154
Closes https://github.com/curl/curl/pull/8155
Closes #8156
Overhaul to make sure functions that detect errors bail out early with
error rather than trying to continue and risk hiding the problem.
Closes #8147
Closes #8140
Closes #8148
Closes #8142
From #8141
Since the mbedTLS API requires the data to the null terminated.
Follow-up to 456c53730d21b1fad0c7f72c1817
Fixes #8139
Closes #8145
Ref: https://github.com/curl/curl/issues/6079
Ref: https://github.com/curl/curl/pull/6082
Assisted-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Preparation of #7922
Ref: https://www.msys2.org/wiki/Porting/#filesystem-namespaces
Fixes #8084
Closes #8138
Closes #8136
7.61.0 is over three years old now, remove all #ifdefs for handling
ancient libcurl versions so that the example gets easier to read and
understand
Closes #8137
Closes #8133
Closes #8119
- RELEASE-NOTES: synced
Upon receiving large result sets, this reduces memory consumption and
allows starting to output results while the transfer is still in
progress.
Closes #8101
- hash: lazy-alloc the table in Curl_hash_add()
Closes #8132
Since each socket hash entry may themselves have a hash table in them,
the destroying of the socket hash needs to make sure all the subhashes
are also correctly destroyed to avoid leaking memory.
Fixes #8129
Closes #8131
Follow-up to 6f73e68d182
Closes #8134
Closes #8128
Closes #8128
Closes #8128
Closes #8128
Minor reorg of the lib1156 code and it works fine for hyper.
Closes #8127
Closes #8126
Closes #8123
Closes #8125
Closes #8124
Follow-up to 436cdf82041
An error returned from one of these funtions mean that ALL still ongoing
transfers are to be considered failed.
Ref: #8114
Closes #8120
Closes #8116
For example trying to add entries after the hash has been "cleaned up"
Closes #8115
Closes #8121
- RELEASE-NOTES: synced
Put the format strings in stand-alone lines with .nf/.fi to be easier to spot.
Closes #8105
Closes #8104
Closes #7980
Closes #8100
Closes #8099
Closes #8065
Closes #8097
Closes #8097
- tool_listhelp: sync
Follow-up to 172068b76f
Closes #8094
- RELEASE-NOTES: synced
The repo repo was re-organized a bit, so the build instructions need to
be updated.
Closes #8076
Fixes #8079
Closes #8081
Prior to this change the build number was not checked during version
comparison, and the platform id was supposed to be checked but wasn't.
Ref: https://github.com/curl/curl/pull/7784
Closes https://github.com/curl/curl/pull/7824
Closes https://github.com/curl/curl/pull/7867
Closes #8078
Add many more options that can reduce the size of the binary that were
added since the last update. Update the sample minimal binary size for
version 7.80.0.
- tests: Add some missing keywords to tests
These are needed to skip some tests when configure options have disabled
certain features.
Closes #8071
https://datatracker.ietf.org/doc/html/rfc7616#section-3.4.4
... the client MUST calculate a hash of the username after
any other hash calculation ...
The homedir() function is now renamed into findfile() and iterates over
all the environment variables trying to access the file in question
until it finds it. Last resort is then getpwuid() if
available. Previously it would first try to find a home directory and if
that was set, insist on checking only that directory for the file. This
now returns the full file name it finds.
The Windows specific checks are now done differently too and in this
order:
1 - %USERPROFILE%
2 - %APPDATA%
3 - %USERPROFILE%\\Application Data
The windows order is modified to match how the Windows 10 ssh tool works
when it searches for .ssh/known_hosts.
Make all libcurl related options use .nf (no fill) for the SYNOPSIS
section - for consistent look. roffit then renders that section using
<pre> (monospace font) in html for the website.
- RELEASE-NOTES: synced
Closes #8054
Closes #8060
Closes #8059
Closes #8058
Closes #8056
Closes #7896
Test cases in 1560 have been adjusted and extended. Tests 1538 and 1559
have been updated.
Closes #8049
Instad of having all callers pass in the maximum length, always use
it. The passed in length is instead used only as the length of the
target buffer for to storing the scheme name in, if used.
Added the scheme max length restriction to the curl_url_set.3 man page.
Follow-up to 45bcb2eaa78c79
Closes #8047
Follow-up to 9108da2c26d
Closes #8052
Fixes #8012
Closes #8022
Since the 'CMAKE_' prefix is reserved for cmake's own private use.
Ref: https://cmake.org/cmake/help/latest/manual/cmake-variables.7.html
file URLs that are 6 bytes or shorter are not complete. Return
CURLUE_MALFORMED_INPUT for those. Extended test 1560 to verify.
Triggered by #8041
Closes #8042
- RELEASE-NOTES: synced
Closes #8043
- tool_operate: only set SSH related libcurl options for SSH URLs
For example, this avoids trying to find and set the known_hosts file (or
warn for its absence) if SFTP or SCP are not used.
Closes #8040
Closes #8038
With OpenSSL 3.0, the parameters are read directly from the `EVP_PKEY`
using `EVP_PKEY_get_bn_param`.
