forked from curl/curl
-
-
Notifications
You must be signed in to change notification settings - Fork 0
[pull] master from curl:master #163
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
pull
wants to merge
443
commits into
turkdevops:master
Choose a base branch
from
curl:master
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
+37,000
−39,139
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The test had `Closing connection 0` in its expectations, but a stripfile expression that removes such lines. No recent changes, but started failing this morning. Too little coffee for me? Or what triggered this? Closes #17515
Fix all lookups of the port a server is using by - unlinking the portfile before the start - waiting `timeout` seconds for the port file to exist and contain a positive number - check results and fail server start when port could not be determined Closes #17516
This started out as regression tests for the `curl_ws_recv()` and `curl_ws_send()` implementation and ended up with a bugfix, additional protocol validation and minor logging improvements. - Fix reset of fragmented message decoder state when a PING/PONG is received in between message fragments. - Fix undefined behavior (applying zero offset to null pointer) in curl_ws_send() when the given buffer is NULL. - Detect invalid overlong PING/PONG/CLOSE frames. - Detect invalid fragmented PING/PONG/CLOSE frames. - Detect invalid sequences of fragmented frames. - a) A continuation frame (0x80...) is received without any ongoing fragmented message. - b) A new fragmented message is started (0x81/0x01/0x82/0x02...) before the ongoing fragmented message has terminated. - Made logs for invalid opcodes easier to understand. - Moved noisy logs to the `CURL_TRC_WS` log level. - Unified the prefixes for WebSocket log messages: `[WS] ...` - Add env var `CURL_WS_FORCE_ZERO_MASK` in debug builds. - If set, it forces the bit mask applied to outgoing payloads to 0x00000000, which effectively means the payload is not masked at all. This drastically simplifies defining the expected `<protocol>` data in test cases. - 2700: Frame types - 2701: Invalid opcode 0x3 - 2702: Invalid opcode 0xB - 2703: Invalid reserved bit RSV1 _(replaces 2310)_ - 2704: Invalid reserved bit RSV2 - 2705: Invalid reserved bit RSV3 - 2706: Invalid masked server message - 2707: Peculiar frame sizes _(part. replaces 2311)_ - 2708: Automatic PONG - 2709: No automatic PONG _(replaces 2312)_ - 2710: Unsolicited PONG - 2711: Empty PING/PONG/CLOSE - 2712: Max sized PING/PONG/CLOSE - 2713: Invalid oversized PING _(replaces 2307)_ - 2714: Invalid oversized PONG - 2715: Invalid oversized CLOSE - 2716: Invalid fragmented PING - 2717: Invalid fragmented PONG - 2718: Invalid fragmented CLOSE - 2719: Fragmented messages _(part. replaces 2311)_ - 2720: Fragmented messages with empty fragments - 2721: Fragmented messages with interleaved pong - 2722: Invalid fragmented message without initial frame - 2723: Invalid fragmented message without final frame - 2305: curl_ws_recv() loop reading three larger frames - This test involuntarily sent an invalid sequence of opcodes (0x01...,0x01...,0x81...) , but neither libcurl nor the test caught this! The correct sequence was tested in 2311 (0x01...,0x00...,0x80...). See below for 2311. - Validation of the opcode sequence was added to libcurl and is now tested in 2723. - Superseded by 2719 (fragmented message) and 2707 (large frames). - 2307: overlong PING payload - The tested PING payload length check was actually missing, but the test didn't catch this since it involuntarily sent an invalid opcode (0x19... instead of 0x89...) so that the expected error occurred, but for the wrong reason. - Superseded by 2713. - 2310: unknown reserved bit set in frame header - Superseded by 2703 and extended by 2704 and 2705. - 2311: curl_ws_recv() read fragmented message - Superseded by 2719 (fragmented message) and 2707 (large frames). - 2312: WebSockets no auto ping - Superseded by 2709. - No tests for `CURLOPT_WRITEFUNCTION`. - No tests for sending of invalid frames/fragments. Closes #17136
