diff options
109 files changed, 3906 insertions, 3474 deletions
diff --git a/libs/libcurl/docs/CHANGES b/libs/libcurl/docs/CHANGES index 45791b0d92..8d56bf8e28 100644 --- a/libs/libcurl/docs/CHANGES +++ b/libs/libcurl/docs/CHANGES @@ -6,6 +6,2432 @@ Changelog
+Version 8.4.0 (11 Oct 2023)
+
+Daniel Stenberg (11 Oct 2023)
+
+- RELEASE-NOTES: synced
+
+- THANKS: add contributors from 8.4.0
+
+Jay Satiro (11 Oct 2023)
+
+- socks: return error if hostname too long for remote resolve
+
+ Prior to this change the state machine attempted to change the remote
+ resolve to a local resolve if the hostname was longer than 255
+ characters. Unfortunately that did not work as intended and caused a
+ security issue.
+
+ Bug: https://curl.se/docs/CVE-2023-38545.html
+
+Stefan Eissing (10 Oct 2023)
+
+- CI: remove slowed-network tests
+
+ - remove these tests as they are currently not reliable in our CI
+ setups.
+
+ curl handles the test cases, but CI sometimes fails on these due to
+ additional conditions. Rather than mix them in, an additional CI job
+ will be added in the future that is specific to them.
+
+ Closes https://github.com/curl/curl/pull/12075
+
+Jay Satiro (10 Oct 2023)
+
+- libcurl-env-dbg.3: move debug variables from libcurl-env.3
+
+ - Move documentation of libcurl environment variables used only in debug
+ builds from libcurl-env into a separate document libcurl-env-dbg.
+
+ - Document more debug environment variables.
+
+ Previously undocumented or missing a description:
+
+ CURL_ALTSVC_HTTP, CURL_DBG_SOCK_WBLOCK, CURL_DBG_SOCK_WPARTIAL,
+ CURL_DBG_QUIC_WBLOCK, CURL_DEBUG, CURL_DEBUG_SIZE, CURL_GETHOSTNAME,
+ CURL_HSTS_HTTP, CURL_FORCETIME, CURL_SMALLREQSEND, CURL_SMALLSENDS,
+ CURL_TIME.
+
+ Closes https://github.com/curl/curl/pull/11811
+
+Dan Fandrich (9 Oct 2023)
+
+- test670: increase the test timeout
+
+ This should make it more immune to loaded servers.
+
+ Ref: #11328
+
+Stefan Eissing (9 Oct 2023)
+
+- MQTT: improve receive of ACKs
+
+ - add `mq->recvbuf` to provide buffering of incomplete
+ ACK responses
+ - continue ACK reading until sufficient bytes available
+ - fixes test failures on low network receives
+
+ Closes #12071
+
+Viktor Szakats (9 Oct 2023)
+
+- quic: fix BoringSSL build
+
+ Add guard around `SSL_CTX_set_ciphersuites()` use.
+
+ Bug: https://github.com/curl/curl/pull/12065#issuecomment-1752171885
+
+ Follow-up to aa9a6a177017e4b74d33cdf85a3594900f4a7f81
+
+ Co-authored-by: Jay Satiro
+ Reviewed-by: Daniel Stenberg
+ Closes #12067
+
+Stefan Eissing (9 Oct 2023)
+
+- test1540: improve reliability
+
+ - print that bytes have been received on pausing, but not how many
+
+ Closes #12069
+
+- test2302: improve reliability
+
+ - make result print collected write data, unless
+ change in meta flags is detected
+ - will show same result even when data arrives via
+ several writecb invocations
+
+ Closes #12068
+
+Daniel Stenberg (9 Oct 2023)
+
+- curl_easy_pause: set "in callback" true on exit if true
+
+ Because it might have called another callback in the mean time that then
+ set the bit FALSE on exit.
+
+ Reported-by: Jay Satiro
+ Fixes #12059
+ Closes #12061
+
+Viktor Szakats (8 Oct 2023)
+
+- h3: add support for ngtcp2 with AWS-LC builds
+
+ ```
+ curl 8.4.0-DEV (x86_64-apple-darwin) libcurl/8.4.0-DEV (SecureTransport) AWS-
+ LC/1.15.0 nghttp2/1.56.0 ngtcp2/0.19.1 nghttp3/0.15.0
+ Release-Date: [unreleased]
+ Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps
+ mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp ws wss
+ Features: alt-svc AsynchDNS HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefile Multi
+ SSL NTLM SSL threadsafe UnixSockets
+ ```
+
+ Also delete an obsolete GnuTLS TODO and update the header comment in
+ `FindNGTCP2.cmake`.
+
+ Reviewed-by: Daniel Stenberg
+ Closes #12066
+
+- build: do not publish `HAVE_BORINGSSL`, `HAVE_AWSLC` macros
+
+ Syncing this up with CMake.
+
+ Source code uses the built-in `OPENSSL_IS_AWSLC` and
+ `OPENSSL_IS_BORINSSL` macros to detect BoringSSL and AWS-LC. No help is
+ necessary from the build tools.
+
+ The one use of `HAVE_BORINGSSL` in the source turned out to be no longer
+ necessary for warning-free BoringSSL + Schannel builds. Ref: #1610 #2634
+
+ autotools detects this anyway for display purposes.
+ CMake detects this to decide whether to use the BoringSSL-specific
+ crypto lib with ngtcp2. It detects AWS-LC, but doesn't use the detection
+ result just yet (planned in #12066).
+
+ Ref: #11964
+
+ Reviewed-by: Daniel Stenberg
+ Reviewed-by: Jay Satiro
+ Closes #12065
+
+Marc Hoersken (8 Oct 2023)
+
+- CI: move distcheck job from Azure Pipelines to GitHub Actions
+
+ This will allow for more trigger excludes within Azure Pipelines.
+
+ Also fixes seemingly broken check with scripts/installcheck.sh.
+ Ref: 190374c74ec4e5247d9066544c86e8d095e1d7b5
+
+ Assisted-by: Philip Heiduck
+ Closes #9532
+
+Daniel Stenberg (8 Oct 2023)
+
+- url: fall back to http/https proxy env-variable if ws/wss not set
+
+ Reported-by: Craig Andrews
+ Fixes #12031
+ Closes #12058
+
+Stefan Eissing (8 Oct 2023)
+
+- cf-socket: simulate slow/blocked receives in debug
+
+ add 2 env variables for non-UDP sockets:
+ 1. CURL_DBG_SOCK_RBLOCK: percentage of receive calls that randomly
+ should return EAGAIN
+ 2. CURL_DBG_SOCK_RMAX: max amount of bytes read from socket
+
+ Closes #12035
+
+- http2: refused stream handling for retry
+
+ - answer HTTP/2 streams refused via a GOAWAY from the server to
+ respond with CURLE_RECV_ERROR in order to trigger a retry
+ on another connection
+
+ Reported-by: black-desk on github
+ Ref #11859
+ Closes #12054
+
+Jay Satiro (8 Oct 2023)
+
+- CURLOPT_DEBUGFUNCTION.3: warn about internal handles
+
+ - Warn that the user's debug callback may be called with the handle
+ parameter set to an internal handle.
+
+ Without this warning the user may assume that the only handles their
+ debug callback receives are the easy handles on which they set
+ CURLOPT_DEBUGFUNCTION.
+
+ This is a follow-up to f8cee8cc which changed DoH handles to inherit
+ the debug callback function set in the user's easy handle. As a result
+ those handles are now passed to the user's debug callback function.
+
+ Closes https://github.com/curl/curl/pull/12034
+
+- url: fix typo
+
+Daniel Stenberg (8 Oct 2023)
+
+- test458: verify --expand-output, expanding a file name accepting option
+
+ Verifies the fix in #12055 (commit f2c8086ff15e6e995e1)
+
+- tool_getparam: accept variable expansion on file names too
+
+ Reported-by: PBudmark on github
+ Fixes #12048
+ Closes #12055
+
+- RELEASE-NOTES: synced
+
+- multi: do CURLM_CALL_MULTI_PERFORM at two more places
+
+ ... when it does a state transition but there is no particular socket or
+ timer activity. This was made apparent when commit b5bb84c removed a
+ superfluous timer expiry.
+
+ Reported-by: Dan Fandrich.
+ Fixes #12033
+ Closes #12056
+
+Viktor Szakats (7 Oct 2023)
+
+- GHA/linux: mbedtls 3.5.0 + minor dep bumps
+
+ Closes #12057
+
+Dan Fandrich (7 Oct 2023)
+
+- CI: bump OpenLDAP package version on FreeBSD
+
+ The old one is no longer available.
+
+Marc Hoersken (7 Oct 2023)
+
+- docs/libcurl/opts/Makefile.inc: add missing manpage files
+
+ Detected with #9532
+
+Dan Fandrich (7 Oct 2023)
+
+- tests: fix a race condition in ftp server disconnect
+
+ If a client disconnected and reconnected quickly, before the ftp server
+ had a chance to respond, the protocol message/ack (ping/pong) sequence
+ got out of sync, causing messages sent to the old client to be delivered
+ to the new. A disconnect must now be acknowledged and intermediate
+ requests thrown out until it is, which ensures that such synchronization
+ problems can't occur. This problem could affect ftp, pop3, imap and smtp
+ tests.
+
+ Fixes #12002
+ Closes #12049
+
+Viktor Szakats (7 Oct 2023)
+
+- appveyor: bump mingw-w64 job to gcc 13 (was: 8)
+
+ This sets gcc 6, 7, 9, 13 in our test mix (was: 6, 7, 8, 9).
+ Adding a modern gcc version to the tests.
+
+ (The gcc 8 job used to take around 50 minutes. The new image with gcc 13
+ finished in 32, 35, 34 minutes in the 3 test runs so far.)
+
+ It also adds a modern CMake version and OS env to our mingw-w64 builds.
+
+ Closes #12051
+
+David Benjamin (6 Oct 2023)
+
+- openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR
+
+ While the struct is still public in OpenSSL, there is a (somewhat
+ inconvenient) accessor. Use it to remain compatible if it becomes opaque
+ in the future.
+
+ Closes #12038
+
+Daniel Stenberg (6 Oct 2023)
+
+- curl_easy_pause.3: mention it works within callbacks
+
+ Reported-by: Maxim Dzhura
+ Bug: https://curl.se/mail/lib-2023-10/0010.html
+ Closes #12046
+
+- curl_easy_pause.3: mention h2/h3 buffering
+
+ Asked-by: Maxim Dzhura
+ Ref: https://curl.se/mail/lib-2023-10/0011.html
+
+ Closes #12045
+
+Viktor Szakats (6 Oct 2023)
+
+- cmake: re-add missed C89 headers for specific detections
+
+ We removed C89 `setjmp.h` and `signal.h` detections and excluded them
+ from the global header list we use when detecting functions [1]. Then
+ missed to re-add these headers to the specific functions which need
+ them to be detected [2]. Fix this omission in this patch.
+
+ [1] Follow-up to 3795fcde995d96db641ddbcc8a04f9f0f03bef9f #11951
+ [2] Follow-up to 96c29900bcec32dd6bc8e9857c8871ff4b8b8ed9 #11940
+
+ Closes #12043
+
+Daniel Stenberg (6 Oct 2023)
+
+- multi: set CURLM_CALL_MULTI_PERFORM after switch to DOING_MORE
+
+ Since there is nothing to wait for there. Avoids the test 1233 hang
+ reported in #12033.
+
+ Reported-by: Dan Fandrich
+ Closes #12042
+
+Dan Fandrich (5 Oct 2023)
+
+- test1903: actually verify the cookies after the test
+
+ The test otherwise could do just about anything (except leak memory in
+ debug mode) and its bad behaviour wouldn't be detected. Now, check the
+ resulting cookie file to ensure the cookies are still there.
+
+ Closes #12041
+
+- test: add missing <feature>s
+
+ The tests will otherwise fail if curl has them disabled.
+
+- test1906: set a lower timeout since it's hit on Windows
+
+ msys2 builds actually hit the connect timeout in normal operation, so
+ lower the timeout from 5 minutes to 5 seconds to reduce test time.
+
+ Ref: #11328
+ Closes #12036
+
+Daniel Stenberg (5 Oct 2023)
+
+- RELEASE-NOTES: synced
+
+Jay Satiro (5 Oct 2023)
+
+- idn: fix WinIDN null ptr deref on bad host
+
+ - Return CURLE_URL_MALFORMAT if IDN hostname cannot be converted from
+ UTF-8 to UTF-16.
+
+ Prior to this change a failed conversion erroneously returned CURLE_OK
+ which meant 'decoded' pointer (what would normally point to the
+ punycode) would not be written to, remain NULL and be dereferenced
+ causing an access violation.
+
+ Closes https://github.com/curl/curl/pull/11983
+
+Dan Fandrich (4 Oct 2023)
+
+- tests: close the shell used to start sshd
+
+ This shell isn't needed once sshd starts, so use "exec" so it doesn't
+ stick around.
+
+ Closes #12032
+
+Daniel Stenberg (4 Oct 2023)
+
+- base64: also build for curl
+
+ Since the tool itself now uses the base64 code using the curlx way, it
+ needs to build also when the tool needs it. Starting now, the tool build
+ defines BULDING_CURL to allow lib-side code to use it.
+
+ Follow-up to 2e160c9c6525
+
+ Closes #12010
+
+Eduard Strehlau (4 Oct 2023)
+
+- tests: Fix zombie processes left behind by FTP tests.
+
+ ftpserver.pl correctly cleans up spawned server processes,
+ but forgets to wait for the shell used to spawn them.
+ This is barely noticeable during a normal testrun,
+ but causes process exhaustion and test failure
+ during a complete torture run of the FTP tests.
+
+ Fixes #12018
+ Closes #12020
+
+Dan Fandrich (4 Oct 2023)
+
+- github/labeler: improve labeler matches
+
+- test574: add a timeout to the test
+
+ This one hangs occasionally, so this will speed up a test run and allow
+ logs to be seen when it does.
+
+ Closes #12025
+
+- tests: propagate errors in libtests
+
+ Use the test macros to automatically propagate some errors, and check
+ and log others while running the tests. This can help in debugging
+ exactly why a test has failed.
+
+- tests: set --expect100-timeout to improve test reliability
+
+ On an overloaded server, the default 1 second timeout can go by without
+ the test server having a chance to respond with the expected headers,
+ causing tests to fail. Increase the 1 second timeout to 99 seconds so
+ this failure mode is no longer a problem on test 1129. Some other tests
+ already set a high value, but make them consistently 99 seconds so if
+ something goes wrong the test is stalled for less time.
+
+ Ref: #11328
+
+- CI: ignore the "flaky" and "timing-dependent" test results in CMake
+
+ This was already done for automake builds but CMake builds were missed.
+ Test 1086 actually causes the test harness to crash with:
+
+ Warning: unable to close filehandle DWRITE properly: Broken pipe at C:/projec
+ ts/curl/tests/ftpserver.pl line 527
+
+ Rather than fix it now, this change leaves test 1086 entirely skipped on
+ those builds that show this problem.
+
+ Follow-up to 589dca761
+
+ Ref: #11865
+
+Viktor Szakats (4 Oct 2023)
+
+- cmake: improve OpenLDAP builds
+
+ - cmake: detect OpenLDAP based on function `ldap_init_fd`.
+ autotools does this. autotools also publishes this detection result
+ in `HAVE_LDAP_INIT_FD`. We don't mimic that with CMake as the source
+ doesn't use this value. (it might need to be remove-listed in
+ `scripts/cmp-config.pl` for future OpenLDAP test builds.)
+ This also deletes existing self-declaration method via the
+ CMake-specific `CURL_USE_OPENLDAP` configuration.
+
+ - cmake: define `LDAP_DEPRECATED=1` for OpenLDAP.
+ Like autotools does. This fixes a long list of these warnings:
+ ```
+ /usr/local/opt/openldap/include/ldap.h:1049:5: warning: 'LDAP_DEPRECATED' i
+ s not defined, evaluates to 0 [-Wundef]
+ ```
+
+ - cmake: delete LDAP TODO comment no longer relevant.
+
+ Also:
+
+ - autotools: replace domain name `dummy` with `0.0.0.0` in LDAP feature
+ detection functions.
+
+ Ref: #11964 (effort to sync cmake detections with autotools)
+
+ Closes #12024
+
+- cmake: fix unity builds for more build combinations
+
+ By using unique static function/variable names in source files
+ implementing these interfaces.
+
+ - OpenLDAP combined with any SSH backend.
+
+ - MultiSSL with mbedTLS, OpenSSL, wolfSSL, SecureTransport.
+
+ Closes #12027
+
+Daniel Stenberg (4 Oct 2023)
+
+- tests: remove leading spaces from some tags
+
+ The threee tags `<name>`, `</name>` and `<command>` were frequently used
+ with a leading space that this removes. The reason this habbit is so
+ widespread in testcases is probably that they have been copy and pasted.
+
+ Hence, fixing them all now might curb this practice from now on.