Closes https://github.com/curl/curl/pull/7893
Closes https://github.com/curl/curl/pull/7893
Closes https://github.com/curl/curl/pull/7893
Closes #8036
This is done by having native code do the haproxy header output before
hyper issues its request. The little downside with this approach is that
we need the entire Curl_buffer_send() function built, which is otherwise
not used for hyper builds.
If hyper ends up getting native support for the haproxy protocols we can
backpedal on this.
Closes #8034
Closes #8028
Closes #8030
Closes #8025
Remove the lines saying "protocols: all". It makes the output in the
manpage look funny, and the expectation is probably by default that if
not anything is mentioned about protocols the option apply to them all.
Closes #8021
gen.pl now generates a warning if the "See Also" field is not filled in for a
command line option
All command line options now provide one or more related options. 167
"See alsos" added!
Closes #8019
Closes #8017
Closes #8016
- Revert "form-escape.d: double the back-slashes for proper man page output"
mime: use percent-escaping for multipart form field and file names
Until now, form field and file names where escaped using the
backslash-escaping algorithm defined for multipart mails. This commit
replaces this with the percent-escaping method for URLs.
Closes #8013
Follow-up to f0b7099a10d1a
Closes #8011
When we're reading out plaintext from rustls' internal buffers, we might
get a read of zero bytes (meaning a clean TCP close, including
close_notify). However, we shouldn't return immediately when that
happens, since we may have already copied out some plaintext bytes.
Break out of the loop when we get a read of zero bytes, and figure out
which path we're dealing with.
Closes #8003
> Handling of unclean close and the close_notify TLS alert. Mirroring
> upstream changes, a rustls_connection now tracks TCP closed state like
> so: rustls_connection_read_tls considers a 0-length read from its
> callback to mean "TCP stream was closed by peer." If that happens
> before the peer sent close_notify, rustls_connection_read will return
> RUSTLS_RESULT_UNEXPECTED_EOF once the available plaintext bytes are
> exhausted. This is useful to protect against truncation attacks. Note:
> some TLS implementations don't send close_notify. If you are already
> getting length information from your protocol (e.g. Content-Length in
> HTTP) you may choose to ignore UNEXPECTED_EOF so long as the number of
> plaintext bytes was as expected.
Closes #8003
Follow-up to f0b7099a10d1a
Closes #8007
Follow-up to b589696f0312d
Closes #8006
Closes #8002
CURLSHOPT_LOCKFUNC.3
CURLSHOPT_SHARE.3
CURLSHOPT_UNLOCKFUNC.3
CURLSHOPT_UNSHARE.3
CURLSHOPT_USERDATA.3
Closes #7998
Follow-up to f0b7099a10d1a
Reported-by: Vincent Grande
Fixes #7995
Closes #7996
Follow-up to f0b7099a10d1a7c
Closes #7999
68d89f24 dropped the `--without-*` options from the configure help, but
`AC_ARG_WITH` still defines these flags automatically. As
https://www.gnu.org/software/autoconf/manual/autoconf-2.60/html_node/External-
Software.html
describes, the `action-if-given` is called when the user specifies
`--with-*` or `--without-*` options.
Closes #7991
Closes #7956
Fixes #7949
Closes #7948
Some method names, as well as the generated library name, were changed
in a recent refactoring.
Fixes #7947
Closes #7948
- RELEASE-NOTES: synced
Easy handles that are used by the multi interface should be removed from
the multi handle before they are cleaned up.
Closes #7984
Closes #7979
Closes #7979
Closes #7978
Also skip all IDN tests which are broken while using an msys shell.
Closes #7975
Follow-up to cc71d352651a0d95
Reported-by: Marc Hörsken
Bug: https://github.com/curl/curl/pull/7922#issuecomment-963042676
Closes #7971
Closes #7972
Closes #7970
Closes #7930
Closes #7969
Follow-up to 24155569d8a
Reported-by: Sergey Markelov
Fixes https://github.com/curl/curl-www/issues/163
Closes #7962
When failing to create the output file for saving an etag, only fail
that particular single transfer and allow others to follow.
Closes #7955
Ref: https://github.com/curl/curl/discussions/7954
Closes #7957
- RELEASE-NOTES: synced
The latest cmake-rs assumes cmake's --parallel works. That was added in
cmake 3.12, but a lot of our CI builds run on Ubuntu Bionic which only
has cmake 3.10.
Fixes #7927
Closes #7952
Closes #7941
Fixes https://github.com/curl/curl/issues/7877
Closes https://github.com/curl/curl/pull/7878
So that CURLINFO_PRIMARY_IP etc work for HTTP/3 like for other HTTP
versions.
Ref: https://github.com/SecureAuthCorp/impacket/pull/1066
Fixes #7924
Closes #7935
Closes #7936
Closes #7929
Bold the example ciphers instead of using single quotes, which then also
avoids the problem of how to use single quotes when first in a line.
Closes #7923
Closes #6973
- RELEASE-NOTES: synced
Closes #7885
Closes #7917
The rationale is that custom *-config tools don't work well when
cross-compiling or using sysroots (such as when using Yocto project) and
require custom fixing for each of them; pkg-config on the other hand
works similarly everywhere.