CURLOPT_NOPROGRESS is being set twice, if a file is uploaded from '.'. Fix order of options so that '.' can override the global setting. Without this, the `tool_readbusy_cb()` is never inoked and cannot unpause a transfer waiting for more input. Fixes #17513 Reported-by: denandz on github Closes #17517
Closes #17519
Improve the JSON result format to be more descriptive and easier to parse. Add --print option to scorecard.py that prints a saved JSON file Add date field to score card. Closes #17465
To set `-D_GNU_SOURCE`. Required to declare `accept4` on uclibc targets. `host_os` can have the value `uclinux-uclibcgnueabi` in this case. Fixing: ``` cf-socket.c: In function 'cf_tcp_accept_connect': cf-socket.c:2141:18: error: implicit declaration of function 'accept4'; did you mean 'accept'? [-Werror=implicit-function-declaration] 2141 | s_accepted = accept4(ctx->sock, (struct sockaddr *) &add, &size, ``` Follow-up to 3d02872 #16979 Reported-by: Kadambini Nema Fixes #17512 Closes #17524
Options marked ARG_NO should have their 'toggle' value reverted when the short option is used as it implies using the --no- prefix. -N happens be the only short option flag for a --no- long option. Reported-by: Stefan Eissing Closes #17527
On Cygwin, it is unsafe to call POSIX functions from DllMain, which OPENSSL_thread_stop does. Additionally, it should be unnecessary as OpenSSL uses pthread_key_create to register a thread destructor to do thread cleanup in a POSIX way. Reported-by: Yuyi Wang Ref: https://cygwin.com/pipermail/cygwin/2025-June/258235.html Fixes #17262 Closes #17528
To sync with autotools, which auto-detects this option and enables it by default. It also makes it possible to compile unsuffixed long long integer literals correctly, allowing to drop some legacy macros without bumping into build errors like: ``` lib/vtls/schannel.c: In function 'schannel_send': lib/vtls/schannel.c:1815: error: integer constant is too large for 'long' type ``` Ref: https://github.com/curl/curl/actions/runs/15374705821/job/43286736583?pr=17498#step:9:20 Bug: #17498 (comment) Reported-by: Daniel Stenberg Closes #17523
8.14.1 release
Test1117 seems to verify that a response, incoming slowly, is read completely before sending another request on the same connection. The previsou write delay of 1000ms made the test last 23+ seconds. A delay of 100ms seems to achieve the same test on modern machines, but the overall run time is less than 3 seconds. Closes #17530
The ssh libraries do not reveal if they still have data buffered from the peer. Only when their buffers are read empty can curl be sure that it is safe to rely on socket polling. This change adds detection of EGAIN on receive in the transfer loop and allows SFTP/SCP transfers to avoid a busy loop in such a case (which should happen often when CPU exceeds network bandwidth). Closes #17533
impacket could not be used as it neeeds package six - openbsd does not find python3, add package six - http2-server.pl: only warn about unknown parameter if not empty string Closes #17532
Since curl_off_t is always 64 bit these days, we can simplify and avoid using some macros. Closes #17498
To show how to delete a single file after a transfer Closes #17540
Added more details to help with cygwin install, adding links to curl source code where relevant to help save people a little time. Closes #17485
Help users get them used right. Closes #17535
Change the workflow name to change the concurrency lock name so that the invoked Fuzzer workflow does no longer lock the same name. Closes #17541
These tests fail often in CI and I have no motivation to find out why. Disable the tests for openssl's own QUIC. Closes #17539
Fix use of nghttpx fixture to be present even when h3 is not available in curl. Fix TLS protocol versions expectations for older openssl versions. Closes #17538
Bump to 8.14.2 - a tentative version we probably will not release.