+
+ Closes #12028
+
+Viktor Szakats (4 Oct 2023)
+
+- GHA: bump actions/checkout
+
+ Follow-up to 2e0fa50fc16b9339f51e0a7bfff0352829323acb #11964
+ Follow-up to c39585d9b7ef3cbfc1380812dec60e7b275b6af3 #12000
+
+ Closes #12023
+
+- spelling: fix codespell 2.2.6 typos
+
+ Closes #12019
+
+Daniel Stenberg (3 Oct 2023)
+
+- GHA: add workflow to compare configure vs cmake outputs
+
+ Uses scripts/cmp-config.pl two compare two curl_config.h files,
+ presumbly generated with configure and cmake. It displays the
+ differences and filters out a lot of known lines we ignore.
+
+ The script also shows the matches that were *not* used. Possibly
+ subjects for removal.
+
+ Closes #11964
+
+- appveyor: enable test 571
+
+ Follow-up from 8a940fd55c175f7 / #12013
+
+ Closes #12017
+
+Viktor Szakats (3 Oct 2023)
+
+- build: alpha-sort source files for lib and src
+
+ Closes #12014
+
+- cmake: delete old `HAVE_LDAP_URL_PARSE` logic
+
+ Left there by accident after adding proper detection for this.
+
+ Follow-up to 772f0d8edf1c3c2745543f42388ccec5a16ee2c0 #12006
+
+ Ref: #11964 (effort to sync cmake detections with autotools)
+
+ Closes #12015
+
+Stefan Eissing (3 Oct 2023)
+
+- tests: increase lib571 timeout from 3s to 30s
+
+ - 3s is too short for our CI, making this test fail occasionally
+ - test usually experiences no delay run locally, so 30s wont hurt
+
+ Closes #12013
+
+Viktor Szakats (3 Oct 2023)
+
+- cmake: fix unity with Windows Unicode + TrackMemory
+
+ Found the root cause of the startup crash in unity builds with Unicode
+ and TrackMemory enabled at the same time.
+
+ We must make sure that the `memdebug.h` header doesn't apply to
+ `lib/curl_multibyte.c` (as even noted in a comment there.) In unity
+ builds all headers apply to all sources, including `curl_multibyte.c`.
+ This probably resulted in an infinite loop on startup.
+
+ Exclude this source from unity compilation with TrackMemory enabled,
+ in both libcurl and curl tool. Enable unity mode for a debug Unicode
+ CI job to keep it tested. Also delete the earlier workaround that
+ fully disabled unity for affected builds.
+
+ Follow-up to d82b080f6374433ce7c98241329189ad2d3976f8 #12005
+ Follow-up to 3f8fc25720900b14b7432f4bd93407ca15311719 #11095
+
+ Closes #11928
+
+- cmake: disable unity mode with Windows Unicode + TrackMemory
+
+ "TrackMemory" is `ENABLE_DEBUG=ON` (aka `ENABLE_CURLDEBUG=ON`,
+ aka `-DCURLDEBUG`).
+
+ There is an issue with memory tracking and Unicode when built in "unity"
+ mode, which results in the curl tool crashing right on startup, even
+ without any command-line option. Interestingly this doesn't happen under
+ WINE (at least on the system I tested this on), but consistenly happens
+ on real Windows machines. Crash is 0xC0000374 heap corruption. Both
+ shared and static curl executables are affected.
+
+ This limitation probably won't hit too many people, but it remains
+ a TODO to find and fix the root cause and drop this workaround.
+
+ Example builds and runs:
+ https://ci.appveyor.com/project/curlorg/curl/builds/48169111/job/17cptxhtpubd
+ 7iwj#L313 (static)
+ https://ci.appveyor.com/project/curlorg/curl/builds/48169111/job/76e1ge758tby
+ qu9c#L317 (shared)
+
+ Follow-up to 3f8fc25720900b14b7432f4bd93407ca15311719 #11095
+
+ Ref: #11928
+ Closes #12005
+
+- cmake: tidy-up `NOT_NEED_LBER_H` detection
+
+ Follow-up to 772f0d8edf1c3c2745543f42388ccec5a16ee2c0 #12006
+
+- appveyor: rewrite batch in PowerShell + CI improvements
+
+ 1. Rewrite in PowerShell:
+
+ - rewrite MS-DOS batch build script in PowerShell.
+ - move some bash operations into native PowerShell.
+ - fixups for PowerShell insisting on failure when a command outputs
+ something to stderr.
+ - fix to actually run `curl -V` after every build.
+ (and exclude ARM64 builds.)
+ - also say why we skipped `curl -V` if we had to skip.
+ - fix CMake warnings about unused configuration variables, by adapting
+ these dynamically for build cases.
+ - dedupe OpenSSL path into a variable.
+ - disable `test1451` failing with a warning anyway due to missing python
+ impacket. (after trying and failing to install impacket)
+ PowerShell promotes these warnings to errors by PowerShell. We can also
+ suppress they wholesale if they start causing issues in the future,
+ like we already to with `autoreconf` and `./configure`.
+
+ PowerShell is better than MS-DOS batches, so the hope is this makes it
+ easier to extend and maintain the AppVeyor build logic. POSIX/bash isn't
+ supported inline by AppVeyor on Windows build machines, but we are okay
+ to keep it in an external script, so it's also an option.
+
+ 2. CI improvements:
+
+ - enable tests for a "unity" build job.
+ - speed-up CI initialization by using shallow clones of the curl repo.
+ - speed-up CMake MSVC jobs with `TrackFileAccess=false`.
+ - enable parallelism in `VisualStudioSolution` builds.
+ - display CMake version before builds.
+ - always show the CPU in job names.
+ - tell which jobs are build-only in job names.
+ - move `TESTING:` value next to `DISABLED_TESTS:` in two jobs.
+ - add `config.log` (autotools) to dumped logs (need to enable manually).
+
+ 3. Style:
+
+ - use single-quotes in YAML like we do in other CI YAML files.
+ It also allows to drop quoting characters and lighter to write/read.
+ (keep double quotes for PowerShell strings needing expansion.)
+
+ Closes #11999
+
+- cmake: fix `HAVE_LDAP_SSL`, `HAVE_LDAP_URL_PARSE` on non-Windows
+
+ - set `HAVE_LDAP_URL_PARSE` if `ldap_url_parse` function exists.
+ Before this patch we set it based it on the presence of `stricmp`,
+ which correctly enabled it on e.g. Windows, but was inaccurate for
+ other platforms.
+
+ - always set `HAVE_LDAP_SSL` if an LDAP backend is detected and
+ LDAPS is not explicitly disabled. This mimics autotools behaviour.
+ Previously we set it only for Windows LDAP. After this fix, LDAPS is
+ correctly enabled in default macOS builds.
+
+ - enable LDAP[S] for a CMake macOS CI job. Target OS X 10.9 (Mavericks)
+ to avoid deprecation warnings for LDAP API.
+
+ - always detect `HAVE_LDAP_SSL_H`, even with LDAPS explicitly disabled.
+ This doesn't make much sense, but let's do it to sync behaviour with
+ autotools.
+
+ - fix benign typo in variable name.
+
+ Ref: #11964 (effort to sync cmake detections with autotools)
+
+ Closes #12006
+
+- autotools: restore `HAVE_IOCTL_*` detections
+
+ This restores `CURL_CHECK_FUNC_IOCTL` detection. I deleted it in
+ 4d73854462f30948acab12984b611e9e33ee41e6 and
+ c3456652a0c72d1845d08df9769667db7e159949 (2022-08), because the
+ `HAVE_IOCTL` result it generated was unused in the source. But,
+ I did miss the fact that this had two dependent checks:
+ `CURL_CHECK_FUNC_IOCTL_FIONBIO`,
+ `CURL_CHECK_FUNC_IOCTL_SIOCGIFADDR` that we do actually need:
+ `HAVE_IOCTL_FIONBIO`, `HAVE_IOCTL_SIOCGIFADDR`.
+
+ Regression from 4d73854462f30948acab12984b611e9e33ee41e6
+
+ Ref: #11964 (effort to sync cmake detections with autotools)
+
+ Closes #12008
+
+Daniel Stenberg (2 Oct 2023)
+
+- RELEASE-PROCEDURE.md: updated coming release dates
+
+- RELEASE-NOTES: synced
+
+Viktor Szakats (1 Oct 2023)
+
+- cmake: pre-cache `HAVE_POLL_FINE` on Windows
+
+ Windows doesn't support `poll()`, so we can safely skip checking for
+ fine poll.
+
+ Closes #12003
+
+- gha: bump actions to latest versions
+
+ - actions@checkout@v4 (from v3 and v2)
+
+ - fsfe/reuse-action@v2 (from v1)
+
+ Closes #12000
+
+Stefan Eissing (30 Sep 2023)
+
+- h2: testcase and fix for pausing h2 streams
+
+ - refs #11982 where it was noted that paused transfers may
+ close successfully without delivering the complete data
+ - made sample poc into tests/http/client/h2-pausing.c and
+ added test_02_27 to reproduce
+
+ Closes #11989
+ Fixes #11982
+ Reported-by: Harry Sintonen
+
+Viktor Szakats (30 Sep 2023)
+
+- cmake: validate `CURL_DEFAULT_SSL_BACKEND` config value
+
+ Before this patch CMake builds accepted any value and it was used at
+ runtime as-is. This patch make sure that the selected default backend
+ is also enabled in the build. It also enforces a full lowercase value.
+
+ This improves reproducibility and brings CMake in sync with autotools
+ which already worked like described above.
+
+ Follow-up to 26c7feb8b9d51a57fab3325571b4bbfa03b11af0 #11774
+
+ Closes #11998
+
+- autotools: adjust `CURL_CA_PATH` value to CMake
+
+ autotools was using the same value as CMake, but with an ending
+ slash. Delete the ending slash to match configurations.
+
+ Ref: #11964 (effort to sync cmake detections with autotools)
+
+ Closes #11997
+
+- cmake: detect `sys/wait.h` and `netinet/udp.h`
+
+ Ref: #11964 (effort to sync cmake detections with autotools)
+
+ Closes #11996
+
+Daniel Stenberg (30 Sep 2023)
+
+- lib: provide and use Curl_hexencode
+
+ Generates a lower case ASCII hex output from a binary input.
+
+ Closes #11990
+
+- configure: check for the capath by default
+
+ ... if the chosen TLS backend supports it: OpenSSL, GnuTLS, mbedTLS or wolfSS
+ L
+
+ cmake: synced
+
+ Assisted-by: Viktor Szakats
+ Closes #11987
+
+- wolfssl: ignore errors in CA path
+
+ The default wolfSSL_CTX_load_verify_locations() function is quite picky
+ with the certificates it loads and will for example return error if just
+ one of the certs has expired.
+
+ With the *_ex() function and its WOLFSSL_LOAD_FLAG_IGNORE_ERR flag, it
+ behaves more similar to what OpenSSL does by default.
+
+ Even the set of default certs on my Debian unstable has several expired
+ ones.
+
+ Assisted-by: Juliusz Sosinowicz
+ Assisted-by: Michael Osipov
+
+ Closes #11987
+
+- create-dirs.d: clarify it also uses --output-dirs
+
+ Reported-by: Robert Simpson
+ Fixes #11991
+ Closes #11995
+
+Viktor Szakats (30 Sep 2023)
+
+- appveyor: fix yamlint issues, indent
+
+ Also:
+ - use double quotes in all batch if statements.
+
+ Closes #11994
+
+- cmake: detect `HAVE_CLOCK_GETTIME_MONOTONIC_RAW`
+
+ Based on existing autotools logic.
+
+ Ref: #11964 (effort to sync cmake detections with autotools)
+
+ Closes #11981
+
+- cmake: detect `HAVE_GETADDRINFO_THREADSAFE`
+
+ Based on existing autotools logic.
+
+ autotools checks for old versions of the allowlisted target OSes and
+ disables this feature when seeing them. In CMake we assume we're running
+ on newer systems and enable regardless of OS version.
+
+ autotools always runs all 3 probes for non-fast-tracked systems and
+ enables this feature if any one of them was successful. To save
+ configuration time, CMake stops at the first successful check.
+
+ OpenBSD is not fast-tracked and then gets blocklisted as a generic BSD
+ system. I haven't double-checked if this is correct, but looks odd.
+
+ Ref: #11964 (effort to sync cmake detections with autotools)
+
+ Closes #11979
+
+- cmake: fix `HAVE_WRITABLE_ARGV` detection
+
+ Move detection before the creation of detection results in
+ `curl_config.h`.
+
+ Ref: #11964 (effort to sync cmake detections with autotools)
+
+ Closes #11978
+
+- appveyor: minor improvements
+
+ - run `curl -V` after builds to see if they run and with what features.
+ Except for one job where a CRT DLL is missing. And ARM64 which should
+ fail, but is silently not launched instead.
+
+ - copy libcurl DLL next to curl tool and tests binaries in shared mode.
+ This makes it possible to run the tests. (We don't run tests after
+ these builds yet.)
+
+ - list the DLLs and EXEs present after the builds.
+
+ - add `DEBUG` variable for CMake builds to allow disabling it, for
+ testing non-debug builds. (currently enabled for all)
+
+ - add commented lines that dump CMake configuration logs for debugging
+ build/auto-detection issues.
+
+ - add gcc version to jobs where missing.
+
+ - switch a job to the native MSYS2 mingw-w64 toolchain. This adds gcc 9
+ to the build mix.
+
+ - make `SHARED=OFF` and `OPENSSL=OFF` defaults global.
+
+ - delete a duplicate backslash.
+
+ Closes #11976
+
+- configure: replace adhoc domain with `localhost` in tests
+
+ Reviewed-by: Daniel Stenberg
+ Closes #11988
+
+- tidy-up: use more example domains
+
+ Also make use of the example TLD:
+ https://en.wikipedia.org/wiki/.example
+
+ Reviewed-by: Daniel Stenberg
+ Closes #11992
+
+Dan Fandrich (29 Sep 2023)
+
+- runtests: display the test status if tests appear hung
+
+ It sometimes happens that a test hangs during a test run and never
+ returns. The test harness will wait indefinitely for the results and on
+ CI servers the CI job will eventually be killed after an hour or two.
+ At the end of a test run, if results haven't come in within a couple of
+ minutes, display the status of all test runners and what tests they're
+ running to help in debugging the problem.
+
+ This feature is really only kick in with parallel testing enabled, which
+ is fine because without parallel testing it's usually easy to tell what
+ test has hung.
+
+ Closes #11980
+
+- github/labeler: remove workaround for labeler
+
+ This was added due to what seemed to be a bug regarding the sync-labels:
+ config option, but it looks like it wasn't necessary.
+
+ Follow-up to b2b0534e7
+
+Viktor Szakats (29 Sep 2023)
+
+- docs: upgrade an URL to HTTPS in `BINDINGS.md` [ci skip]
+
+Daniel Stenberg (29 Sep 2023)
+
+- docs: replace made up domains with example.com
+
+ in FAQ and MANUAL.md
+
+ - example.com was made for this purpose.
+
+ - reduces the risk that one of those domains suddenly start hosting
+ something nasty and we provide links to them
+
+ Closes #11986
+
+Michael Osipov (29 Sep 2023)
+
+- acinclude.m4: Document proper system truststore on FreeBSD
+
+ The default system truststore on FreeBSD has been /etc/ssl/certs for many
+ years now. It is managed canonically through certctl(8) and contains hashed
+ symlinks for OpenSSL and other TLS providers.
+ The previous ones require security/ca_root_nss which might not be installed o
+ r
+ will not contain any custom CA certificates.
+
+ Closes #11985
+
+Daniel Stenberg (29 Sep 2023)
+
+- FAQ: How do I upgrade curl.exe in Windows?
+
+ This is a growing question, better answer it here to get somewhere to
+ point users to.
+
+ Closes #11984
+
+Viktor Szakats (28 Sep 2023)
+
+- cmake: pre-cache `HAVE_BASENAME` for mingw-w64 and MSVC
+
+ `basename` is present in mingw-w64, missing from MSVC. Pre-cache
+ accordingly to make configure faster.
+
+ Notice that `basename` has a bug so we later disable it even with
+ mingw-w64:
+ https://github.com/curl/curl/blob/781242ffa44a9f9b95b6da5ac5a1bf6372ec6257/li
+ b/curl_setup.h#L820-L825
+
+ Closes #11974
+
+Daniel Stenberg (28 Sep 2023)
+
+- cmake: add missing checks
+
+ - check for arc4random. To make rand.c use it accordingly.
+ - check for fcntl
+ - fix fseek detection
+ - add SIZEOF_CURL_SOCKET_T
+ - fix USE_UNIX_SOCKETS
+ - define HAVE_SNPRINTF to 1
+ - check for fnmatch
+ - check for sched_yield
+ - remove HAVE_GETPPID duplicate from curl_config.h
+ - add HAVE_SENDMSG
+
+ Ref: #11964
+
+ Co-authored-by: Viktor Szakats
+ Closes #11973
+
+- configure: remove unused checks
+
+ - for sys/uio.h
+ - for fork
+ - for connect
+
+ Ref: #11964
+
+ Closes #11973
+
+- lib: remove TIME_WITH_SYS_TIME
+
+ It is not used in any code anywhere.