Closes #7912
Closes #7911
Closes #7911
Closes #7911
Follow up to #7897
Closes #7913
Follow up to #7897
Closes #7832
Closes #7897
Follow up to #7785
Closes #7832
Fixes #7865
Closes #7897
... which then also includes negative ones as test 1430 uses.
This makes native + hyper backend act identically on this and therefore
test 1430 can now be enabled when building with hyper. Adjust test 1431
as well.
Closes #7909
Closes #7910
Closes #7908
The current commit removes the DEBUGASSERT and makes the function to
return immediately if length is 0.
Closes #7898
- hyper: disable test 1294 since hyper doesn't allow such crazy headers
Closes #7905
- c-hyper: make CURLOPT_SUPPRESS_CONNECT_HEADERS work
Closes #7905
Closes #7905
Closes #7905
Closes #7895
Make them all say "Added in [version]" without using 'curl' or 'libcurl'
in that phrase.
- man pages: require all to use the same section header order
This is the same order we already enforce among the options' man pages:
consistency is good. Add lots of previously missing examples.
Adjust the manpage-syntax script for this purpose, used in test 1173.
Closes #7904
Restore support for building curl for iOS with SecureTransport enabled.
Closes #7501
Closes #7900
Three were missing, one used a non-standard name for the header.
Closes #7902
Ref: https://curl.se/mail/lib-2021-10/0035.html
Closes https://github.com/curl/curl/pull/7901
Closes #7899
Closes #7894
Signed-off-by: ewlumpkin <ewlumpkin@gmail.com>
Closes #7892
Closes #7891
... and make sure to stop ignoring the body once the CONNECT is done.
This should make test 206 work proper again and not be flaky.
Closes #7889
Simply because hyper doesn't have this ability. Mentioned in docs now.
Closes #7889
This test verifies that curl works with binary zeroes in HTTP response
headers and hyper refuses such. They're not kosher http.
Closes #7889
Closes #7889
Follow-up to 823d3ab855c
Closes #7889
Closes #7889
Closes #7888
Closes #7887
Closes https://github.com/curl/curl/pull/7886
- Explain the difference between IMAP search via URL (which returns
message sequence numbers) and IMAP search via custom request (which
can return UID numbers if prefixed with UID, eg "UID SEARCH ...").
Bug: https://github.com/curl/curl/issues/7626
Reported-by: orycho@users.noreply.github.com
Ref: https://github.com/curl/curl/issues/2789
Closes https://github.com/curl/curl/pull/7881
Closes #7884
- cut out the description of pre-7.20.0 return code behavior - that version
is now more than eleven years old and is basically no longer out there
Closes #7883
Closes #7882
Follow-up to e7416cf
- RELEASE-NOTES: synced
Follow-up to 20e980f85b0ea6
In #7875 these inits were modified but I get two warnings that these new
typecasts are necessary for.
Closes #7876
Fixes #7657
Closes #7875
Closes #7866
Closes #7866
Fixes #7871
Closes #7872
The code for sending DoH requests with GET was never enabled in a way
such that it could be used or tested. As there haven't been requests
for this feature, and since it at this is effectively dead, remove it
and favor reimplementing the feature in case anyone is interested.
Closes #7870
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Closes #7869
Note that some rules then still don't need to be followed when code is
exactly below a cpp instruction.
... and update the includes to match how current htmltidy wants them
used.
- Make content length (ie download size) accessible to the user in the
header callback, but only after all headers have been processed (ie
only in the final call to the header callback).
Background:
For a long time the content length could be retrieved in the header
callback via CURLINFO_CONTENT_LENGTH_DOWNLOAD_T as soon as it was parsed
by curl.
This change keeps the same intention --all headers must be processed--
but now the content length is available before the final call to the
header function that indicates all headers have been processed (ie
a blank header).
Bug: https://github.com/curl/curl/commit/8a16e54#r57374914
Reported-by: sergio-nsk@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/7804
Closes https://github.com/curl/curl/pull/7803
User sets the post fields size for binary data. Hence, we should not be
using strlen on it.
Closes #7844
Closes #7859
- RELEASE-NOTES: synced
Closes https://github.com/curl/curl/pull/7822
and remove the bad assert again, since it was run even with no error!
Closes #7854
Prior to this change if sws was built with leak sanitizer it would
report a memory leak error during testing.
Closes https://github.com/curl/curl/pull/7849
Pass on better return codes when errors occur within Curl_http instead
of insisting that CURLE_OUT_OF_MEMORY is the only possible one.
For every 'goto error', make sure the result variable holds the error
code for what went wrong.
Closes #7853
Closes #7802
Closes #7845
Fixes #7818
Closes #7841
- http2: make getsock not wait for write if there's no remote window
Follow-up to 8758a26f8878
Closes #7837
- RELEASE-NOTES: synced
The host name is stored decoded and can be encoded when used to extract
the full URL. By default when extracting the URL, the host name will not
be URL encoded to work as similar as possible as before. When not URL
encoding the host name, the '%' character will however still be encoded.
Getting the URL with the CURLU_URLENCODE flag set will percent encode
the host name part.