Eliminating the socket readability check in the socket connection filters for the 'data_pending' callback. Improves performance of handling of transfers, up to ~30%, depending on parallelism and response size. Whatever `data_pending()` once was, its semantics are now: "Is there anything buffered in the connection filters that needs receive?" Any checks of the socket's readability are done via `multi_wait()` and friends. Fix the one place in HTTP/1 proxy code that checked `data_pending()` and did an early return if false. Remove that check and actually try to receive data every time. Closes #17785
And we all hope that future code changes will not make it necessary again or this will all be blamed on you, coverity! Closes #17784
Add the missing "docs" directory in the link. Closes #17780
Drop `strcasecompare` and `strncasecompare` in favor of libcurl API calls `curl_strequal` and `curl_strnequal` respectively. Also drop unnecessary `strcase.h` includes. Include `curl/curl.h` instead where it wasn't included before. Closes #17772
Job `name:` now mandatory in zizmor. Also: - enclose `name:` values in single-quotes, for uniformity. - drop `name: checkout` where set, for uniformity. - dist: also install with cmake. - dist: replace `make` with `cmake --build` for cmake. (to make this make-tool agnostic) - appveyor-status: double-quote shell arguments. - tweak existing names to be shorter, to sync terms and style across jobs and steps. Ref: https://github.com/zizmorcore/zizmor/releases/tag/v1.10.0 Closes #17773
In order to do unit tests for private functions, functions that are marked UNITTEST but without a global scope in the library, functions that do not have prototypes in their corresponding header file, unit tests previously brought their own private prototype *copy* into the unit test. This was error-prone when the internal function changes but the change might be missed in the unit test which then uses an outdated prototype copy for testing. This change removes the private prototypes from unit tests and instead introduces a C file parser that parses the specific C files and extracts the necessary unit test prototypes into a generated header file for unit tests to use. This geneated lib/unitprotos.h header is then included by unit tests that need private prototypes. Assisted-by: Viktor Szakats Closes #17750
Replace the `libstubgss.so`-based overload solution with one built into libcurl at compile-time. The previous, `LD_PRELOAD`-based, solution was non-portable, allowlisted for Linux, BSD and Solaris. It also required non-debug builds, which turned out to be an accidental condition: 7d342c7. It also required a curl tool built against a shared libcurl. Detecting this condition wasn't always accurate, e.g. with certain cmake configurations. The overload solution also didn't work on macOS, though it theoretically should have: - #17653 - #2394 Experiments on making the overload solution work in more envs: - #17759 That revealed that it also did not work on NetBSD, in CI. The replacement solution is overloading the necessary GSS-API functions for test 2056 and 2057 at compile time. It requires a debug-enabled curl build (due to its insecure nature). This makes these tests run on all platforms. Including most GSS jobs in CI, that are running tests. (the exception is old-linux, non-debug jobs, where it felt overkill to enable debug for this.) The refactored GSS stub code needs to overload less than before because it's free to use the official GSS API. (This didn't work with the overload solution on Alpine for example). It can also use libcurl functions, allowing to replace `snprintf()` with `msnprintf()`. OS/400 is also overloading GSS API functions. I haven't tested how this works after this PR. In theory it should, because this PR doesn't rely on preprocessor overrides. Note that for future GSS tests, it may be necessary to stub these GSS API functions: `gss_inquire_context()`, `gss_unwrap()`, `gss_wrap()`. They are on codepaths not (yet) touched by tests. Also: - stub-gss: check for token buffer overrun. - stub-gss: replace size macros with `sizeof()`. - GHA: enable debug for some jobs with GSS. - GHA/linux: ignore results for 2056 and 2057 in the valgrind job. They leak the same way as seen with 2077 and 2078. Ref: 7020ba7 #17462 Ref: 1467597 #14430 - GHA/linux: fix to ignore `gss_import_name()` leaks in valgrind builds. only. - lib/vauth/krb5_gssapi: reduce variable scope. - lib/vauth/spnego_gssapi: reduce variable scope. - tests/libtest: drop code and build logic dealing with `libstubgss`. - runtests: - drop `ld_preload` feature. - drop special handling of `LD_PRELOAD` env in tests. - drop logic dealing with shared curl tool detection. - drop `LD_PRELOAD` envs from tests. Follow-up to 56d949d #1687 Closes #17752
... since the tests check for the feature using this name, we accidentally had lots tests not run because this provided the `digest-auth` feature that was not checked for. Closes #17786
It became flaky today, possible due to an upstream issue. Drop this CI job also because VS2008 is going to be deprecated soon. Example: ``` 1>------ Build started: Project: curlu, Configuration: Debug Win32 ------ 1>Compiling... 1>Project : error PRJ0003 : Error spawning 'cl.exe'. 1>Build log was saved at "file://c:\projects\curl\_bld\lib\curlu.dir\Debug\BuildLog.htm" 1>curlu - 1 error(s), 0 warning(s) [...] 8>Linking... 8>LINK : fatal error LNK1104: cannot open file '..\..\lib\Debug\curlu-d.lib' 8>Build log was saved at "file://c:\projects\curl\_bld\tests\unit\units.dir\Debug\BuildLog.htm" 8>Test units - 1 error(s), 0 warning(s) [...] ========== Build: 7 succeeded, 2 failed, 5 up-to-date, 0 skipped ========== [...] Command exited with code 1 ``` Other times with no visible error all: ``` ========== Build: 9 succeeded, 0 failed, 5 up-to-date, 0 skipped ========== [...] Command exited with code 1 ``` Ref: https://ci.appveyor.com/project/curlorg/curl/builds/52330703/job/ooqxq0b8ftbsv640#L413 Follow-up to 8c9a9b8 #17725 Follow-up to 63e513b #17380 Closes #17798
Closes #17795
- Explain that if data is shared in multiple threads then the user must set mutex callbacks. Reported-by: [email protected] Fixes #17774 Closes #17782
This file sees regular updates but isn't used by any CI build.