+
+ Ref: #11964
+ Closes #11975
+
+- docs: update curl man page references
+
+ Detected by the manpage-syntax update
+
+ Closes #11963
+
+- manpage-syntax: verify curl man page references
+
+ 1. References to curl symbols are now checked that they indeed exist as
+ man pages. This for \f references as well as the names referenced in the
+ SEE ALSO section.
+
+ Allowlist curl.1 since it is not always built in builds
+
+ 2. References to curl symbols that lack section now causes warning, since tha
+ t
+ will prevent them from getting linked properly
+
+ 3. Check for "bare" references to curl functions and warn, they should be
+ references
+
+ Closes #11963
+
+- cmake: add check for suseconds_t
+
+ And fix the HAVE_LONGLONG define
+
+ Ref: #11964
+ Closes #11977
+
+Viktor Szakats (28 Sep 2023)
+
+- tidy-up: whitespace fixes
+
+ Closes #11972
+
+- cmake: detect TLS-SRP in OpenSSL/wolfSSL/GnuTLS
+
+ With new option `CURL_DISABLE_SRP=ON` to force-disable it.
+ To match existing option and detection logic in autotools.
+
+ Also:
+ - fix detecting GnuTLS.
+ We assume `nettle` as a GnuTLS dependency.
+ - add CMake GnuTLS CI job.
+ - bump AppVeyor CMake OpenSSL MSVC job to OpenSSL 1.1.1 (from 1.0.2)
+ TLS-SRP fails to detect with 1.0.2 due to an OpenSSL header bug.
+ - fix compiler warning when building with GnuTLS and disabled TLS-SRP.
+ - fix comment typos, whitespace.
+
+ Ref: #11964
+
+ Closes #11967
+
+- tool: use our own stderr variable
+
+ Earlier this year we changed our own stderr variable to use the standard
+ name `stderr` (to avoid bugs where someone is using `stderr` instead of
+ the curl-tool specific variable). This solution needed to override the
+ standard `stderr` symbol via the preprocessor. This in turn didn't play
+ well with unity builds and caused curl tool to crash or stay silent due
+ to an uninitialized stderr. This was a hard to find issue, fixed by
+ manually breaking out one file from the unity sources.
+
+ To avoid two these two tricks, this patch implements a different
+ solution: Restore using our own local variable for our stderr output and
+ leave `stderr` as-is. To avoid using `stderr` by mistake, add a
+ `checksrc` rule (based on logic we already used in lib for `strerror`)
+ that detects any `stderr` use in `src` and points to using our own
+ variable instead: `tool_stderr`.
+
+ Follow-up to 06133d3e9b8aeb9e9ca0b3370c246bdfbfc8619e
+ Follow-up to 2f17a9b654121dd1ecf4fc043c6d08a9da3522db
+
+ Closes #11958
+
+Loïc Yhuel (28 Sep 2023)
+
+- connect: only start the happy eyeballs timer when needed
+
+ The timeout is only used when there is a second address family, for the
+ delayed eyeballer.
+
+ Closes #11939
+
+Daniel Stenberg (28 Sep 2023)
+
+- tool_operate: free 'gateway' correctly
+
+ Pointed out by Coverity. The fix in 93885cf3a8d4e was incomplete.
+
+ Also removed repeated wording in IPFS related error messages.
+
+ Closes #11969
+
+Stefan Eissing (28 Sep 2023)
+
+- lib: move handling of `data->req.writer_stack` into Curl_client_write()
+
+ - move definitions from content_encoding.h to sendf.h
+ - move create/cleanup/add code into sendf.c
+ - installed content_encoding writers will always be called
+ on Curl_client_write(CLIENTWRITE_BODY)
+ - Curl_client_cleanup() frees writers and tempbuffers from
+ paused transfers, irregardless of protocol
+
+ Closes #11908
+
+Loïc Yhuel (28 Sep 2023)
+
+- multi: round the timeout up to prevent early wakeups
+
+ Curl_timediff rounds down to the millisecond, so curl_multi_perform can
+ be called too early, then we get a timeout of 0 and call it again.
+
+ The code already handled the case of timeouts which expired less than
+ 1ms in the future. By rounding up, we make sure we will never ask the
+ platform to wake up too early.
+
+ Closes #11938
+
+Daniel Stenberg (28 Sep 2023)
+
+- RELEASE-NOTES: spell out that IPFS is via gateway
+
+- RELEASE-NOTES: synced
+
+- tool_operate: avoid strlen() -1 on zero length content from file
+
+ Follow-up to 65b563a96a226649ba12cb1e
+
+ Closes #11959
+
+- tool_operate: fix memory mixups
+
+ Switch to plain getenv() from curl_getenv() to avoid the allocation and
+ having to keep track of which free() or curl_free() that need to be
+ used.
+
+ Coverity found issues and a memory leak.
+
+ Follow-up to 65b563a96a226649ba12cb1e
+
+ Closes #11959
+
+Viktor Szakats (27 Sep 2023)
+
+- curl-functions.m4: fixup recent bad edits
+
+ Follow-up to 96c29900bcec32dd6bc8e9857c8871ff4b8b8ed9 #11940
+
+ Closes #11966
+
+Daniel Stenberg (27 Sep 2023)
+
+- curl-functions.m4: fix include line
+
+ This made the getaddrinfo detection fail, but we did not spot it in the
+ CI because it graciously falled back to using legacy functions instead!
+
+ Follow-up to 96c29900bcec (#11940)
+
+ Closes #11965
+
+- inet_ntop: add typecast to silence Coverity
+
+ CID 1024653: Integer handling issues (SIGN_EXTENSION)
+
+ Suspicious implicit sign extension: "src[i]" with type "unsigned char
+ const" (8 bits, unsigned) is promoted in "src[i] << (1 - i % 2 << 3)" to
+ type "int" (32 bits, signed), then sign-extended to type "unsigned long"
+ (64 bits, unsigned). If "src[i] << (1 - i % 2 << 3)" is greater than
+ 0x7FFFFFFF, the upper bits of the result will all be 1.
+
+ 111 words[i/2] |= (src[i] << ((1 - (i % 2)) << 3));
+
+ The value will not be greater than 0x7FFFFFFF so this still cannot
+ happen.
+
+ Also, switch to ints here instead of longs. The values stored are 16 bit
+ so at least no need to use 64 bit variables. Also, longs are 32 bit on
+ some platforms so this logic still needs to work with 32 bits.
+
+ Closes #11960
+
+- docs: adapt SEE ALSO sections to new requirements
+
+ To please manpage-syntax.pl used by test 1173
+
+ Closes #11957
+
+- manpage-syntax.pl: verify SEE ALSO syntax
+
+ - Enforce a single reference per .BR line
+ - Skip the quotes around the section number for example (3)
+ - Insist on trailing commas on all lines except the last
+ - Error on comma on the last SEE ALSO entry
+
+ - List the entries alpha-sorted, not enforced just recommended
+
+ Closes #11957
+
+- connect: expire the timeout when trying next
+
+ ... so that it gets called again immediately and can continue trying
+ addresses to connect to. Otherwise it might unnecessarily wait for a
+ while there.
+
+ Fixes #11920
+ Reported-by: Loïc Yhuel
+ Closes #11935
+
+- http: remove wrong comment for http_should_fail
+
+ Reported-by: Christian Schmitz
+ Ref: #11936
+ Closes #11941
+
+Dan Fandrich (26 Sep 2023)
+
+- tool_setopt: remove unused function tool_setopt_flags
+
+ This function is identical to tool_setopt_bitmask except that it treats
+ the argument as unsigned.
+
+ Closes #11943
+
+Viktor Szakats (26 Sep 2023)
+
+- cmake: add feature checks for `memrchr` and `getifaddrs`
+
+ - `HAVE_MEMRCHR` for `memrchr`.
+ - `HAVE_GETIFADDRS` for `getifaddrs`.
+ This was present in `lib/curl_config.h.cmake` but missed the detection
+ logic.
+
+ To match existing autotools feature checks.
+
+ Closes #11954
+
+- cmake: move global headers to specific checks
+
+ Before this patch we added standard headers unconditionally to the
+ global list of headers used for feature checks. This is unnecessary
+ and also doesn't help CMake 'Generate' performance. This patch moves
+ these headers to each feature check where they are actually needed.
+ Stop using `stddef.h`, as it seems unnecessary.
+
+ I've used autotools' `m4/curl-functions.m4` to figure out these
+ dependencies.
+
+ Also delete checking for the C89 standard header `time.h`, that I
+ missed in the earlier commit.
+
+ Ref: 96c29900bcec32dd6bc8e9857c8871ff4b8b8ed9 #11940
+
+ Closes #11951
+
+- src/mkhelp: make generated code pass `checksrc`
+
+ Closes #11955
+
+- tests: show which curl tool `runtests.pl` is using
+
+ To help debugging when there is issue finding or running it.
+
+ Closes #11953
+
+- CI/azure: make `MAKEFLAGS` global to parallelize all jobs
+
+ https://dev.azure.com/daniel0244/curl/_build/results?buildId=17528 (before)
+ https://dev.azure.com/daniel0244/curl/_build/results?buildId=17545 (after, wi
+ th -j3)
+
+ Closes #11952
+
+- CI/azure: migrate old mingw MSYS1 jobs to MSYS2
+
+ Also delete an accidental variable reference.
+
+ Follow-up to 38029101e2d78ba125732b3bab6ec267b80a0e72
+
+ Closes #11945
+
+Daniel Stenberg (26 Sep 2023)
+
+- docs: add see also curl_multi_get_handles to some man pages
+
+ Assisted-by: Jay Satiro
+
+ Closes #11942
+
+Viktor Szakats (26 Sep 2023)
+
+- cmake: assume `_fseeki64` and no `fseeko` on Windows
+
+ `_fseeki64` is present in mingw-w64 1.0 (2011-09-26) headers, and
+ at least Watcom C 1.9 (2010) headers and MSVS 2008 [1].
+
+ `fseeko` is not present in any of these.
+
+ (mingw-w64 1.0 also offers `fseeko64`.)
+
+ [1] https://github.com/curl/curl/pull/11944#issuecomment-1734995004
+
+ Follow-up to 9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93 #11918
+
+ Closes #11950
+
+- build: delete checks for C89 standard headers
+
+ Delete checks and guards for standard C89 headers and assume these are
+ available: `stdio.h`, `string.h`, `time.h`, `setjmp.h`, `stdlib.h`,
+ `stddef.h`, `signal.h`.
+
+ Some of these we already used unconditionally, some others we only used
+ for feature checks.
+
+ Follow-up to 9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93 #11918 (for `stdio.h` i
+ n CMake)
+
+ Closes #11940
+
+Stefan Eissing (26 Sep 2023)
+
+- multiif.h: remove Curl_multi_dump declaration
+
+ Follow-up to d850eea2 which removed the Curl_multi_dump definition.
+
+ Closes https://github.com/curl/curl/pull/11946
+
+Jay Satiro (26 Sep 2023)
+
+- config-win32: define HAVE__FSEEKI64
+
+ Follow-up to 9c7165e9 which added an fseeko wrapper to the lib that
+ calls _fseeki64 if it is available.
+
+ Closes https://github.com/curl/curl/pull/11944
+
+- docs: explain how PINNEDPUBLICKEY is independent of VERIFYPEER
+
+ - Explain that peer verification via CURLOPT_PINNEDPUBLICKEY takes place
+ even if peer verification via CURLOPT_SSL_VERIFYPEER is turned off.
+
+ The behavior is verified by test2048.
+
+ Bug: https://github.com/curl/curl/issues/2935#issuecomment-418371872
+ Reported-by: claudiusaiz@users.noreply.github.com
+
+ Bug: https://github.com/curl/curl/discussions/11910
+ Reported-by: Hakan Sunay Halil
+
+ Closes https://github.com/curl/curl/pull/11930
+
+Stefan Eissing (26 Sep 2023)
+
+- openssl: improve ssl shutdown handling
+
+ - If SSL shutdown is not finished then make an additional call to
+ SSL_read to gather additional tracing.
+
+ - Fix http2 and h2-proxy filters to forward do_close() calls to the next
+ filter.
+
+ For example h2 and SSL shutdown before and after this change:
+
+ Before:
+
+ Curl_conn_close -> cf_hc_close -> Curl_conn_cf_discard_chain ->
+ ssl_cf_destroy
+
+ After:
+
+ Curl_conn_close -> cf_hc_close -> cf_h2_close -> cf_setup_close ->
+ ssl_cf_close
+
+ Note that currently the tracing does not show output on the connection
+ closure handle. Refer to discussion in #11878.
+
+ Ref: https://github.com/curl/curl/discussions/11878
+
+ Closes https://github.com/curl/curl/pull/11858
+
+Loïc Yhuel (26 Sep 2023)
+
+- multi: fix small timeouts
+
+ Since Curl_timediff rounds down to the millisecond, timeouts which
+ expire in less than 1ms are considered as outdated and removed from the
+ list. We can use Curl_timediff_us instead, big timeouts could saturate
+ but this is not an issue.
+
+ Closes #11937
+
+Viktor Szakats (25 Sep 2023)
+
+- cmake: fix stderr initialization in unity builds
+
+ Before this patch, in certain build configurations the curl tool may
+ not have displayed anything (debug, macOS), or crashed at startup
+ (debug, Windows).
+
+ Follow-up to 3f8fc25720900b14b7432f4bd93407ca15311719
+ Necessary after 2f17a9b654121dd1ecf4fc043c6d08a9da3522db
+
+ Closes #11929
+
+- cmake: fix missing `zlib.h` when compiling `libcurltool`
+
+ Came up while testing debug/testing build for Windows. I'm not sure why
+ it didn't come up in earlier tests with similar config.
+ `tool_hugehelp.c` might indeed require `zlib.h` and without linking
+ `CURL_LIBS` to the `curltool` target, CMake doesn't seem to add detected
+ dependency headers to the compiler command.
+
+ ```
+ [ 25%] Building C object src/CMakeFiles/curltool.dir/tool_hugehelp.c.obj
+ cd .../curl/bld-cmake-llvm-x64/src && /usr/local/opt/llvm/bin/clang
+ --target=x86_64-w64-mingw32 --sysroot=/usr/local/opt/mingw-w64/toolchain-x8
+ 6_64
+ -DCURLDEBUG -DCURL_STATICLIB -DHAVE_CONFIG_H -DUNICODE -DUNITTESTS -D_UNICO
+ DE
+ -I.../curl/include -I.../curl/lib -I.../curl/bld-cmake-llvm-x64/lib
+ -I.../curl/bld-cmake-llvm-x64/include -I.../curl/src -Wno-unused-command-li
+ ne-argument
+ -D_UCRT -DDEBUGBUILD -DHAS_ALPN -DUSE_MANUAL=1 -fuse-ld=lld -Wl,-s -static
+ -libgcc
+ -lucrt [...] -O3 -DNDEBUG -municode -MD
+ -MT src/CMakeFiles/curltool.dir/tool_hugehelp.c.obj
+ -MF CMakeFiles/curltool.dir/tool_hugehelp.c.obj.d
+ -o CMakeFiles/curltool.dir/tool_hugehelp.c.obj -c .../curl/bld-cmake-llvm-x
+ 64/src/tool_hugehelp.c
+ .../curl/bld-cmake-llvm-x64/src/tool_hugehelp.c:6:10: fatal error: 'zlib.h' f
+ ile not found
+ 6 | #include <zlib.h>
+ | ^~~~~~~~
+ ```
+
+ Follow-up to 39e7c22bb459c2e818f079984989a26a09741860
+
+ Closes #11927
+
+- cmake: fix duplicate symbols when linking tests
+
+ The linker resolves this automatically in non-unity builds. In unity
+ builds the linker cannot drop a single object with the duplicates,
+ resulting in these errors. The root issue is that we started including
+ certain objects both via both libcurlu and libcurltool libs.
+
+ Regression from 39e7c22bb459c2e818f079984989a26a09741860
+
+ Windows errors:
+ ```
+ [ 3%] Linking C executable unit1303.exe
+ [ 3%] Building C object tests/server/CMakeFiles/rtspd.dir/__/__/lib/curl_mul
+ tibyte.c.obj
+ ../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_convert_UTF8_to_wch
+ ar':
+ C:/projects/curl/lib/curl_multibyte.c:44: multiple definition of `curlx_conve
+ rt_UTF8_to_wchar'
+ ../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
+ c:44: first defined here
+ ../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_convert_wchar_to_UT
+ F8':
+ C:/projects/curl/lib/curl_multibyte.c:66: multiple definition of `curlx_conve
+ rt_wchar_to_UTF8'
+ ../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
+ c:66: first defined here
+ ../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_win32_open':
+ C:/projects/curl/lib/curl_multibyte.c:92: multiple definition of `curlx_win32
+ _open'
+ ../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
+ c:92: first defined here
+ ../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_win32_fopen':
+ C:/projects/curl/lib/curl_multibyte.c:120: multiple definition of `curlx_win3
+ 2_fopen'
+ ../../src/libcurltool-d.a(unity_0.c.obj):C:/projects/curl/lib/curl_multibyte.