Follow up to #7690
Closes #7785
Closes #7829
Fixes #7679
Reported-by: David Cook
Closes #7827
lcrypto may depend on lz, and configure corrently fails with when
statically linking as the order is "-lz -lcrypto". This commit switches
the order to "-lcrypto -lz".
Closes #7826
Closes https://github.com/curl/curl/pull/7808
Closes https://github.com/curl/curl/pull/7808
Also fix wolfSSL build with `NO_MD5`, in which case neither the
wolfSSL/OpenSSL implementation nor the fallback implementation was
used.
Closes https://github.com/curl/curl/pull/7808
Later versions of Windows have normal version functions that compare and
return versions based on the way the application is manifested, instead
of the actual version of Windows the application is running on. We
prefer the actual version of Windows so we'll now call the Rtl variant
of version functions (RtlVerifyVersionInfo) which does a proper
comparison of the actual version.
Ref: https://github.com/curl/curl/pull/7727
Fixes https://github.com/curl/curl/issues/7742
Closes https://github.com/curl/curl/pull/7810
... and close connections that are too old instead of reusing them.
Bug: https://curl.se/mail/lib-2021-09/0058.html
Closes #7751
Closes #7817
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Closes #7813
Closes #7812
Closes: #7811
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Closes #7809
If http authentication flags have been set, those are used as sasl
default preferred mechanisms.
Closes #6930
wolfssl: use for SHA256, MD4, MD5, and setting DES odd parity
Prior to this commit, OpenSSL could be used for all these functions, but
not wolfSSL. This commit makes it so wolfSSL will be used if USE_WOLFSSL
is defined.
Closes #7806
... which makes the shown delta number wrong until next release.
- RELEASE-NOTES: synced
With this change applied, the now expired 'DST Root CA X3' cert will no
longer be included in the output.
Details: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
Closes #7801
tool_listhelp.c is now a separate file with only the command line --help
output, exactly as generated by gen.pl. This makes it easier to generate
updates according to what's in the docs/cmdline-opts docs.
cd $srcroot/docs/cmdline-opts
./gen.pl listhelp *.d > $srcroot/src/tool_listhelp.c
Closes #7787
Closes #7728
Closes #7737
Closes https://github.com/curl/curl/pull/7796
Follow-up to 15910dfd143dd
Follow-up to a517378de58358a
Closes #7799
Closes https://github.com/curl/curl/pull/7795
Closes https://github.com/curl/curl/pull/7795
Closes https://github.com/curl/curl/pull/7795
Closes https://github.com/curl/curl/pull/7795
Due to CI issues
Closes #7790
Closes: #7322
See-also: #7295
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Closes https://github.com/curl/curl/pull/7778
Closes https://github.com/curl/curl/pull/7778
Closes https://github.com/curl/curl/pull/7778
Since "too old" versions are no longer included in the generated man
page, this field is now mandatory so that it won't be forgotten and then
not included in the documentation.
Closes #7786
To make the man page more readable, this change removes all references
to changes in support/versions etc that happened before 7.30.0 from the
curl.1 output file. 7.30.0 was released on Apr 12 2013. This particular
limit is a bit arbitrary but was fairly easy to grep for.
This change removes about 80 version number references from curl.1, down
to 138 from 218.
Closes #7786
- RELEASE-NOTES: synced
Replaces #7591
Closes #7690
Changes:
Closes #7477
Closes #6936
Closes #7753
Closes #7366
Closes #7605
- RELEASE-NOTES: synced
Closes #7646
Closes #7771
On connection shutdown, a new TLS session ticket may arrive after the
SSL session cache has already been destructed. In this case, the new
SSL session cannot be added to the SSL session cache.
The callers of Curl_ssl_addsessionid() need to know whether the SSL
session has been added to the cache. If it has not been added, the
reference counter of the SSL session must not be incremented, or memory
used by the SSL session must be freed. This is now possible with the new
output parameter "added" of Curl_ssl_addsessionid().
Fixes #7683
Closes #7752
Closes #7746
Closes #7770
Closes #7772
Previously this code used a compile time constant, meaning that libcurl
always reported the libssh2 version that libcurl was built with. This
could differ from the libssh2 version actually being used. The new code
uses the CURL_LIBSSH2_VERSION macro, which is defined in ssh.h. The
macro calls the libssh2_version function if it is available, otherwise
it falls back to the compile time version.
Closes https://github.com/curl/curl/pull/7768
Closes https://github.com/curl/curl/pull/7769
- RELEASE-NOTES: synced
Closes #7747
Closes #7761
Constify a number of static structs that are never modified. Make them
const to show this.
Closes #7759
The IMAP server can now get 'POSTFETCH' set to include more data to
include after the body and test 897 is done to verify that such "extra"
header data is in fact delivered by curl as header.
Closes #7748
Closes #7695
- RELEASE-NOTES: synced
When the "reason phrase" in the HTTP status line starts with a digit,
that was treated as the forth response code digit and curl would claim
the response to be non-compliant.
Ref: https://github.com/curl/curl/pull/7685
Ref: https://github.com/curl/curl/commit/2f0bb86
Closes https://github.com/curl/curl/pull/7735
Closes #6968
- test1184: disable
The test should be fine and it works for me repeated when run manually,
but clearly it causes CI failures and it needs more research.