When processing `--cflags` received from `krb5-config` for `gssapi`: - fix to not break on multiple `-I` options. Before this patch only the first `-I` option was processed as a header directory, subsequent ones ended up in C flags as a raw directory, without the `-I` arg. Follow-up to 558814e - fix to not duplicate C flags. Regression from 1467597 #14430 - drop local variable `_val` by re-using `_flag`. - tidy up comments. Ref: #17802 (comment) Closes #17805
Also rename `_GSS*` local variables to `_gss*` to please `clang-lint`, which emitted new warnings after adding the initializations. Ref: #17802 (comment) Closes #17806
Fix `curl_add_clang_tidy_test_target` generating an invalid option for `clang-tidy` if the tested target has no custom macro definition. Current build doesn't hit this case, but a pending PR does. Fixing: ``` [...] -Ilib -Itests/client -DCURL_HIDDEN_SYMBOLS -DHAVE_CONFIG_H -D_definitions_t-NOTFOUND ``` error: ISO C99 requires whitespace after the macro name [clang-diagnostic-c99-extensions,-warnings-as-errors] Cherry-picked from #17768 Closes #17813
Commit f2ce6c4 among other things added the use of own library context instead of the default context. Default context has access to OpenSSL configuration file, own context doesn't have it. Therefore if a pkcs11 provider is loaded via config file, the function OSSL_PROVIDER_available() incorrectly detects the provider as unavailable. Fix this by loading the OpenSSL config to the library context according to OpenSSL documentation: "OSSL_LIB_CTX_load_config() loads a configuration file using the given ctx. This can be used to associate a library context with providers that are loaded from a configuration." Moreover use the provider_loaded flag instead of provider pointer to determine if a provider is available, as the latter is not set when the provider is loaded from a configuration. Closes #17804
It triggered a memory leak back in 7.88.1 Closes #17815
Callback and data set via CURLOPT_CLOSESOCKETFUNCTION and CURLOPT_CLOSESOCKETDATA may get used after the easy handle has been cleaned up. Inform about that. Closes #17816
- hostip: fix unused variable with `CURL_DISABLE_SHUFFLE_DNS` ``` lib/hostip.c: In function 'Curl_dnscache_mk_entry': lib/hostip.c:490:42: warning: unused parameter 'data' [-Wunused-parameter] 490 | Curl_dnscache_mk_entry(struct Curl_easy *data, | ~~~~~~~~~~~~~~~~~~^~~~ ``` - setopt: fix unused function with `CURL_DISABLE_HTTP` ``` lib/setopt.c:214:17: warning: 'httpauth' defined but not used [-Wunused-function] 214 | static CURLcode httpauth(struct Curl_easy *data, bool proxy, | ^~~~~~~~ ``` - url: fix unused function with `CURL_DISABLE_NETRC` ``` lib/url.c:2760:13: warning: 'str_has_ctrl' defined but not used [-Wunused-function] 2760 | static bool str_has_ctrl(const char *input) | ^~~~~~~~~~~~ ``` Seen with a minimal curl-for-win build: ``` CW_CONFIG=dev-x64-zero-osnotls-osnoidn-nohttp-nocurltool-linux-unity ``` Closes #17818
- simplify gathering header directories and compiler definitions recursively. - handle the case when the cmake directory object doesn't define header directories or compiler definitions. - honor more corners cases: - `INTERFACE_INCLUDE_DIRECTORIES` of the initial target. - handle no header directory for initial target. - de-duplicate header directories and compiler redefinitions to mimic CMake. - drop unnecessary `unset()`s. Note that the order of header directories remains different compared to how CMake passes them to the compiler when building tests. The order is already different in the test target `INCLUDE_DIRECTORIES` property, preventing to reproduce the exact CMake order. The distinction between `-I` and `-isystem` is also missing from target properties. Cherry-picked from #17768 Closes #17814
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.1)
Can you help keep this open source service alive? 💖 Please sponsor : )