+ c:120: first defined here
+ ../../lib/libcurlu-d.a(unity_0.c.obj): In function `curlx_win32_stat':
+ [...]
+ ```
+ Ref: https://ci.appveyor.com/project/curlorg/curl/builds/48110107/job/nvlhpt9
+ aa4ehny5q#L247
+
+ macOS errors:
+ ```
+ [ 56%] Linking C executable unit1302
+ duplicate symbol '_curlx_sotouz' in:
+ ../../lib/libcurlu.a(unity_0_c.c.o)
+ ../../src/libcurltool.a(unity_0_c.c.o)
+ duplicate symbol '_curlx_sitouz' in:
+ ../../lib/libcurlu.a(unity_0_c.c.o)
+ ../../src/libcurltool.a(unity_0_c.c.o)
+ duplicate symbol '_curlx_uztosz' in:
+ ../../lib/libcurlu.a(unity_0_c.c.o)
+ ../../src/libcurltool.a(unity_0_c.c.o)
+ [...]
+ ```
+ with config:
+ ```
+ -DCMAKE_UNITY_BUILD=ON \
+ -DENABLE_DEBUG=ON -DBUILD_TESTING=ON -DCMAKE_C_FLAGS=-DDEBUGBUILD \
+ -DBUILD_SHARED_LIBS=ON \
+ -DBUILD_STATIC_LIBS=OFF
+ ```
+
+ Closes #11926
+
+- cmake: lib `CURL_STATICLIB` fixes (Windows)
+
+ - always define `CURL_STATICLIB` when building libcurl for Windows.
+
+ This disables `__declspec(dllexport)` for exported libcurl symbols.
+ In normal mode (hide symbols) these exported symbols are specified
+ via `libcurl.def`. When not hiding symbols, all symbols are exported
+ by default.
+
+ Regression from 1199308dbc902c52be67fc805c72dd2582520d30
+
+ Fixes #11844
+
+ - fix to omit `libcurl.def` when not hiding private symbols.
+
+ Regression from 2ebc74c36a19a1700af394c16855ce144d9878e3
+
+ - fix `ENABLED_DEBUG=ON` + shared curl tool Windows builds by also
+ omitting `libcurl.def` in this case, and exporting all symbols
+ instead. This ensures that a shared curl tool can access all debug
+ functions which are not normally exported from libcurl DLL.
+
+ - delete `INTERFACE_COMPILE_DEFINITIONS "CURL_STATICLIB"` for "objects"
+ target.
+
+ Follow-up to 2ebc74c36a19a1700af394c16855ce144d9878e3
+
+ - delete duplicate `BUILDING_LIBCURL` definitions.
+
+ - fix `HIDES_CURL_PRIVATE_SYMBOLS` to not overwrite earlier build settings.
+
+ Follow-up to 1199308dbc902c52be67fc805c72dd2582520d30
+
+ Closes #11914
+
+Daniel Stenberg (25 Sep 2023)
+
+- RELEASE-NOTES: synced
+
+Dan Fandrich (25 Sep 2023)
+
+- tests: fix log directory path in IPFS tests
+
+ Hard-coding the log directory name fails with parallel tests.
+
+ Follow-up to 65b563a96
+
+ Ref: #8805
+
+Daniel Stenberg (25 Sep 2023)
+
+- curl_multi_get_handles: get easy handles from a multi handle
+
+ Closes #11750
+
+Stefan Eissing (25 Sep 2023)
+
+- http: h1/h2 proxy unification
+
+ - use shared code for setting up the CONNECT request
+ when tunneling, used in HTTP/1.x and HTTP/2 proxying
+ - eliminate use of Curl_buffer_send() and other manipulations
+ of `data->req` or `data->state.ulbuf`
+
+ Closes #11808
+
+Natanael Copa (25 Sep 2023)
+
+- lib: use wrapper for curl_mime_data fseek callback
+
+ fseek uses long offset which does not match with curl_off_t. This leads
+ to undefined behavior when calling the callback and caused failure on
+ arm 32 bit.
+
+ Use a wrapper to solve this and use fseeko which uses off_t instead of
+ long.
+
+ Thanks to the nice people at Libera IRC #musl for helping finding this
+ out.
+
+ Fixes #11882
+ Fixes #11900
+ Closes #11918
+
+- configure: sort AC_CHECK_FUNCS
+
+ No functional changes.
+
+Daniel Stenberg (25 Sep 2023)
+
+- warnless: remove unused functions
+
+ Previously put there for use with the intel compiler
+
+ Closes #11932
+
+- GHA/linux: run singleuse to detect single-use global functions
+
+ Use --unit for configure --enable-debug builds
+
+ Closes #11932
+
+- singleuse: add scan for use in other source codes
+
+ This should reduce false-positive to almost zero. Checks for presence in
+ unit tests if --unit is specified, which is intended for debug builds
+ where unit testing is enabled.
+
+ Closes #11932
+
+- multi: remove Curl_multi_dump
+
+ A debug-only function that is basically never used. Removed to ease the
+ use of the singleuse script to detect non-static functions not used
+ outside the file where it is defined.
+
+ Closes #11931
+
+Viktor Szakats (24 Sep 2023)
+
+- tests: fix compiler warnings
+
+ Seen with llvm 17 on Windows x64.
+
+ ```
+ .../curl/tests/server/rtspd.c:136:13: warning: no previous extern declaration
+ for non-static variable 'logdir' [-Wmissing-variable-declarations]
+ 136 | const char *logdir = "log";
+ | ^
+ .../curl/tests/server/rtspd.c:136:7: note: declare 'static' if the variable i
+ s not intended to be used outside of this translation unit
+ 136 | const char *logdir = "log";
+ | ^
+ .../curl/tests/server/rtspd.c:137:6: warning: no previous extern declaration
+ for non-static variable 'loglockfile' [-Wmissing-variable-declarations]
+ 137 | char loglockfile[256];
+ | ^
+ .../curl/tests/server/rtspd.c:137:1: note: declare 'static' if the variable i
+ s not intended to be used outside of this translation unit
+ 137 | char loglockfile[256];
+ | ^
+ .../curl/tests/server/fake_ntlm.c:43:13: warning: no previous extern declarat
+ ion for non-static variable 'logdir' [-Wmissing-variable-declarations]
+ 43 | const char *logdir = "log";
+ | ^
+ .../curl/tests/server/fake_ntlm.c:43:7: note: declare 'static' if the variabl
+ e is not intended to be used outside of this translation unit
+ 43 | const char *logdir = "log";
+ | ^
+ .../curl/src/tool_doswin.c:350:8: warning: possible misuse of comma operator
+ here [-Wcomma]
+ 350 | ++d, ++s;
+ | ^
+ .../curl/src/tool_doswin.c:350:5: note: cast expression to void to silence wa
+ rning
+ 350 | ++d, ++s;
+ | ^~~
+ | (void)( )
+ ```
+
+ ```
+ .../curl/tests/libtest/lib540.c:146:27: warning: result of comparison 'long'
+ > 2147483647 is always false [-Wtautological-type-limit-compare]
+ 146 | int itimeout = (L > (long)INT_MAX) ? INT_MAX : (int)L;
+ | ~ ^ ~~~~~~~~~~~~~
+ 1 warning generated.
+
+ .../curl/tests/libtest/libntlmconnect.c:195:31: warning: result of comparison
+ 'long' > 2147483647 is always false [-Wtautological-type-limit-compare]
+ 195 | int itimeout = (timeout > (long)INT_MAX) ? INT_MAX : (int)timeo
+ ut;
+ | ~~~~~~~ ^ ~~~~~~~~~~~~~
+ 1 warning generated.
+
+ .../curl/tests/libtest/lib591.c:117:31: warning: result of comparison 'long'
+ > 2147483647 is always false [-Wtautological-type-limit-compare]
+ 117 | int itimeout = (timeout > (long)INT_MAX) ? INT_MAX : (int)timeo
+ ut;
+ | ~~~~~~~ ^ ~~~~~~~~~~~~~
+ 1 warning generated.
+ .../curl/tests/libtest/lib597.c:99:31: warning: result of comparison 'long' >
+ 2147483647 is always false [-Wtautological-type-limit-compare]
+ 99 | int itimeout = (timeout > (long)INT_MAX) ? INT_MAX : (int)timeo
+ ut;
+ | ~~~~~~~ ^ ~~~~~~~~~~~~~
+ 1 warning generated.
+ ```
+
+ Seen on macOS Intel:
+ ```
+ .../curl/tests/server/sws.c:440:64: warning: field precision should have type
+ 'int', but argument has type 'size_t' (aka 'unsigned long') [-Wformat]
+ msnprintf(logbuf, sizeof(logbuf), "Got request: %s %.*s HTTP/%d.%d"
+ ,
+ ~~^~
+ 1 warning generated.
+ ```
+
+ Closes #11925
+
+Jay Satiro (24 Sep 2023)
+
+- url: fix netrc info message
+
+ - Fix netrc info message to use the generic ".netrc" filename if the
+ user did not specify a netrc location.
+
+ - Update --netrc doc to add that recent versions of curl on Windows
+ prefer .netrc over _netrc.
+
+ Before:
+ * Couldn't find host google.com in the (nil) file; using defaults
+
+ After:
+ * Couldn't find host google.com in the .netrc file; using defaults
+
+ Closes https://github.com/curl/curl/pull/11904
+
+Dan Fandrich (23 Sep 2023)
+
+- wolfssh: do cleanup in Curl_ssh_cleanup
+
+ Closes: #11921
+
+Daniel Stenberg (24 Sep 2023)
+
+- tool_listhelp: regenerated
+
+ Polished the --ipfs-gateway description
+
+ Fixed the --trace-config description
+
+ The script also fixed some other small mistakes
+
+ Closes #11923
+
+Viktor Szakats (23 Sep 2023)
+
+- Makefile.mk: always set `CURL_STATICLIB` for lib (Windows)
+
+ Also fix to export all symbols in Windows debug builds, making
+ `-debug-dyn` builds work with `-DCURL_STATICLIB` set.
+
+ Ref: https://github.com/curl/curl/pull/11914 (same for CMake)
+
+ Closes #11924
+
+Daniel Stenberg (23 Sep 2023)
+
+- quic: set ciphers/curves the same way regular TLS does
+
+ for OpenSSL/BoringSSL
+
+ Fixes #11796
+ Reported-by: Karthikdasari0423 on github
+ Assisted-by: Jay Satiro
+ Closes #11836
+
+- test457: verify --max-filesize with chunked encoding
+
+- lib: let the max filesize option stop too big transfers too
+
+ Previously it would only stop them from getting started if the size is
+ known to be too big then.
+
+ Update the libcurl and curl docs accordingly.
+
+ Fixes #11810
+ Reported-by: Elliot Killick
+ Assisted-by: Jay Satiro
+ Closes #11820
+
+Viktor Szakats (23 Sep 2023)
+
+- mingw: delete support for legacy mingw.org toolchain
+
+ Drop support for "old" / "legacy" / "classic" / "v1" / "mingw32" MinGW:
+ https://en.wikipedia.org/wiki/MinGW, https://osdn.net/projects/mingw/
+ Its homepage used to be http://mingw.org/ [no HTTPS], and broken now.
+ It supported the x86 CPU only and used a old Windows API header and
+ implib set, often causing issues. It also misses most modern Windows
+ features, offering old versions of both binutils and gcc (no llvm/clang
+ support). It was last updated 2 years ago.
+
+ curl now relies on toolchains based on the mingw-w64 project:
+ https://www.mingw-w64.org/ https://sourceforge.net/projects/mingw-w64/
+ https://www.msys2.org/ https://github.com/msys2/msys2
+ https://github.com/mstorsjo/llvm-mingw
+ (Also available via Linux and macOS package managers.)
+
+ Closes #11625
+
+Mark Gaiser (23 Sep 2023)
+
+- curl: add support for the IPFS protocols:
+
+ - ipfs://<cid>
+ - ipns://<cid>
+
+ This allows you tu use ipfs in curl like:
+ curl ipfs://<cid>
+ and
+ curl ipns://<cid>
+
+ For more information consult the readme at:
+ https://curl.se/docs/ipfs.html
+
+ Closes #8805
+
+Daniel Stenberg (23 Sep 2023)
+
+- bufq: remove Curl_bufq_skip_and_shift (unused)
+
+ Closes #11915
+
+- scripts/singleuse.pl: add curl_global_trace
+
+Viktor Szakats (22 Sep 2023)
+
+- cmake: fix unity symbol collisions in h2 builds
+
+ Regression from 331b89a319d0067fa1e6441719307cfef9c7960f
+
+ Reviewed-by: Daniel Stenberg
+ Reviewed-by: Jay Satiro
+ Closes #11912
+
+Daniel Stenberg (22 Sep 2023)
+
+- RELEASE-NOTES: synced
+
+Dan Fandrich (21 Sep 2023)
+
+- github/labeler: improve the match patterns
+
+ This includes new rules for setting the appleOS and logging labels and
+ matches on some example files. Also, enable dot mode for wildcard
+ matches in the .github directory.
+
+Daniel Stenberg (21 Sep 2023)
+
+- upload-file.d: describe the file name slash/backslash handling
+
+ Closes #11911
+
+Jakub Jelen (21 Sep 2023)
+
+- libssh: cap SFTP packet size sent
+
+ Due to libssh limitations
+
+ Signed-off-by: Jakub Jelen <jjelen@redhat.com>
+
+ Closes #11804
+
+Daniel Stenberg (21 Sep 2023)
+
+- curl.h: mark CURLSSLBACKEND_NSS as deprecated since 8.3.0
+
+ Closes #11905
+
+- mailmap: unify Michael Osipov under a single email
+
+Ted Lyngmo (21 Sep 2023)
+
+- docs: use CURLSSLBACKEND_NONE
+
+ [ssl] use CURLSSLBACKEND_NONE instead of (curl_sslbackend)-1 in
+ documentation and examples.
+
+ Signed-off-by: Ted Lyngmo <ted@lyncon.se>
+
+ Closes #11909
+
+Dan Fandrich (21 Sep 2023)
+
+- github/labeler: give the sync-labels config item a default value
+
+ This shouldn't be necessary and is likely a bug with this beta version
+ of the labeller.
+
+ Also, fix the negative matches for the documentation label.
+
+ Follow-up to dd12b452a
+ Closes #11907
+
+- github/labeler: fix up more the labeler config format
+
+ The new version didn't like the workaround we had for a bug in the
+ previous labeler version, and it should no longer be needed.
+
+ Follow-up to dd12b452a
+ Closes #11906
+
+- github/labeler: fix indenting to try to appease labeller
+
+ Follow-up to dd12b452a
+
+Jay Satiro (21 Sep 2023)
+
+- libssh2: fix error message on failed pubkey-from-file
+
+ - If libssh2_userauth_publickey_fromfile_ex returns -1 then show error
+ message "SSH public key authentication failed: Reason unknown (-1)".
+
+ When libssh2_userauth_publickey_fromfile_ex returns -1 it does so as a
+ generic error and therefore doesn't set an error message. AFAICT that is
+ not documented behavior.
+
+ Prior to this change libcurl retrieved the last set error message which
+ would be from a previous function failing. That resulted in misleading
+ auth failed error messages in verbose mode.
+
+ Bug: https://github.com/curl/curl/issues/11837#issue-1891827355
+ Reported-by: consulion@users.noreply.github.com
+
+ Closes https://github.com/curl/curl/pull/11881
+
+Stefan Eissing (21 Sep 2023)
+
+- pytest: exclude test_03_goaway in CI runs due to timing dependency
+
+ Closes #11860
+
+- lib: disambiguate Curl_client_write flag semantics
+
+ - use CLIENTWRITE_BODY *only* when data is actually body data
+ - add CLIENTWRITE_INFO for meta data that is *not* a HEADER
+ - debug assertions that BODY/INFO/HEADER is not used mixed
+ - move `data->set.include_header` check into Curl_client_write
+ so protocol handlers no longer have to care
+ - add special in FTP for `data->set.include_header` for historic,
+ backward compatible reasons
+ - move unpausing of client writes from easy.c to sendf.c, so that
+ code is in one place and can forward flags correctly
+
+ Closes #11885
+
+Patrick Monnerat (21 Sep 2023)
+
+- tftpd: always use curl's own tftp.h
+
+ Using the system's provided arpa/tftp.h and optimizing, GCC 12 detects
+ and reports a stringop-overread warning:
+
+ tftpd.c: In function ‘write_behind.isra’:
+ tftpd.c:485:12: warning: ‘write’ reading between 1 and 2147483647 bytes f
+ rom a region of size 0 [-Wstringop-overread]
+ 485 | return write(test->ofile, writebuf, count);
+ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ In file included from tftpd.c:71:
+ /usr/include/arpa/tftp.h:58:30: note: source object ‘tu_data’ of size 0
+ 58 | char tu_data[0]; /* data or error stri
+ ng */
+ | ^~~~~~~
+
+ This occurs because writebuf points to this field and the latter
+ cannot be considered as being of dynamic length because it is not
+ the last field in the structure. Thus it is bound to its declared
+ size.