- RELEASE-NOTES: synced
Closes #7724
When setting a blank expire string, meaning unlimited, curl would pass
TIME_T_MAX to getime_r() when creating the output, while on 64 bit
systems such a large value cannot be convetered to a tm struct making
curl to exit the loop with an error instead. It can't be converted
because the year it would represent doesn't fit in the 'int tm_year'
field!
Test 1660 and 1915 have been updated to help verify this change.
The VALID_SOCK() macro was made to only check for FD_SETSIZE if curl was
built to use select(), even though the curl_multi_fdset() function
always and unconditionally uses FD_SET and needs the check.
Closes #7714
This fix detects pipelined STARTTLS responses and rejects them with an
error.
CVE-2021-22947
Bug: https://curl.se/docs/CVE-2021-22947.html
Bug: https://curl.se/docs/CVE-2021-22946.html
CVE-2021-22946
CVE-2021-22945
Bug: https://curl.se/docs/CVE-2021-22945.html
Closes #7701
Closes #7713
It should not refer to the uagent string that is allocated and created
for the end server http request, as that pointer may be cleared on
subsequent CONNECT requests.
Closes #7709
Reported-by: Inho Oh
Fixes #7630
Closes #7692
Closes #7700
Follow-up to 2f0bb864c12
Closes #7697
Closes #7698
Also update the FAQ section a bit to encourage users to rather submit
security issues on hackerone than sending email.
Closes #7689
Closes #7688
Extended checksrc to warn for this, but feature the check disabled by
default and only enable it in lib/
Closes #7685
The sanitizer builds were running on the 12.1 image which since has
been removed from the config, leaving the builds not running at all.
When enabled it turns out that they don't actually work due to very
long timeouts in executing the tests, so keep the disabled for now
but a bit more controlled.
Closes #7592
- RELEASE-NOTES: synced
Closes #7674
Closes #7678
Use dynamic memory allocation for the buffer used in checking "pinned
public key". The PUB_DER_MAX_BYTES parameter with default settings is
set to a value greater than 2kB.
Bug: https://github.com/curl/curl/pull/7666#issuecomment-912214751
Reported-by: Viktor Szakats
Closes https://github.com/curl/curl/pull/7667
Closes #7656
In every libcurl option man page there are now 8 mandatory sections that
must use the right name in the correct order and test 1173 verifies
this. Only 14 man pages needed adjustments.
- NAME
- SYNOPSIS
- DESCRIPTION
- PROTOCOLS
- EXAMPLE
- AVAILABILITY
- RETURN VALUE
- SEE ALSO
Closes #7668
Closes #7665
Closes https://github.com/curl/curl/pull/7661
By making them look less like http headers, the hyper mode "tweak"
doesn't interfere.
Enable test 2002 and 2003 in hyper builds (and 1280 which is unrelated
but should be enabled).
Closes #7658
This adds support for the previously unhandled supplemental data which
in -v output was printed like:
Closes #7652
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Daniel Stenberg (1 Sep 2021)
- curl.1: provide examples for each option
The file format for each option now features a "Example:" header that
can provide one or more examples that get rendered appropriately in the
output. All options MUST have at least one example or gen.pl complains
at build-time.
This fix also does a few other minor format and consistency cleanups.
Closes #7654
Fixes #7643
Closes #7649
- RELEASE-NOTES: synced
Reported-by: Tk Xiong
Fixes #7633
Closes #7648
Closes #7625
Otherwise it would wait socket writability even after the entire CONNECT
request has sent and make curl basically busy-loop while waiting for a
response to come back.
Closes #7641
Closes #7637
Closes #7639
Closes #7638
Fixes #7628
Closes #7635
- RELEASE-NOTES: synced
Adds the full listing of CURL_DISABLE options to the CMake build. Moves
all option code, except for CURL_DISABLE_OPENSSL_AUTO_LOA_CONFIG which
resides near OpenSSL configuration, to the same block of code. Also
sorts the options here and in the cmake config header.
Closes #7624
Closes https://github.com/curl/curl/pull/7623
Reported-by: marc-groundctl
Fixes #7595
Closes #7619
Closes #7617
Closes #7616
Closes #7602
Closes #7602
Closes #7612
Since this option is also used for FTP, it needs to work to set for
applications even if hyper doesn't support it for HTTP. Verified by test
1137.
Updated docs to specify that the option doesn't work for HTTP when using
the hyper backend.
Closes #7614
Ref: #7605
Closes #7611
... and also change the 'Removed' column name to 'Last' since that
column is for the last version to contain the symbol.
Closes https://github.com/curl/curl/pull/7609
There's no code flow possible where this can happen. The assert makes
sure it also won't be introduced undetected in the future.
Closes #7610
This output doesn't actually change what configure generates but is only
"cosmetic".