+
+ This commit always uses curl's own version of tftp.h where the
+ target field is last in its structure, effectively avoiding the
+ warning.
+
+ As HAVE_ARPA_TFTP_H is not used anymore, cmake/configure checks for
+ arpa/tftp.h are removed.
+
+ Closes #11897
+
+Dan Fandrich (20 Sep 2023)
+
+- test1474: make precheck more robust on non-Solaris systems
+
+ If uname -r returns something odd, perl could return an error code and
+ the test would be erroneously skipped. The qx// syntax avoid this.
+
+ Followup to 08f9b2148
+
+- github/labeler: switch to the 5 beta version
+
+ This version adds an important feature that will allow more PRs to be
+ labelled. Rather than being limited to labeling PRs with files that
+ match a single glob, it can now label them if multiple changed files
+ match any one of a number of globs.
+
+Daniel Stenberg (20 Sep 2023)
+
+- lib: enable hmac for digest as well
+
+ Previously a build that disabled NTLM and aws-sigv4 would fail to build
+ since the hmac was disabled, but it is also needed for digest auth.
+
+ Follow-up to e92edfbef64448ef
+
+ Fixes #11890
+ Reported-by: Aleksander Mazur
+ Closes #11896
+
+- idn: if idn2_check_version returns NULL, return error
+
+ ... this avoids a NULL dereference for this unusual case.
+
+ Reported-by: s0urc3_ on hackerone
+ Closes #11898
+
+- http: fix CURL_DISABLE_BEARER_AUTH breakage
+
+ When bearer auth was disabled, the if/else logic got wrong and caused
+ problems.
+
+ Follow-up to e92edfbef64448ef461
+ Fixes #11892
+ Reported-by: Aleksander Mazur
+ Closes #11895
+
+Michael Osipov (20 Sep 2023)
+
+- wolfssl: allow capath with CURLOPT_CAINFO_BLOB
+
+ Remain consistent with OpenSSL. While CAfile is nulled as documented
+ with CURLOPT_CAINFO_BLOB, CApath remains intact.
+
+ Closes #11886
+
+- wolfssl: use ssl_cafile/ssl_capath variables consistent with openssl.c
+
+ Closes #11886
+
+Dan Fandrich (19 Sep 2023)
+
+- test1474: disable test on NetBSD, OpenBSD and Solaris 10
+
+ These kernels only send a fraction of the requested amount of the first
+ large block, invalidating the assumptions of the test and causing it to
+ fail.
+
+ Assisted-by: Christian Weisgerber
+ Ref: https://curl.se/mail/lib-2023-09/0021.html
+ Closes #11888
+
+Ryan Schmidt (20 Sep 2023)
+
+- cmake, configure: also link with CoreServices
+
+ When linking with CoreFoundation, also link with CoreServices which is
+ apparently required to avoid an NSInvalidArgumentException in software
+ linking with libcurl on macOS Sonoma 14 and later.
+
+ Fixes #11893
+ Closes #11894
+
+Marc Hoersken (19 Sep 2023)
+
+- CI/azure: remove pip, wheel, cryptography, pyopenssl and impacket
+
+ These dependencies are now already included in the Docker image.
+
+ Ref: https://github.com/mback2k/curl-docker-winbuildenv/commit/2607a31bcab544
+ b41d15606e97f38cf312c1ce56
+
+ Closes #11889
+
+Daniel Stenberg (19 Sep 2023)
+
+- wolfssl: if CURLOPT_CAINFO_BLOB is set, ignore the CA files
+
+ Ref: #11883
+ Reported-by: Michael Osipov
+ Closes #11884
+
+- RELEASE-NOTES: synced
+
+- test3103: CURLOPT_COOKIELIST test
+
+- cookie: set ->running in cookie_init even if data is NULL
+
+ This is a regression introduced in b1b326ec500 (shipped in curl 8.1.0)
+
+ Test 3103 verifies.
+
+ Fixes #11875
+ Reported-by: wangp on github
+ Closes #11876
+
+- test498: total header size for all redirects is larger than accepted
+
+- http: use per-request counter to check too large headers
+
+ Not the counter that accumulates all headers over all redirects.
+
+ Follow-up to 3ee79c1674fd6
+
+ Do a second check for 20 times the limit for the accumulated size for
+ all headers.
+
+ Fixes #11871
+ Reported-by: Joshix-1 on github
+ Closes #11872
+
+Jay Satiro (18 Sep 2023)
+
+- THANKS: add Eric Murphy
+
+ He reported #11850 (quiche build error) but I forgot to add a
+ 'reported-by' entry in the fix 267e14f1.
+
+Daniel Stenberg (18 Sep 2023)
+
+- h2-proxy: remove left-over mistake in drain_tunnel()
+
+ Left-over from 331b89a319
+
+ Reported-by: 南宫雪珊
+
+ Closes https://github.com/curl/curl/pull/11877
+
+vvb2060 (18 Sep 2023)
+
+- lib: failf/infof compiler warnings
+
+ Closes #11874
+
+Daniel Stenberg (17 Sep 2023)
+
+- rand: fix 'alnum': array is too small to include a terminating null character
+
+ It was that small on purpose, but this change now adds the null byte to
+ avoid the error.
+
+ Follow-up to 3aa3cc9b052353b1
+
+ Reported-by: Dan Fandrich
+ Ref: #11838
+ Closes #11870
+
+Mathias Fuchs (16 Sep 2023)
+
+- cmake: fix the help text to the static build option in CMakeLists.txt
+
+ Closes #11843
+
+John Haugabook (16 Sep 2023)
+
+- MANUAL.md: change domain to example.com
+
+ Closes #11866
+
+Daniel Stenberg (16 Sep 2023)
+
+- doh: inherit DEBUGFUNCTION/DATA
+
+ When creating new transfers for doing DoH, they now inherit the debug
+ settings from the initiating transfer, so that the application can
+ redirect and handle the verbose output correctly even for the DoH
+ transfers.
+
+ Reported-by: calvin2021y on github
+ Fixes #11864
+ Closes #11869
+
+Dan Fandrich (16 Sep 2023)
+
+- http_aws_sigv4: fix sorting with empty parts
+
+ When comparing with an empty part, the non-empty one is always
+ considered greater-than. Previously, the two would be considered equal
+ which would randomly place empty parts amongst non-empty ones. This
+ showed as a test 439 failure on Solaris as it uses a different
+ implementation of qsort() that compares parts differently.
+
+ Fixes #11855
+ Closes #11868
+
+- CI: ignore the "flaky" and "timing-dependent" test results
+
+ CI builds will now run these tests, but will ignore the results if they
+ fail. The relevant tests are ones that are sensitive to timing or
+ have edge conditions that make them more likely to fail on CI servers,
+ which are often heavily overloaded and slow.
+
+ This change only adds two additional tests to be ignored, since the
+ others already had the flaky keyword.
+
+ Closes #11865
+
+- runtests: eliminate a warning on old perl versions
+
+ The warning "Use of implicit split to @_ is deprecated" showed between
+ perl versions about 5.8 through 5.11.
+
+- tests: log the test result code after each libtest
+
+ This makes it easier to determine the test status. Also, capitalize
+ FAILURE and ABORT messages in log lines to make them easier to spot.
+
+Harry Sintonen (16 Sep 2023)
+
+- misc: better random strings
+
+ Generate alphanumerical random strings.
+
+ Prior this change curl used to create random hex strings. This was
+ mostly okay, but having alphanumerical random strings is better: The
+ strings have more entropy in the same space.
+
+ The MIME multipart boundary used to be mere 64-bits of randomness due
+ to being 16 hex chars. With these changes the boundary is 22
+ alphanumerical chars, or little over 130 bits of randomness.
+
+ Closes #11838
+
+Daniel Stenberg (15 Sep 2023)
+
+- cookie: reduce variable scope, add const
+
+- cookie: do not store the expire or max-age strings
+
+ Convert it to an expire time at once and save memory.
+
+ Closes #11862
+
+- cookie: remove unnecessary struct fields
+
+ Plus: reduce the hash table size from 256 to 63. It seems unlikely to
+ make much of a speed difference for most use cases but saves 1.5KB of
+ data per instance.
+
+ Closes #11862
+
+- RELEASE-NOTES: synced
+
+ Bumped to 8.4.0, the next presumed version
+
+Dan Fandrich (14 Sep 2023)
+
+- test2600: remove special case handling for USE_ALARM_TIMEOUT
+
+ This was originally added to handle platforms that supported only 1
+ second granularity in connect timeouts, but after some recent changes
+ the test currently permafails on several Windows platforms.
+
+ The need for this special-case was removed in commit 8627416, which
+ increased the connect timeout in all cases to well above 1 second.
+
+ Fixes #11767
+ Closes #11849
+
+Daniel Stenberg (14 Sep 2023)
+
+- SECURITY-PROCESS.md. call it vulnerability disclosure policy
+
+ SECURITY-PROCESS.md -> VULN-DISCLOSURE-POLICY.md
+
+ This a name commonly used for a document like this. This name helps
+ users find it.
+
+ Closes #11852
+
+Junho Choi (14 Sep 2023)
+
+- quiche: fix build error with --with-ca-fallback
+
+ - Fix build error when curl is built with --with-quiche
+ and --with-ca-fallback.
+
+ - Add --with-ca-fallback to the quiche CI job.
+
+ Fixes https://github.com/curl/curl/issues/11850
+ Closes https://github.com/curl/curl/pull/11847
+
+Jay Satiro (14 Sep 2023)
+
+- escape: replace Curl_isunreserved with ISUNRESERVED
+
+ - Use the ALLCAPS version of the macro so that it is clear a macro is
+ being called that evaluates the variable multiple times.
+
+ - Also capitalize macro isurlpuntcs => ISURLPUNTCS since it evaluates
+ a variable multiple times.
+
+ This is a follow-up to 291d225a which changed Curl_isunreserved into an
+ alias macro for ISUNRESERVED. The problem is the former is not easily
+ identified as a macro by the caller, which could lead to a bug.
+
+ For example, ISUNRESERVED(*foo++) is easily identifiable as wrong but
+ Curl_isunreserved(*foo++) is not even though they both are the same.
+
+ Closes https://github.com/curl/curl/pull/11846
+
+Dan Fandrich (13 Sep 2023)
+
+- tests: increase the default server logs lock timeout
+
+ This timeout is used to wait for the server to finish writing its logs
+ before checking them against the expected values. An overloaded machine
+ could take more than the two seconds previously allocated, so increase
+ the timeout to 5 seconds.
+
+ Ref: #11328
+ Closes #11834
+
+- tests: increase TEST_HANG_TIMEOUT in two tests
+
+ These tests had a 5 second timeout compared to 60 seconds for all other
+ tests. Make these consistent with the others for more reliability on
+ heavily-loaded machines.
+
+ Ref: #11328
+
+- test1056: disable on Windows
+
+ This test relies on the IPv6 scope field being ignored when connecting to
+ ipv6-localhost (i.e. [::1%259999] is treated as [::1]). Maybe this is a bit
+ dodgy, but it works on all our test platforms except Windows. This
+ test was disabled manually on all Windows CI builds already, so instead
+ add an incompatible feature and precheck so it's skipped on Windows
+ everywhere automatically.
+
+- test587: add a slight delay after test
+
+ This test is designed to connect to the server, then immediately send a
+ few bytes and disconnect. In some situations, such as on a loaded
+ server, this doesn't give the server enough time to write its lock file
+ before its existence is checked. The test harness then fails to find the
+ server's input log file (because it hasn't been written yet) and fails
+ the test. By adding a short delay after the test, the HTTP server has
+ enough time to write its lock file which gives itself more time to write
+ its remaining files.
+
+ Ref: #11328
+
+- tests: stop overriding the lock timeout
+
+ These tests reduce the server lock wait timeout which can increase
+ flakiness on loaded machines. Since this is merely an optimization,
+ eliminate them in favour of reliability.
+
+ Ref: #11328
+
+- tests: add some --expect100-timeout to reduce timing dependencies
+
+ These tests can fail when the test machine is so slow that the test HTTP
+ server didn't get a chance to complete before the client's one second
+ 100-continue timeout triggered. Increase that 1 second to 999 seconds so
+ this situation doesn't happen.
+
+ Ref: #11328
+
+- test661: return from test early in case of curl error
+
+- tests: add the timing-dependent keyword on several tests
+
+ These are ones likely to fail on heavily-loaded machines that alter the
+ normal test timing. Most of these tests already had the flaky keyword
+ since this condition makes them more likely to fail on CI.
+
+- test1592: greatly increase the maximum test timeout
+
+ It was too short to be reliable on heavily loaded CI machines, and
+ as a fail-safe only, it didn't need to be short.
+
+ Ref: #11328
+
+- test: minor test cleanups
+
+ Remove an obsolete block of code in tests 2032 & 576.
+ Add a comment in test 1474.
+
+- tests: quadruple the %FTPTIME2 and %FTPTIME3 timeouts
+
+ This gives more of a margin for error when running on overloaded CI
+ servers.
+
+ Ref: #11328
+
+- tests: improve SLOWDOWN test reliability by reducing sent data
+
+ These tests are run in SLOWDOWN mode which adds a 10 msec delay after
+ each character output, which means it takes at least 1.6 seconds (and
+ 320 kernel calls) just to get through the long welcome banner. On an
+ overloaded system, this can end up taking much more than 1.6 seconds,
+ and even more than the 7 or 16 second curl timeout that the tests rely
+ on, causing them to fail. Reducing the size of the welcome banner drops
+ the total number of characters sent before the transfer starts by more
+ than half, which reduces the opportunity for test-breaking slowdowns by
+ the same amount.
+
+ Ref: #11328
+
+- test650: fix an end tag typo
+
+Jay Satiro (13 Sep 2023)
+
+- tool_cb_wrt: fix debug assertion
+
+ - Fix off-by-one out-of-bounds array index in Windows debug assertion.
+
+ Bug: https://github.com/curl/curl/commit/af3f4e41#r127212213
+ Reported-by: Gisle Vanem
+
+Daniel Stenberg (13 Sep 2023)
+
+- ctype: add ISUNRESERVED()
+
+ ... and make Curl_isunreserved() use that macro instead of providing a
+ separate funtion for the purpose.
+
+ Closes #11840
+
Version 8.3.0 (13 Sep 2023)
Daniel Stenberg (13 Sep 2023)
@@ -7117,1867 +9543,3 @@ Daniel Stenberg (7 Apr 2023) Pointed out by Coverity
Closes #10906
-
-- http_proxy: provide missing arg to infof() call
-
- Pointed out by Coverity
-
- Closes #10904
-
-- content_encoding: only do tranfer-encoding compression if asked to
-
- To reduce surprises. Update test 387 and 418 accordingly.
-
- Closes #10899
-
-- sws: comparison of unsigned expression < 0 is always false
-
- Follow-up to 356dd0b73a75ed6d5
-
- Closes #10903
-
-- lib/cmake: add HAVE_WRITABLE_ARGV check
-
- Assisted-by: Jakub Zakrzewski
- Closes #10896
-
-- configure: don't set HAVE_WRITABLE_ARGV on Windows
-
- Ref: #10888
- Closes #10896
-
-- vtls: fix build error when proxy-disabled
-
- Closes #10901
-
-Stefan Eissing (6 Apr 2023)
-
-- tests: increase sws timeout for more robust testing
-
- - for https CONNECT forwarding, this was fixed at 5 seconds
- which led to spurious CI test failures
- - add --keepalive parameter to sws to control this
- - let httpserver use 30 seconds
-
- Closes #10898
-
-- http2: move HTTP/2 stream vars into local context
-
- - remove NGHTTP2 members of `struct HTTP`
- - add `void *h2_ctx` to `struct HTTP`
- - add `void *h3_ctx` to `struct HTTP`
- - separate h2/h3 pointers are needed for eyeballing
- - manage local stream_ctx in http implementations
-
- Closes #10877
-
-- proxy: http2 proxy tunnel implementation
-
- - currently only on debug build and when env variable
- CURL_PROXY_TUNNEL_H2 is present.
- - will ALPN negotiate with the proxy server and switch
- tunnel filter based on the protocol negotiated.
- - http/1.1 tunnel code moved into cf-h1-proxy.[ch]
- - http/2 tunnel code implemented in cf-h2-proxy.[ch]
- - tunnel start and ALPN set remains in http_proxy.c
- - moving all haproxy related code into cf-haproxy.[ch]
-
- VTLS changes
- - SSL filters rely solely on the "alpn" specification they
- are created with and no longer check conn->bits.tls_enable_alpn.
- - checks on which ALPN specification to use (or none at all) are
- done in vtls.c when creating the filter.