Bug: https://github.com/curl/curl/commit/4e53b94#commitcomment-55239509
Reported-by: i-ky@users.noreply.github.com
Reported-by: i-ky
Bug:
https://github.com/curl/curl/commit/4e53b9430c7504de8984796e2a2091ec16f27136#commit
comment-55239253
Closes #7607
Follow-up to ba904db0705c931
Closes #7599
Closes #7594
Extended test 1173 (via the manpage-syntax.pl script) to detect and warn
for them.
Ref: #7602
Reported-by: a1346054 on github
Closes #7604
Closes #7603
Closes #7601
Closes https://github.com/curl/curl/pull/7581
Ref: 48cf45c
Ref: https://osdn.net/projects/mingw/ticket/38391
Ref: https://github.com/curl/curl/issues/2924
Closes https://github.com/curl/curl/pull/7580
- http_proxy: fix user-agent and custom headers for CONNECT with hyper
Closes #7598
Closes #7597
See: https://cygwin.com/cygwin-ug-net/highlights.html
and: https://docs.microsoft.com/cpp/c-runtime-library/exec-wexec-functions
Ref: https://github.com/curl/curl/pull/7530#issuecomment-900949010
Closes #7587
Daniel Stenberg (18 Aug 2021)
- openssl: when creating a new context, there cannot be an old one
Remove the previous handling that would call SSL_CTX_free(), and instead
add an assert that halts a debug build if there ever is a context
already set at this point.
Closes #7585
Closes https://github.com/curl/curl/issues/6785
Replaces #7523
Closes #7574
Closes #7048
curl: add warning for ignored data after quoted form parameter
Closes #7394
Jay Satiro (17 Aug 2021)
- codeql: fix error "Resource not accessible by integration"
Ref: https://github.com/github/codeql-action/issues/464
Ref: https://github.blog/changelog/2021-04-20-github-actions-control-permissions-
for-github_token/
Fixes https://github.com/curl/curl/issues/7575
Closes https://github.com/curl/curl/pull/7576
Fixes https://github.com/curl/curl/issues/6939
Closes https://github.com/curl/curl/pull/6984
Fixes #4130
Closes #7372
Closes #7578
Closes #7577
Closes #7532
- KNOWN_BUGS: CMake build with MIT Kerberos does not work
Closes #6904
Closes #6746
- RELEASE-NOTES: synced
Reverts 252790c5335a221
Closes #7008
Closes #7008
Closes #7008
Cloes #7528
Closes #7568
- [Ikko Ashimine brought this change]
Closes #7566
The current man-page lacks some details regarding the obtained path and
query.
Closes #7563
Closes #7567
- replace broken URL with the one it was most probably pointing to
when added (lib/tftp.c)
- replace broken URL with archive.org link (lib/curl_ntlm_wb.c)
- delete unnecessary protocol designator from archive.org URL
(docs/BINDINGS.md)
Closes #7562
Closes #7561
Closes #7560
Closes #7558
... and use #ifdef [feature] in the code as per our guidelines.
- ares: use ares_getaddrinfo()
With older c-ares versions, curl invokes ares_gethostbyname() twice - once for
IPv4 and once for IPv6 to resolve both addresses, and then combines the
returned results.
Reported-by: jjandesmet
Fixes #7364
Closes #7552
Closes #7551
Closes #7538
Closes #7549
Updated test31.
Added test 392 to verify secure cookies used for http://localhost
Closes #7268
Prior to this change if getaddrinfo() was not found at compile time then
Curl_ipv6works() would be defined as a macro that returns FALSE.
Ref: https://github.com/curl/curl/issues/7483#issuecomment-890765378
Closes https://github.com/curl/curl/pull/7529
- Use our wait_ms() instead of sleep() since Windows doesn't have the
latter.
Closes https://github.com/curl/curl/pull/7527
Ref: https://github.com/curl/curl/issues/7502
Closes #7546
Closes #7546
Closes #7540
Closes #7544
Closes #7428
- RELEASE-NOTES: synced
The logic is now back to assuming that the nghttp2 lib is called nghttp2 and
nothing else.
Closes #7393
Closes #7541
Cirrus CI VMs have 2 CPUs, let's use them also for Windows builds.
Closes #7466
Clarified
Closes #7512
Closes #7511
Reviewed-by: Carlo Marcelo Arenas Belón
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Closes #7468
Mention options that are "global". A global command line option is one
that doesn't get reset at --next uses and therefore don't need to be
used again.
Fixes #7457
Closes #7510
Closes #7351
Closes #7339
Closes #7125
Closes #7489
Fixes https://github.com/curl/curl/issues/7444
Fixes https://github.com/curl/curl/issues/7451
Fixes https://github.com/curl/curl/issues/7465
Closes https://github.com/curl/curl/pull/7495
Fixes https://github.com/curl/curl/issues/7452
Closes https://github.com/curl/curl/pull/7495
1. it's superfluous
2. it didn't work identically to the Curl_hyper_stream one which could
cause problems like #7486
Closes #7503
Use the proper code style. Don't store return codes that aren't read.
Copy the same example into CURLOPT_SSL_CTX_FUNCTION.3 as well.
Closes #7500
Follow-up to 4b79c4fb565
Fixes #7497
Closes #7498
Fixes #7439
Closes #7494
Closes #7490
The pid used for shutdown must be the platform-aware (Win32) pid
to avoid leaking test servers while running them using Cygwin/msys.
... so that Curl_connect_getsock() will know how to wait for the socket
to become readable and not writable after the entire CONNECT request has
been issued.
Closes https://github.com/curl/curl/pull/7480
Ref: https://github.com/curl/curl/pull/7472
Closes https://github.com/curl/curl/pull/7485
Partial revert of ecf0225. All max-filesize options now have the list of
protocols and it's clearer just to have that list without discussing
specific protocols in the caveat.
Ref: https://github.com/curl/curl/issues/7453#issuecomment-884128762
Bug: https://curl.se/mail/lib-2021-07/0050.html
Closes #7472
Closes #7474
Closes #7470
Also make it clearer that the caveat 'if the file size is unknown it
the option will have no effect' may apply to protocols other than FTP
and HTTP.
Fixes https://github.com/curl/curl/issues/7453
Closes https://github.com/curl/curl/issues/7414
Closes https://github.com/curl/curl/pull/7454
Closes https://github.com/curl/curl/pull/7455
Closes https://github.com/curl/curl/pull/7456
Closes https://github.com/curl/curl/pull/7459
Closes https://github.com/curl/curl/pull/7460
Closes https://github.com/curl/curl/pull/7461
Closes https://github.com/curl/curl/pull/7462
Closes https://github.com/curl/curl/pull/7463
CVE-2021-22924
CVE-2021-22926
Bug: https://curl.se/docs/CVE-2021-22926.html
CVS-2021-22925
0842175 (not in any release) used the wrong format specifier (long int)
for timediff_t. On an OS such as Windows libcurl's timediff_t (usually
64-bit) is bigger than long int (32-bit). In 32-bit Windows builds the
upper 32-bits of the timediff_t were erroneously then used by the next
format specifier. Usually since the timeout isn't larger than 32-bits
this would result in null as a pointer to the string with the reason for
the connection failing. On other OSes or maybe other compilers it could
probably result in garbage values (ie crash on deref).
Before:
Failed to connect to localhost port 12345 after 1201 ms: (nil)
After:
Failed to connect to localhost port 12345 after 1203 ms: Connection refused
Closes https://github.com/curl/curl/pull/7449
nghttp2 briefly changed its static lib name to nghttp2_static, but then
made the _static suffix optional.
Ref: https://github.com/nghttp2/nghttp2/pull/1394
Ref: https://github.com/nghttp2/nghttp2/pull/1418
Ref: https://github.com/nghttp2/nghttp2/issues/1466
Fixes https://github.com/curl/curl/issues/7446
Closes https://github.com/curl/curl/pull/7447
Closes https://github.com/curl/curl/pull/7432
Closes https://github.com/curl/curl/pull/7436
Closes https://github.com/curl/curl/pull/7438
Closes https://github.com/curl/curl/pull/7440
Closes https://github.com/curl/curl/pull/7445
Closes https://github.com/curl/curl/pull/7408
Closes https://github.com/curl/curl/pull/7407
Closes https://github.com/curl/curl/pull/7405
Write out directories rather than using the dirs abbrevation. Also
use plural form consistently, even if the code in the end might just
create a single directory.
Closes #7406
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Closes: #7427
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Closes #7418
Closes #7410
Closes #7411
Closes #7412
Closes #7423
... since the tooling adds that to the output based on the "Protocols:"
tag.
docs: make the documentation for --etag-save match the program behaviour
When using curl with the option `--etag-save` I expected it to save the
ETag without its surrounding quotes, as stated by the documentation in
the repository and by the generated man pages.
My first endeavour was to fix the program, but while investigating the
history of the relevant parts, I discovered that curl once saved the
ETag without the quotes. This was undone by Daniel Stenberg in commit
`98c94596f5928840177b6bd3c7b0f0dd03a431af`, therefore I decided that in
this case the documentation should be adjusted to match the behaviour of
curl.
Closes #7429
Closes #7404
Fixes #7386
Closes #7387
Reported-by: Josie Huddleston
Closes #7413
TheArtOfHttpScripting: polish
Closes #7416
Fixes #7415
Closes #7417
Closes #7419
- RELEASE-NOTES: synced
Reported-by: sylgal@users.noreply.github.com
Authored-by: sylgal@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/7379
Closes https://github.com/curl/curl/pull/7389
Closes https://github.com/curl/curl/pull/7377
Closes https://github.com/curl/curl/pull/7375
Fixes https://github.com/curl/curl/issues/7367
Closes https://github.com/curl/curl/pull/7368
Closes #7390
Fixes #7385
Reported-by: Wyatt OʼDay
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Only the OpenSSL backend actually use the EGDSOCKET, and also use
TLS consistently rather than mixing SSL and TLS. While there, also
fix a minor spelling nit.
Closes: #7391
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Closes #7382
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Closes #7383
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Closes #7378
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
The command to run had a typo in the pathname which prevented copy
pasting it to work, which has annoyed me enough to fix this now.