-
- Testing
- - added a nghttpx forward proxy to the pytest setup that
- speaks HTTP/2 and forwards all requests to the Apache httpd
- forward proxy server.
- - extending test coverage in test_10 cases
- - adding proxy tests for direct/tunnel h1/h2 use of basic auth.
- - adding test for http/1.1 and h2 proxy tunneling to pytest
-
- Closes #10780
-
-- vtls and h2 improvements
-
- - eliminate receive loop in vtls to fill buffer. This may
- lead to partial reads of data which is counter productive
- - let http2 instead loop smarter to process pending network
- data without transfer switches
-
- scorecard improvements
- - do not start caddy when only httpd is requested
- - allow curl -v to stderr file on --curl-verbose
-
- Closes #10891
-
-Daniel Stenberg (6 Apr 2023)
-
-- tests: 1078 1288 1297 use valid IPv4 addresses
-
- With the enhanced URL parser, these tests failed because of their bad
- IPv4 use.
-
-- urlapi: detect and error on illegal IPv4 addresses
-
- Using bad numbers in an IPv4 numerical address now returns
- CURLUE_BAD_HOSTNAME.
-
- I noticed while working on trurl and it was originally reported here:
- https://github.com/curl/trurl/issues/78
-
- Updated test 1560 accordingly.
-
- Closes #10894
-
-- RELEASE-NOTES: synced
-
-- urlapi: URL encoding for the URL missed the fragment
-
- Meaning that it would wrongly still store the fragment using spaces
- instead of %20 if allowing space while also asking for URL encoding.
-
- Discovered when playing with trurl.
-
- Added test to lib1560 to verify the fix.
-
- Closes #10887
-
-- rtsp: convert mallocs to dynbuf for RTP buffering
-
- Closes #10786
-
-- tool_writeout: add URL component variables
-
- Output specific components from the used URL. The following variables
- are added for this purpose:
-
- url.scheme, url.user, url.password, url.options, url.host, url.port,
- url.path, url.query, url.fragment, url.zoneid
-
- Add the following for outputting parts of the "effective URL":
-
- urle.scheme, urle.user, urle.password, urle.options, urle.host, urle.port,
- urle.path, urle.query, urle.fragment, urle.zoneid
-
- Added test 423 and 424 to verify.
-
- Closes #10853
-
-Stefan Eissing (4 Apr 2023)
-
-- tests/http: improved httpd detection
-
- - better error messages when not found/complete
- - handling of `--without-test-httpd`
-
- Reported-by: kwind on github
- Fixes #10879
- Closes #10883
-
-Daniel Stenberg (4 Apr 2023)
-
-- configure: make quiche require quiche_conn_send_ack_eliciting
-
- curl now requires quiche version >= 1.17.1 to be used and this function
- was added in this version and makes a convenient check.
-
- This requirement is because this is the lowest quiche version that
- supports peer-initiated key updates correctly.
-
- Closes #10886
-
-Dan Fandrich (1 Apr 2023)
-
-- unit tests: use the unit test infrastructure better
-
- Allow UNITTEST_STOP to return the error code, use the fail & abort
- macros to indicate test failure and return success instead of fail if
- the unit test can't test anything because of missing features at
- compile-time. A couple of tests could never fail because they were
- overriding the failure return code.
-
-- runtests: strip EOL on precheck output on Windows, too
-
- Precheck failures would show on two lines in the test summary output
- otherwise.
-
-- tests: move server config files under the pid dir
-
- These files are generated by the test servers and must therefore be
- found in the log directory to make them available to only those servers
- once multiple test runners are executing in parallel. They must also not
- be deleted with the log files, so they are stored in the pidfile
- directory.
-
- Ref: #10818
- Closes #10875
-
-- runtests: use the ssh key filenames from the sshhelp package
-
-- tests: move pidfiles and portfiles under the log directory
-
- This is to segregate all files written by a test process into a single
- root to allow for future parallel testing.
-
- Ref: #10818
- Closes #10874
-
-- runtests: minor code cleanups
-
-- runtests: call processexists() and pidfromfile()
-
- rather than duplicating the logic in several places.
-
-Viktor Szakats (31 Mar 2023)
-
-- cmake: do not add zlib headers for openssl
-
- Logic copied earlier from wolfSSL. wolfSSL requires zlib headers for its
- public headers. OpenSSL does not, so stop adding zlib headers for it.
-
- Follow-up to 1e3319a167d2f32d295603167486e9e88af9bb4e
-
- Closes #10878
-
-Stefan Eissing (31 Mar 2023)
-
-- rustls: fix error in recv handling
-
- - when rustls is told to recieve more TLS data and its internal
- plaintext buffers are full, it returns an IOERROR
- - avoid receiving TLS data while plaintext is not read empty
-
- pytest:
- - increase curl run timeout when invoking pytest with higher verbosity
-
- Closes #10876
-
-- http3: improvements across backends
-
- - ngtcp2: using bufq for recv stream data
- - internal stream_ctx instead of `struct HTTP` members
- for quiche, ngtcp2 and msh3
- - no more QUIC related members in `struct HTTP`
- - experimental use of recvmmsg(), disabled by default
- - testing on my old debian box shows no throughput improvements.
- - leaving it in, but disabled, for future revisit
- - vquic: common UDP receive code for ngtcp2 and quiche
- - vquic: common UDP send code for ngtcp2 and quiche
- - added pytest skips for known msh3 failures
- - fix unit2601 to survive torture testing
- - quiche: using latest `master` from quiche and enabling large download
- tests, now that key change is supported
- - fixing test_07_21 where retry handling of starting a stream
- was faulty
- - msh3: use bufq for recv buffering headers and data
- - msh3: replace fprintf debug logging with LOG_CF where possible
- - msh3: force QUIC expire timers on recv/send to have more than
- 1 request per second served
-
- Closes #10772
-
-Dan Fandrich (30 Mar 2023)
-
-- test1471/2: add http as a required feature
-
- curl bails out early with a different error message if http support is
- compiled out.
-
- Ref: #10705
-
-- tests: limit return code of unit tests and lib tests
-
- Values greater than 125 have special meanings, so cap it there. Unit
- tests and lib tests use the number of failures as the return code, so a
- large number of failures (such as test 2601 as a torture test) can
- exceed this causing the test to be erroneously reported as having
- failed.
-
- Ref: #10720
-
-- test1960: point to the correct path for the precheck tool
-
- Otherwise, it might find the binary in .libs which can cause it to use
- the system libcurl which can fail. This error is only visible by
- noticing that the test is skipped.
-
- Follow-up to e4dfe6fc
-
- Ref: #10651
-
-- tests: use the proper %LOGDIR path on two tests
-
- Follow-up to e7a021e1
-
- Ref: #10818
-
-Daniel Stenberg (30 Mar 2023)
-
-- rtsp: fix Value stored to 'skip_size' is never read
-
- Pointed out by scan-build
-
- Follow-up to 6c6306f3008f2c9b20a64
-
- Closes #10872
-
-Stefan Eissing (30 Mar 2023)
-
-- tests/http: relax connection check in test_07_02
-
- Only 1 connection will be used when curl is slow, happens when
- address-sanitized in CI, for example
-
- Closes #10865
-
-- http2: flow control and buffer improvements
-
- - use bufq for send/receive of network data
- - usd bufq for send/receive of stream data
- - use HTTP/2 flow control with no-auto updates to control the
- amount of data we are buffering for a stream
- HTTP/2 stream window set to 128K after local tests, defined
- code constant for now
- - elminiating PAUSEing nghttp2 processing when receiving data
- since a stream can now take in all DATA nghttp2 forwards
-
- Improved scorecard and adjuste http2 stream window sizes
- - scorecard improved output formatting and options default
- - scorecard now also benchmarks small requests / second
-
- Closes #10771
-
-Dan Fandrich (30 Mar 2023)
-
-- runtests: show error message if file can't be written
-
-- tests: fix remaining servers to run with a dynamic log directory
-
- This final commit in the series is sufficient to allow the tests succeed
- if $LOGDIR is changed in runtests.pl.
-
- Ref: #10818
- Closes #10866
-
-- tests: fix fake_ntlm to run with a dynamic log directory
-
- Ref: #10818
-
-- tests: fix http servers to run with a dynamic log directory
-
- Ref: #10818
-
-- tests: fix ftpserver to run with a dynamic log directory
-
- Ref: #10818
-
-- tests: fix C servers to run with a dynamic log directory
-
- Ref: #10818
-
-- tests: fix lib tests to run with a dynamic log directory
-
- Ref: #10818
-
-- tests: fix unit tests to run with a dynamic log directory
-
- Ref: #10818
-
-- tests: use %LOGDIR to refer to the log directory
-
- This will allow it be set dynamically.
-
- Ref: #10818
-
-- runtests: track verification time even if no files to compare
-
-- getpart: better handle case of file not found
-
-- testcurl: bump version date
-
- It hadn't been updated in 9 years; it's time.
-
-- tests: switch to 3-argument open in test suite
-
- The perl 2-argument open has been considered not-quite-deprecated since
- the 3-argument form was introduced almost a quarter century ago.
-
-- tests: silence some Perl::Critic warnings in test suite
-
- Not all warnings are fixed; many are as much stylistic suggestions than
- anything and IMHO don't do much to actually improve the code.
-
- Ref: #10818
- Closes #10861
-
-- docs: bump the minimum perl version to 5.6
-
- It's actually been this way since at least 2012 (when a 3-argument open
- was added to runtests.pl). Given the lack of complaints in the interim,
- it's safe to call this 23 year old perl version the minimum.
-
-- runtests: memoize the getpart* subroutines to speed up access
-
- The refactored code calls these functions with the same arguments more
- often, so this prevents redundant test case file parsing.
-
- Approved-by: Daniel Stenberg
- Ref: #10818
- Closes #10833
-
-- runtests: remove duplicated feature variables
-
- Use the feature map stored in the hash table instead. Most of the
- variables were only used only once, to set the value in the hash table.
-
- Ref: #10818
-
-- runtests: also ignore test file problems when ignoring results
-
- This simplifies error handling in the test verification code and makes
- it more consistent.
-
- Ref: #10818
-
-- runtests: more refactoring for clarity
-
- Ref: #10818
-
-- runtests: don't start servers if -l is given
-
-- runtests: fix typos
-
-- runtests: refactor singletest() into separate functions
-
- This takes it from a 1200 line behemoth into something more manageable.
- The content and order of the functions is taken almost directly from
- singletest() so the diff sans whitespace is quite short.
-
- Ref: #10818
-
-- runtests: refactor singletest() into distinct sections
-
- Namely:
- - Verify that this test case should be run
- - Start the servers needed to run this test case
- - Check that test environment is fine to run this test case
- - Prepare the test environment to run this test case
- - Run the test command
- - Clean up after test command
- - Verify test succeeded
-
- Ref: #10818
-
-- runtests: stop copying a few arrays where not needed
-
- Unlike some other languages that just copy a pointer, perl copies the
- entire array contents which takes time for a large array.
-
- Ref: #10818
-
-- runtests: reduce redundant calls to getpart/getpartattr
-
- These functions scan through the entire test file every time to find the
- right section, so they can be slow for large test files.
-
- Ref: #10818
-
-- tests: document that the unittest keyword is special
-
- Also, add other features that were missing.
-
-Stefan Eissing (30 Mar 2023)
-
-- docs: add documentation for bufq
-
- Closes #10869
-
-Daniel Stenberg (30 Mar 2023)
-
-- RELEASE-NOTES: synced
-
-Matt Jolly (30 Mar 2023)
-
-- hostip: refuse to resolve the .onion TLD
-
- RFC 7686 states that:
-
- > Applications that do not implement the Tor
- > protocol SHOULD generate an error upon the use of .onion and
- > SHOULD NOT perform a DNS lookup.
-
- Let's do that.
-
- https://www.rfc-editor.org/rfc/rfc7686#section-2
-
- Add test 1471 and 1472 to verify
-
- Fixes #543
- Closes #10705
-
-Philip Heiduck (30 Mar 2023)
-
-- GHA: update ngtcp2-*.yml to v0.10.0
-
- Closes #10612
-
-Stefan Eissing (30 Mar 2023)
-
-- tests/http: fix log formatting on wrong exit code
-
- Closes #10868
-
-Daniel Stenberg (30 Mar 2023)
-
-- spellcheck.words: unify the AWS-LC spelling
-
- Follow-up to 34ef4fab22d93
-
- Closes #10867
-
-Jim King (30 Mar 2023)
-
-- openssl: interop with AWS-LC
-
- * Configure changes to detect AWS-LC
- * CMakeLists.txt changes to detect AWS-LC
- * Compile-time branches needed to support AWS-LC
- * Correctly set OSSL_VERSION and report AWS-LC release number
- * GitHub Actions script to build with autoconf and cmake against AWS-LC
-
- AWS-LC is a BoringSSL/OpenSSL derivative
- For more information see https://github.com/awslabs/aws-lc/
-
- Closes #10320
-
-Viktor Szakats (30 Mar 2023)
-
-- cmake: picky-linker fixes for openssl, ZLIB, H3 and more
-
- - fix HTTP/3 support detection with OpenSSL/quictls built with ZLIB.
- (Requires curl be built with ZLIB option also.)
-
- - fix HTTP/3 support detection with OpenSSL/quictls/LibreSSL and `ld`
- linker on Windows.
-
- - fix HTTP/3 support detection with wolfSSL to automatically add
- `ws2_32` to the lib list on Windows. For all linkers.
-
- - reposition ZLIB (and other compression) detection _after_ TLS
- detection, but before calling HTTP/3-support detection via
- `CheckQuicSupportInOpenSSL`.
-
- May be a regression from ebef55a61df0094b9790710a42f63c48e7de3c13
- May fix #10832 (Reported-by: Micah Snyder)
-
- This also seems to fix an odd case, where OpenSSL/quictls is correctly
- detected, but its header path is not set while compiling, breaking
- build at `src/curl_ntlm_core.c`. Reason for this remains undiscovered.
-
- - satisfy "picky" linkers such as `ld` with MinGW, that are highly
- sensitive to lib order, by also adding brotli to the beginning of the
- lib list.
-
- - satisfy "picky" linkers by adding certain Windows systems libs to
- the lib list for OpenSSL/LibreSSL. (Might need additional ones for
- other forks, such as `pthread` for BoringSSL.)
-
- Note: It'd make sense to _always_ add `ws2_32`, `crypt32` (except
- Windows App targets perhaps?), `bcrypt` (except old-mingw!) on Windows
- at this point. They are almost always required, and if some aren't,
- they are ignored by the linker with no effect on final binaries.
-
- Closes #10857
-
-Stefan Eissing (30 Mar 2023)
-
-- vlts: use full buffer size when receiving data if possible
-
- SSL backends like OpenSSL/wolfSSL and other return the content of one
- TLS record on read, but usually there are more available.
-
- Change the vtls cfilter recv() function to fill the given buffer until a
- read would block.
-
- Closes #10736
-
-dengjfzh on github (30 Mar 2023)
-
-- rtsp: skip malformed RTSP interleaved frame data
-
- Some IP cameras send malformed RTSP interleaved frames sometimes, which
- can cause curl_easy_perform return 1 (CURLE_UNSUPPORTED_PROTOCOL). This
- change attempts to skip clearly incorrect RTSP interleaving frame data.
-
- Closes #10808
-
-Stefan Eissing (30 Mar 2023)
-
-- lib: add `bufq` and `dynhds`
-
- Adding `bufq`:
- - at init() time configured to hold up to `n` chunks of `m` bytes each.
- - various methods for reading from and writing to it.
- - `peek` support to get access to buffered data without copy
- - `pass` support to allow buffer flushing on write if it becomes full
- - use case: IO buffers for dynamic reads and writes that do not blow up
- - distinct from `dynbuf` in that:
- - it maintains a read position
- - writes on a full bufq return CURLE_AGAIN instead of nuking itself
- - Init options:
- - SOFT_LIMIT: allow writes into a full bufq
- - NO_SPARES: free empty chunks right away
- - a `bufc_pool` that can keep a number of spare chunks to
- be shared between different `bufq` instances
-
- Adding `dynhds`:
- - a straightforward list of name+value pairs as used for HTTP headers
- - headers can be appended dynamically
- - headers can be removed again
- - headers can be replaced
- - headers can be looked up
- - http/1.1 formatting into a `dynbuf`
- - configured at init() with limits on header counts and total string
- sizes
- - use case: pass a HTTP request or response around without being version
- specific
- - express a HTTP request without a curl easy handle (used in h2 proxy
- tunnels)
- - future extension possibilities:
- - conversions of `dynhds` to nghttp2/nghttp3 name+value arrays
-
- Closes #10720
-
-- pytest: improvements for suitable curl and error output
-
- - will check built curl for http and https support and
- skip all tests if not there
- - will dump stdout/stderr/trace output on errored responses
-
- Closes #10829
-
-Daniel Stenberg (29 Mar 2023)
-
-- lib: use correct printf flags for sockets and timediffs
-
- Introduces CURL_FORMAT_SOCKET_T for outputting socket numbers.