- RELEASE-NOTES: synced
Fixes https://github.com/curl/curl/issues/7342
Closes https://github.com/curl/curl/pull/7369
Closes: #7370
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
The client using libcurl would notice the error since FTP file
uploads in active transfer mode would somtimes complete with
success despite no transfer having been performed and the
"uploaded" file thus not being on the remote server afterwards.
The logic error happens if the STOR response from the server have
arrived by the time ftp_multi_statemach() in the affected code path
is called, but the incoming data connection have not arrived yet.
In that case, the processing of the STOR response will cause
'ftpc->wait_data_conn' to be set to TRUE, contradicting the comment
in the code. Since 'complete' will also be set, later logic would
believe the transfer was done.
In most cases, the STOR response will not have arrived yet when
the affected code path is executed, or the incoming connection will
also have arrived, and thus the error would not express itself.
But if the speed difference of the device using libcurl and the
FTP server is exactly right, the error may happen as often as in
one out of hundred file transfers.
Bug: https://curl.se/mail/lib-2021-07/0025.html
Closes #7362
... even when the output is "capped" by the maximum length argument.
Closes #7361
- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application
- Removes the code that would append "..." to the end of the data *iff*
it was truncated in infof()
Closes #7357
- examples/multi-single: fix scan-build warning
Follow-up to ae8e11ed5fd2ce
Closes #7360
Closes #7358
The API is soon two years old and deserves being shown as the primary
way to drive multi code as it makes it much easier to write code.
multi-poll: removed
Closes #7352
Closes #6972
- RELEASE-NOTES: synced
Closes #7349
Closes #7350
Closes #7350
Closes #7348
Closes #7343
Closes #7344
Closes https://github.com/curl/curl/pull/7341
Closes https://github.com/curl/curl/pull/7340
Has been suppored for a while now with the *BLOB options.
imap-append.c
smtp-authzid.c
smtp-mail.c
smtp-multi.c
smtp-ssl.c
smtp-tls.c
It should not assume that it can copy full lines into the buffer as it
will encourage sloppy coding practices. Instead use byte-wise logic and
check/acknowledge the buffer size appropriately.
Closes #7333
... by making sure the stdout output doesn't look like HTTP headers.
Closes #7333
Closes #7334
Closes #7328
Assisted-by: Daniel Gustafsson
Detected by Coverity
Closes #7329
Closes #7326
Closes #7325
Closes #7320
Closes #7324
Closes #7318
Also no longer call it crustls in the docs and bump to rusttls-ffi 0.7.1
Closes #7311
- Don't set the size of the piece of data to send to the rate limit if
that limit is larger than the buffer size that will hold the piece.
Fixes https://github.com/curl/curl/issues/7308
Closes https://github.com/curl/curl/pull/7315
Closes #7314
- CI: remove travis details
Rename still used leftovers to "zuul" as that's now the CI using them.
Closes #7313
- RELEASE-NOTES: synced
Avoid the race condition risk by instead storing the "seeded" flag in
the multi handle. Modern OpenSSL versions handle the seeding itself so
doing the seeding once per multi-handle instead of once per process is
less of an issue.
... since it no longer acknowledges the comment markup we use for that
purpose.
Closes #7303
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Follow-up to a5ab72d5edd7
Closes #7300
* luacurl page is now not accessible, fix it with wayback machine page
* Scheme one seems not providing https now, change it back to http one
Closes #7301
Closes #7297
- RELEASE-NOTES: synced
Bug: https://curl.se/mail/lib-2021-06/0024.html
Reported-by: Aleksander Mazur
Closes #7288
- http: make the haproxy support work with unix domain sockets
... it should then pass on "PROXY UNKNOWN" since it doesn't know the
involved IP addresses.
Closes #7287
Closes #7285
Closes #7260
Add ADDRESS_FAMILY typedef for old mingw, now old mingw can also use
unix sockets.
Closes #7034
Closes #7265
- RELEASE-NOTES: synced
Background:
Ref: https://github.com/curl/curl/pull/7246
Closes https://github.com/curl/curl/pull/7257
Closes #7280
Closes #7276
Closes #7276
Closes #7276
Closes #7276
Closes #7276
Closes #7276
Closes #7276
Closes #7276
Closes #7276
Closes #7276
Closes #7276
Closes #7276
Closes #7273
Closes #7272
Reported-by: Alex Xu
Fixes #7216
Closes #7267
Closes #7271
... by making sure the loops are only allowed to read the shutdown
traffic a limited number of times.
Closes #7266
Closes #5881
Closes #6882
Closes #6884
Closes #7261
They were never officially allowed and slipped in only due to sloppy
parsing. Spaces (ascii 32) should be correctly encoded (to %20) before
being part of a URL.
The new flag bit CURLU_ALLOW_SPACE when a full URL is set, makes libcurl
allow spaces.
Closes #7073
- RELEASE-NOTES: synced
... and bump to version 7.78.0 for the next planned release.
Supported since 7.66.0 via --parallel, but the doc wasn't updated.
Closes https://github.com/curl/curl/pull/7259
Bug: https://github.com/curl/curl/discussions/7255
Reported-by: David Hu
Closes https://github.com/curl/curl/pull/7258
Closes #7250
Closes #7245
Closes #7245
- netrc: skip 'macdef' definitions
Closes #7248