-
- Fixes #10737
- Reported-by: Gisle Vanem
- Closes #10855
-
-- telnet: make MSVC ignore warning for assignment within conditional
-
- Follow-up to d92a5007b60e0af7d
-
- Closes #10859
-
-- ws: handle reads before EAGAIN better
-
- Reported-by: simplerobot on github
- Fixes #10831
- Closes #10856
-
-- test1592: add flaky keyword
-
- Closes #10860
-
-Frank Gevaerts (28 Mar 2023)
-
-- lib/sha256.c: typo fix in comment (duplicated "is available")
-
- Closes #10851
-
-Arne Soete (28 Mar 2023)
-
-- tests: update tests/httpd references to tests/http
-
- tests/httpd was renamed to tests/http in #10654. This patch updates some
- references in the README
-
- Closes #10854
-
-Kamil Dudka (28 Mar 2023)
-
-- telnet: simplify the implementation of str_is_nonascii()
-
- There is no need to traverse the string twice.
-
- Closes #10852
-
-Frank Gevaerts (28 Mar 2023)
-
-- curl_easy_getinfo.3: typo fix (duplicated "from the")
-
- Closes #10850
-
-Philip Heiduck (28 Mar 2023)
-
-- wolfssl.yml: bump to version 5.6.0
-
- Closes #10843
-
-Daniel Stenberg (28 Mar 2023)
-
-- RELEASE-NOTES: synced
-
-Ronan Pigott (28 Mar 2023)
-
-- docs/cmdline-opts: document the dotless config path
-
- The real xdg config path is $XDG_CONFIG_HOME/curlrc, without the dot.
- The dotless name seems preferable, so let's match the documentation to
- the behavior.
-
- Closes #10849
-
-Daniel Stenberg (28 Mar 2023)
-
-- HTTP-COOKIES.md: mention the #HttpOnly_ prefix
-
- Fixes #10847
- Reported-by: Harry Sintonen
- Closes #10848
-
-- dynbuf: never allocate larger than "toobig"
-
- As dynbufs always have a fixed maximum size which they are not allowed
- to grow larger than, making sure that it never allocates a larger buffer
- makes sure the buffer does not allocate memory that will never be used.
-
- Closes #10845
-
-- ftplistparser: replace realloc with dynbuf
-
- Closes #10844
-
-- ftplistparser: use ISDIGIT()
-
- Closes #10844
-
-- ftplistparser: move out private data from public struct
-
- The public 'curl_fileinfo' struct contained three fields that are for
- internal purposes only. This change makes them unused in the public
- struct.
-
- The new private struct fields are also renamed to make this separation
- more obvious internally.
-
- Closes #10844
-
-- openssl: fix indents - white space edits only
-
- Closes #10840
-
-- url: remove call to Curl_llist_destroy in Curl_close
-
- A list that is created with a NULL "destructor" does not need to be
- destroyed. Not calling it is faster than calling it.
-
- Closes #10846
-
-- multi: remove PENDING + MSGSENT handles from the main linked list
-
- As they are not driving transfers or any socket activity, the main loop
- does not need to iterate over these handles. A performance improvement.
-
- They are instead only held in their own separate lists.
-
- 'data->multi' is kept a pointer to the multi handle as long as the easy
- handle is actually part of it even when the handle is moved to the
- pending/msgsent lists. It needs to know which multi handle it belongs
- to, if for example curl_easy_cleanup() is called before the handle is
- removed from the multi handle.
-
- Alll 'data->multi' pointers of handles still part of the multi handle
- gets cleared by curl_multi_cleanup() which "orphans" all previously
- attached easy handles.
-
- This is take 2. The first version was reverted for the 8.0.1 release.
-
- Assisted-by: Stefan Eissing
- Closes #10801
-
-Stefan Eissing (26 Mar 2023)
-
-- tests/http: add timeout to running curl in test cases
-
- - we had a CI case once where `curl` seemingly did not
- return and it was hard to guess what happened.
- - make curl execution in test cases time out after 60 seconds
-
- Closes #10783
-
-Daniel Stenberg (26 Mar 2023)
-
-- RELEASE-PROCEDURE: update to new schedule
-
- Ref: https://curl.se/mail/lib-2023-03/0062.html
-
- Assisted-by: Andy Alt
- Assisted-by: Dan Frandrich
-
- Closes #10827
-
-Patrick Monnerat (26 Mar 2023)
-
-- doc: curl_mime_init() strong easy handle binding has been relaxed in 7.87.0
-
- Reported-by: Chloe Kudryavtsev
- Fixes #10834
- Closes #10835
-
-Jay Satiro (25 Mar 2023)
-
-- CURLOPT_WRITEFUNCTION.3: fix typo
-
- Reported-by: Osaila@users.noreply.github.com
-
- Fixes https://github.com/curl/curl/issues/10839
-
-Dan Fandrich (24 Mar 2023)
-
-- CI: skip some more builds when possible
-
- When a commit only contains tests, documentation, or cmake files, skip
- those builds that aren't affected by those.
-
- The file filters available on the CI services don't seem to allow
- skipping individual jobs, only the entire workflow, so we can't get any
- more fine-grained than this.
-
-- CI: add and adjust labeler match patterns
-
- Allow cmdline tool alongside other labels.
-
-Kai Pastor (25 Mar 2023)
-
-- CMake: make config version 8 compatible with 7
-
- Reviewed-by: Jakub Zakrzewski
- Closes #10819
-
-Daniel Stenberg (24 Mar 2023)
-
-- RELEASE-NOTES: synced
-
- Bumped version-in-progress to 8.1.0
-
-- GHA: add a memory-sanitizer job
-
- Closes #10815
-
-Dan Fandrich (23 Mar 2023)
-
-- CI: fix brew retries on GHA
-
- The fix in the previous commit was complete for Cirrus but accidentally
- left off a part for GHA.
-
- Follow-up to c2b7249d
-
-- CI: skip Azure for more commits which change only GHA
-
-Daniel Stenberg (23 Mar 2023)
-
-- cmake: set SONAME for SunOS too
-
- Provided-by: Brian Lund
-
- Closes #10816
-
-Stefan Eissing (23 Mar 2023)
-
-- ngtcp2: adjust config and code checks for ngtcp2 without nghttp3
-
- - make configure show on HTTP3 feature that both ngtcp2 and nghttp3
- are in play
- - define ENABLE_QUIC only when USE_NGTCP2 and USE_NGHTTP3 are defined
- - add USE_NGHTTP3 in the ngtcp2 implementation
-
- Fixes #10793
- Closes #10821
-
-Daniel Stenberg (23 Mar 2023)
-
-- data.d: emphasize no conversion
-
- When asking curl to send a POST, curl does not encode or change the data.
-
- Ref: #10820
- Closes #10823
-
-- server/getpart: clear the buffer before load
-
- Fixes msan warnings:
-
- ==54195==WARNING: MemorySanitizer: use-of-uninitialized-value
- #0 0x55ece35e57cb in line_length /home/runner/work/curl/curl/tests/server
- /getpart.c:111:25
- #1 0x55ece35e3b83 in readline /home/runner/work/curl/curl/tests/server/ge
- tpart.c:164:24
- #2 0x55ece35e0269 in getpart /home/runner/work/curl/curl/tests/server/get
- part.c:347:18
- #3 0x55ece36180b6 in parse_servercmd /home/runner/work/curl/curl/tests/se
- rver/sws.c:283:13
-
- Closes #10822
-
-- ntlm: clear lm and nt response buffers before use
-
- To avoid the risk of MemorySanitizer: use-of-uninitialized-value
-
- Closes #10814
-
-- digest: clear target buffer
-
- Closes #10814
-
-Douglas R. Reno (22 Mar 2023)
-
-- cmake: bring in the network library on Haiku.
-
- When cross-compiling for Haiku, the networking library needs to be
- brought in. Without this, an unknown type of "Error" is reported in
- lib/curl_setup_once.h.
-
- This is also needed when using CMake natively on Haiku to build libcurl.
-
- Fixes #10296
- Closes #10792
-
-Daniel Stenberg (22 Mar 2023)
-
-- runtests: die if curl version can be found
-
- Closes #10813
-
-Stefan Eissing (22 Mar 2023)
-
-- multi: add handle asserts in DEBUG builds
-
- For GOOD_EASY_HANDLE and GOOD_MULTI_HANDLE checks
-
- - allow NULL pointers to "just" return an error as before
- - fail hard on nun-NULL pointers that no longer show the MAGICs
-
- Closes #10812
-
-Jon Rumsey (22 Mar 2023)
-
-- gskit: various compile errors in OS400
-
- Various compile failures in gskit.c;
-
- - pipe_ssloverssl() needs Curl_easy data parameter for
- Curl_conn_cf_get_socket(cf, data)
- - key_passwd is in ssl_config, not conn_config
- - close_on() has 2 parameters, not 4
- - getsockopt() needs to call Curl_conn_cf_get_socket(), not
- cxn->sock[FIRSTSOCKET]
-
- Fixes #10799
- Closes #10800
-
-Daniel Stenberg (22 Mar 2023)
-
-- tool_operate: pass a long as CURLOPT_HEADEROPT argument
-
- Closes #10798
-
-- GHA: run all linux test jobs with valgrind
-
- Closes #10798
-
-- GHA-linux: add an address-sanitizer build
-
- Closes #10810
-
-Version 8.0.1 (20 Mar 2023)
-
-Daniel Stenberg (20 Mar 2023)
-
-- RELEASE-NOTES: synced
-
- curl 8.0.1
-
-- Revert "multi: remove PENDING + MSGSENT handles from the main linked list"
-
- This reverts commit f6d6f3ce01e377932f1ce7c24ee34d45a36950b8.
-
- The commits caused issues in the 8.0.0 release. Needs a retake.
-
- Reported-by: Kamil Dudka
- Closes #10795
-
-- include/curl/curlver.h: bump to 8.0.1
-
-Version 8.0.0 (20 Mar 2023)
-
-Daniel Stenberg (20 Mar 2023)
-
-- RELEASE-NOTES: synced
-
- The curl 8.0.0 release
-
-- THANKS: from the 8.0.0 release
-
-- scripts/delta: fix "ambiguous argument" when used in branches
-
-- SECURITY-PROCESS.md: Busy-loops are not security problems
-
- Closes #10790
-
-Stefan Eissing (17 Mar 2023)
-
-- tests/http: do not save files for downloads in scorecard testing
-
- Closes #10788
-
-Daniel Stenberg (17 Mar 2023)
-
-- cf-socket: use port 80 when resolving name for local bind
-
- It turns out c-ares returns an error when asked to resolve a host name with
- ares_getaddrinfo using port number 0.
-
- Reported as a c-ares bug here: https://github.com/c-ares/c-ares/issues/517
-
- The work-around is to simply use port 80 instead, as the number typically doe
- s
- not make a difference and a non-zero number works for c-ares.
-
- Fixes #10759
- Reported-by: Matt Jolly
- Closes #10789
-
-- curl.h: require gcc 12.1 for the deprecation magic
-
- Reported-by: kchow-FTNT on github
- Fixes #10726
- Closes #10784
-
-- Revert "rtsp: use dynbuf instead of custom reallocs"
-
- This reverts commit 1b9ea3239d22147e00d8 because of OSS-fuzz reports.
- I'll do another take after the pending release.
-
- Closes #10785
-
-- test422: verify --next used without a prior URL
-
- Closes #10782
-
-- tool_getparam: error if --next is used without a prior URL
-
- Reported-by: 積丹尼 Dan Jacobson
- Ref: https://github.com/curl/curl/pull/10769#discussion_r1137895629
-
- Closes #10782
-
-- libssh: use dynbuf instead of realloc
-
- When building lines to show for SFTP directory listings.
-
- Closes #10778
-
-- lib2305: deal with CURLE_AGAIN
-
- The test does a slightly ugly busy-loop for this case but should be
- managable due to it likely being a very short moment.
-
- Mention CURLE_AGAIN in curl_ws_recv.3
-
- Fixes #10760
- Reported-by: Jay Satiro
- Closes #10781
-
-- rtsp: use dynbuf instead of custom reallocs
-
- For the RTP buffering.
-
- Closes #10776
-
-- libssh2: remove unused variable from libssh2's struct
-
- Closes #10777
-
-- RELEASE-NOTES: synced
-
-- multi: remove PENDING + MSGSENT handles from the main linked list
-
- As they are not driving transfers or any socket activity, the main loop
- does not need to iterate over these handles. A performance improvement.
-
- They are instead only held in their own separate lists.
-
- Assisted-by: Stefan Eissing
- Ref: #10743
- Closes #10762
-
-- multi: turn link/unlinking easy handles into dedicated functions
-
-- http_aws_sigv4: fix scan-build "value stored to 'ret' is never read"
-
- Follow-up to 495d09810aa9a
-
- Closes #10766
-
-- lib: skip Curl_llist_destroy calls
-
- Linked lists themselves do not carry any allocations, so for the lists
- that do not have have a set destructor we can just skip the
- Curl_llist_destroy() call and save CPU time.
-
- Closes #10764
-
-- lib643: LIB644 is never defined, this is dead code
-
- Closes #10765
-
-- libtest/Makefile.inc: remove superfluous variables
-
- Rely on the defaults when possible.
-
- Closes #10765
-
-- tests/http: remove year ranges from copyrights
-
- Closes #10763
-
-Casey Bodley (14 Mar 2023)
-
-- aws_sigv4: fall back to UNSIGNED-PAYLOAD for sign_as_s3
-
- all s3 requests default to UNSIGNED-PAYLOAD and add the required
- x-amz-content-sha256 header. this allows CURLAUTH_AWS_SIGV4 to correctly
- sign s3 requests to amazon with no additional configuration
-
- Signed-off-by: Casey Bodley <cbodley@redhat.com>
-
- Closes #9995
-
-Viktor Szakats (14 Mar 2023)
-
-- wolfssl: add quic/ngtcp2 detection in cmake, and fix builds
-
- - add QUIC/ngtcp2 detection in CMake with wolfSSL.
-
- Because wolfSSL uses zlib if available, move compression detection
- before TLS detection. (OpenSSL might also need this in the future.)
-
- - wolfSSL 5.5.0 started using C99 types in its `quic.h` header, but it
- doesn't #include the necessary C99 header itself, breaking builds
- (unless another dependency pulled it by chance.) Add local workaround
- for it. For this to work with all build tools, we had to fix our
- header detection first. Ref: #10745
-
- Ref: https://github.com/curl/curl-for-win/commit/6ad5f6ecc15620c15625fc4434
- 76b3a1ecef4f3f
-
- Closes #10739
-
-Stefan Eissing (14 Mar 2023)
-
-- secure-transport: fix recv return code handling
-
- Return code handling of recv calls were not always correct when an error
- occured or the connection was closed.
-
- Closes #10717
-
-- http2: Use KEEP_SEND_HOLD for flow control in HTTP/2
-
- - use the defined, but so far not used, KEEP_SEND_HOLD bit for flow
- control based suspend of sending in transfers.
-
- Prior to this change KEEP_SEND_PAUSE bit was used instead, but that can
- interfere with pausing streams from the user side via curl_easy_pause.
-
- Fixes https://github.com/curl/curl/issues/10751
- Closes https://github.com/curl/curl/pull/10753
-
-Dan Fandrich (13 Mar 2023)
-
-- tests: fix control code that hid some text in runtests.1
-
-- tests: sync option lists in runtests.pl & its man page
-
-Daniel Stenberg (13 Mar 2023)
-
-- multi: make multi_perform ignore/unignore signals less often
-
- For improved performance
-
- Reported-by: Jerome St-Louis
- Ref: #10743
- Closes #10750
-
-Viktor Szakats (13 Mar 2023)
-
-- cmake: delete unused HAVE__STRTOI64
-
- Also delete obsolete surrounding comments.
-
- Reviewed-by: Daniel Stenberg
- Closes #10756
-
-- CI: fix copyright header
-
- Follow-up to 395b9175b7422d699fa93643973295c106cdf147
-
-Daniel Stenberg (13 Mar 2023)
-
-- RELEASE-PROCEDURE.md: update coming release dates
-
-Stefan Eissing (13 Mar 2023)
-
-- tests/http: add pytest to GHA and improve tests
-
- - added to: ngtcp2-quictls, ngtcp2-gnutls and the linux varians
- quiche, bearssl, libressl, mbedtls, openssl3, rustls
- - added disabled in ngtcp2-wolfssl due to weird SSL_connect() errors
- not reproducable locally
-
- Improvements on pytest:
-
- - handling of systems with nghttpx in $PATH
- - configure will seach $PATH got nghttpx used in pytest
- - pytest fixes for managing nghttpx without h3 support
- - ngtcp2-wolfssl: use a fully enabled wolfssl build
-
- - lower parallel count for http/1.1 tests, since we do not
- want to test excessive connections.
- - check built curl for HTTPS-proxy support in proxy tests
- - bearssl does not like one of our critical cert extensions, making
- it non-critical now
- - bearssl is too slow for test_12, skipping
- - making sure we do h3 tests only when curl and server support is there
-
- Closes #10699
-
-Marcel Raad (13 Mar 2023)
-
-- tool_operate: silence unused parameter warning
-
- `global` is only used in the `my_setopt` macro version without
- `CURL_DISABLE_LIBCURL_OPTION` since commit 4774decf10a.
-
- Closes https://github.com/curl/curl/pull/10752
-
-Viktor Szakats (13 Mar 2023)
-
-- build: fix stdint/inttypes detection with non-autotools
-
- Fix `stdint.h` and `inttypes.h` detection with non-autotools builds on
- Windows. (autotools already auto-detected them accurately.)
-
- `lib/config-win32.h` builds (e.g. `Makefile.mk`):
- - set `HAVE_STDINT_H` where supported.
- - set `HAVE_INTTYPES_H` for MinGW.
-
- CMake:
- - auto-detect them on Windows. (They were both force-disabled.)
- - delete unused `CURL_PULL_STDINT_H`.
- - delete unused `CURL_PULL_INTTYPES_H`.
- - stop detecting `HAVE_STDINT_H` twice.
- Present since the initial CMake commit: 4c5307b45655ba75ab066564afdc0c111a8
- b9291
-
- curl doesn't use these C99 headers, we need them now to workaround
- broken wolfSSL builds. Ref: #10739
-
- Once that clears up, we can delete these detections and macros (unless
- we want to keep them for future us.)
-
- Reviewed-by: Daniel Stenberg
- Closes #10745
-
-Daniel Stenberg (13 Mar 2023)
-
-- RELEASE-NOTES: synced
-
-- ftp: add more conditions for connection reuse
-
- Reported-by: Harry Sintonen
- Closes #10730
-
-Dan Fandrich (12 Mar 2023)
-
-- tests: make first.c the same for both lib tests and unit tests
-
- The only difference used to be global variable used in unittest tests.
- After cb7ed5a removed individual flag overrides for the unittests, first.c
- was no longer recompiled for unit tests to include the flag, so whether it
- worked or gave a link error depended on whether it was compiled in
- libtest or unittest first. This way also speeds up the build by
- eliminating 40 identical compile invocations.
-
- Fixes #10749
-
-- tests: use AM_CPPFILES to modify flags in unit tests
-
- Using CPPFLAGS sometimes caused odd compile issues when building tests
- with parallel make and AM_CPPFILES is the right flag, anyway.
-
- Follow-up to cb7ed5a
-
- Ref #10749
-
-Viktor Szakats (13 Mar 2023)
-
-- Makefile.mk: fix -g option in debug mode [ci skip]
-
- Add it to `CFLAGS` (was: `LDFLAGS`).
-
- Closes #10747
-
-Jay Satiro (12 Mar 2023)
-
-- tool: improve --stderr handling
-
- - freopen stderr with the user-specified file (--stderr file) instead of
- using a separate 'errors' stream.
-
- - In tool_setup.h override stdio.h's stderr macro as global variable
- tool_stderr.
-
- Both freopen and overriding the stderr macro are necessary because if
- the user-specified filename is "-" then stdout is assigned to
- tool_stderr and no freopen takes place. See the PR for more information.
-
- Ref: https://github.com/curl/curl/issues/10491
-
- Closes https://github.com/curl/curl/pull/10673
-
-Dan Fandrich (11 Mar 2023)
-
-- CI: don't run CI jobs if only another CI was changed
-
- Also skip builds on non-Windows platforms when only Windows build files
- have changed.
-
- This should reduce the number of useless builds and the associated
- waiting time and chance of spurious failures, freeing resources for
- new PRs.
-
- Closes #10742
-
-- http: don't send 100-continue for short PUT requests
-
- This is already how curl is documented to behave in Everything curl, but
- in actuality only short POSTs skip this. This should knock 30 seconds
- off a full run of the test suite since the 100-continue timeout will no
- longer be hit.
-
- Closes #10740
-
-- tests: add DELAY keyword to more tests using waits
-
-- tests: hack to build most unit tests under cmake
-
- These are only built when a libcurl static library is available, since
- we're not building a special libcurlu library yet and these tests rely
- on private symbols that aren't available in the shared library. A few
- unit tests do require libcurlu, so those are not built.
-
- Closes #10722
-
-- tests: fix MSVC unreachable code warnings in unit tests
-
- Switch unit1654 to use the proper test macros as well.
-
-- tests: make CPPFLAGS common to all unit tests
-
- There's no need to specify them individually.
-
-- tests: keep cmake unit tests names in sync
-
- Put only the test names into Makefile.inc so they can be used by both
- cmake and automake. This will prevent the list of tests from becoming
- out of date when they are also built under cmake.
-
-Viktor Szakats (11 Mar 2023)
-
-- src: silence wmain() warning for all build methods
-
- llvm/clang and gcc doesn't recognize the wmain() function in Unicode
- Windows builds:
-
- llvm/clang:
- ```
- ../../src/tool_main.c:239:5: warning: no previous prototype for function 'wma
- in' [-Wmissing-prototypes]
- int wmain(int argc, wchar_t *argv[])
- ^
- 1 warning generated.
- ```
-
- gcc:
- ```
- ../../src/tool_main.c:239:5: warning: no previous prototype for 'wmain' [-Wmi
- ssing-prototypes]
- 239 | int wmain(int argc, wchar_t *argv[])
- | ^~~~~
- ```
-
- Before this patch, we already silenced it with CMake. This patch moves
- the silencing to the source, so that it applies to all build tools.
-
- Bug: https://github.com/curl/curl/issues/7229#issuecomment-1464806651
-
- Reviewed-by: Marcel Raad
- Closes #10744
-
-Dan Fandrich (10 Mar 2023)
-
-- CI: fix retrying on brew failures
-
- The previous attempt didn't consider that the shell would exit
- immediately after the false statement in the retry case.
-
- Follow-up to dc141a37
-
-Stefan Eissing (10 Mar 2023)
-
-- http2: fix error handling during parallel operations
-
- RST and connection close were not handled correctly during parallel
- transfers, leading to aborted response bodies being reported complete.
-
- Closes #10715
-
-Daniel Stenberg (10 Mar 2023)
-
-- url: only reuse connections with same GSS delegation
-
- Reported-by: Harry Sintonen
- Closes #10731
-
-Viktor Szakats (10 Mar 2023)
-
-- lib: silence clang/gcc -Wvla warnings in brotli headers
-
- brotli v1.0.0 throughout current latest v1.0.9 and latest master [1]
- trigger this warning.
-
- It happened with CMake and GNU Make. autotools builds avoid it with
- the `convert -I options to -isystem` macro.
-
- llvm/clang:
- ```
- In file included from ./curl/lib/content_encoding.c:36:
- ./brotli/x64-ucrt/usr/include/brotli/decode.h:204:34: warning: variable lengt
- h array used [-Wvla]
- const uint8_t encoded_buffer[BROTLI_ARRAY_PARAM(encoded_size)],
- ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ./brotli/x64-ucrt/usr/include/brotli/port.h:253:34: note: expanded from macro
- 'BROTLI_ARRAY_PARAM'
- ^~~~~~
- In file included from ./curl/lib/content_encoding.c:36:
- ./brotli/x64-ucrt/usr/include/brotli/decode.h:206:48: warning: variable lengt
- h array used [-Wvla]
- uint8_t decoded_buffer[BROTLI_ARRAY_PARAM(*decoded_size)]);
- ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~
- ./brotli/x64-ucrt/usr/include/brotli/port.h:253:35: note: expanded from macro
- 'BROTLI_ARRAY_PARAM'
- ~^~~~~
- ```
-
- gcc:
- ```
- In file included from ./curl/lib/content_encoding.c:36:
- ./brotli/x64-ucrt/usr/include/brotli/decode.h:204:5: warning: ISO C90 forbids
- variable length array 'encoded_buffer' [-Wvla]
- 204 | const uint8_t encoded_buffer[BROTLI_ARRAY_PARAM(encoded_size)],
- | ^~~~~
- ./brotli/x64-ucrt/usr/include/brotli/decode.h:206:5: warning: ISO C90 forbids
- variable length array 'decoded_buffer' [-Wvla]
- 206 | uint8_t decoded_buffer[BROTLI_ARRAY_PARAM(*decoded_size)]);
- | ^~~~~~~
- ```
-
- [1] https://github.com/google/brotli/commit/ed1995b6bda19244070ab5d331111f16f
- 67c8054
-
- Reviewed-by: Daniel Stenberg
- Reviewed-by: Marcel Raad
- Closes #10738
-
-Daniel Stenberg (10 Mar 2023)
-
-- curl_path: create the new path with dynbuf
-
- Closes #10729
-
-- url: remove dummy protocol handler
-
- Just two added checks were needed saves a whole handler struct.
-
- Closes #10727
-
-Dan Fandrich (10 Mar 2023)
-
-- CI: retry a failed brew update too, not just brew install
-
- Also, make sure an eventual failure ends up returning a failure code so
- the job stops.
-
-Daniel Stenberg (10 Mar 2023)
-
-- url: fix the SSH connection reuse check
-
- Reported-by: Harry Sintonen
- Closes #10735
-
-- CURLOPT_PROXY.3: curl+NSS does not handle HTTPS over unix domain socket
-
- It results in error "NSS error -5985 (PR_ADDRESS_NOT_SUPPORTED_ERROR)"
-
- Disabled test 1470 for NSS builds and documented the restriction.
-
- Reported-by: Dan Fandrich
- Fixes #10723
- Closes #10734
-
-- CURLSHOPT_SHARE.3: HSTS sharing is not thread-safe
-
- Reported-by: Hiroki Kurosawa
- Closes #10732
-
-- telnet: only accept option arguments in ascii
-
- To avoid embedded telnet negotiation commands etc.
-
- Reported-by: Harry Sintonen
- Closes #10728
-
-- test1903: test use of COOKIEFILE - reset - COOKIEFILE
-
- This also tests for the memory leak bug fixed by parent commit b559ef6f.
-
- Ref: #10694
-
- Closes https://github.com/curl/curl/pull/10712
-
-Jay Satiro (10 Mar 2023)
-
-- url: fix cookielist memleak when curl_easy_reset
-
- - Free set.cookelist in Curl_freeset instead of Curl_close.
-
- Prior to this change the cookielist linked list wasn't freed by
- curl_easy_reset which calls Curl_freeset to free all set.
-
- Bug: https://github.com/curl/curl/issues/10694#issuecomment-1458619157
- Reported-by: Sergey Ryabinin
-
- Closes https://github.com/curl/curl/pull/10709
-
-Dan Fandrich (10 Mar 2023)
-
-- tests: fix some keywords and unused sections
-
-- tests: fix test1301 to call the right binary
-
- It was refactored in commit 480ac6e5 but this step was missed.
-
-- tests: add timeout, SLOWDOWN and DELAY keywords to tests
-
- These are tests that are testing timing and end up being quite slow.
-
-Daniel Stenberg (10 Mar 2023)
-
-- RELEASE-NOTES: synced
-
-Stefan Eissing (10 Mar 2023)
-
-- wolfSSL: ressurect the BIO `io_result`
-
- In pytest'ing the situation occored that wolfSSL reported an
- IO error when the underlying BIO operation was returning an
- CURLE_AGAIN condition.
-
- Readding the `io_result` filter context member to detect such
- situations.
-
- Also, making sure that the returned CURLcode is initialized
- on all recv operations outcome.
-
- Closes #10716
-
-- gssapi: align global `gss_OID_desc` vars to silence ld warnings on macOS vent
- ura
-
- Refs #9975 which first reported this.
-
- Closes #10718
-
-Daniel Stenberg (10 Mar 2023)
-
-- libssh2: only set the memory callbacks when debugging
-
- This makes us debug libssh2 less and libcurl more when for example
- running torture tests that otherwise will spend a lot of time in libssh2
- functions.
-
- We leave libssh2 to test libssh2.
-
- Closes #10721
-
-- docs/SECURITY-PROCESS.md: updates
-
- - allow Low+Medium issues to be managed through plain PRs
- - update the bug-bounty part to reflect current reality
-
- Closes #10719
-
-Dan Fandrich (9 Mar 2023)
-
-- tests: fix tag markup issues in some tests
-
-Marcel Raad (9 Mar 2023)
-
-- tests: add `cookies` features
-
- These tests don't work with `--disable-cookies`.
-
- Closes https://github.com/curl/curl/pull/10713
-
-- test420: add cookies keyword
-
- It fails with `--disable-cookies`.
-
- Closes https://github.com/curl/curl/pull/10713
-
-Dan Fandrich (8 Mar 2023)
-
-- CI: Add more labeler match patterns
-
- Also, add the CI, tests or libcurl API tags in conjunction with any
- others that might also apply.
-
-Andy Alt (9 Mar 2023)
-
-- GHA: minor improvements to spellcheck
-
- Closes #10640
-
-Daniel Stenberg (9 Mar 2023)
-
-- test1671: fix after fix
-
-- test421: -w %{header_json} test with multiple same header names
-
- To reproduce the issue in #10704
-
-- tool_writeout_json. fix the output for duplicate header names
-
- Header entries with index != 0 are handled at the index 0 level so they
- should then be skipped when iterated over.
-
- Reported-by: Boris Okunskiy
- Fixes #10704
- Closes #10707
-
-- headers: make curl_easy_header and nextheader return different buffers
-
- By letting curl_easy_header() and curl_easy_nextheader() store the
- header data in their own struct storage when they return a pointer to
- it, it makes it possible for applications to use them both in a loop.
- Like the curl tool does.
-
- Reported-by: Boris Okunskiy
- Fixes #10704
- Closes #10707
-
-rcombs (8 Mar 2023)
-
-- urlapi: take const args in _dup and _get functions
-
- Closes #10708
-
-- urlapi: avoid mutating internals in getter routine
-
- This was not intended.
-
- Closes #10708
-
-Daniel Stenberg (8 Mar 2023)
-
-- urlapi: '%' is illegal in host names
-
- Update test 1560 to verify
-
- Ref: #10708
- Closes #10711
-
-- ftp: make the 'ftpauth' a more normal 'char *'-array
-
- Closes #10703
-
-Evgeny Grin (Karlson2k) (8 Mar 2023)
-
-- doc: fix compiler warning in libcurl.m4
-
- Current test for curl_free() may produce warnings with strict compiler
- flags or even with default compiler flags with upcoming versions.
- These warning could turned into errors by -Werror or similar flags.
- Such warnings/errors are avoided by this patch.
-
- Closes #10710
-
-Viktor Szakats (8 Mar 2023)
-
-- misc: fix typos
-
- Closes #10706
-
-Stefan Eissing (7 Mar 2023)
-
-- ftp: active mode with SSL, add the damn filter
-
- - since 7.87.0 we lost adding the SSL filter for an active
- FTP connection that uses SSL. This leads to hangers and timeouts
- as reported in #10666.
-
- Reported-by: SandakovMM on github
- Fixes #10666
- Closes #10669
-
-Daniel Stenberg (7 Mar 2023)
-
-- docs: extend the URL API descriptions
-
- Closes #10701
-
-Stefan Eissing (7 Mar 2023)
-
-- url: fix logic in connection reuse to deny reuse on "unclean" connections
-
- - add parameter to `conn_is_alive()` cfilter method that returns
- if there is input data waiting on the connection
- - refrain from re-using connnection from the cache that have
- input pending
- - adapt http/2 and http/3 alive checks to digest pending input
- to check the connection state
- - remove check_cxn method from openssl as that was just doing
- what the socket filter now does.
- - add tests for connection reuse with special server configs
-
- Closes #10690
-
-Daniel Stenberg (6 Mar 2023)
-
-- x509asn1: use plain %x, not %lx, when the arg is an int
-
- Pointed out by Coverity.
-
- Closes #10689
-
-Stefan Eissing (6 Mar 2023)
-
-- http2: fix handling of RST and GOAWAY to recognize partial transfers
-
- - a reset transfer (HTTP/2 RST) did not always lead to the proper
- error message on receiving its response, leading to wrong reports
- of a successful transfer
- - test_05_02 was able to trigger this condition with increased transfer
- count. The simulated response errors did not carry a 'Content-Length'
- so only proper RST handling could detect the abort
- - When doing such transfers in parallel, a connection could enter the
- state where
- a) it had been closed (GOAWAY received)
- b) the RST had not been "seen" for the transfer yet
- or c) the GOAWAY announced an error and the last successful
- stream id was not checked against ongoing transfers
-
- Closes #10693
-
-- tests: use dynamic ports numbers in pytest suite
-
- - necessary ports are bound at start of test suite and then
- given to server fixtures for use.
- - this make parallel use of pytest (in separate directories),
- practically safe for use as OS tend to not reuse such port numbers
- for a while
-
- Closes #10692
-
-- connect: fix time_connect and time_appconnect timer statistics
-
- - time_connect was not updated when the overall connection failed,
- e.g. when SSL verification was unsuccessful, refs #10670
- - rework gather those values to interrogate involved filters,
- also from all eyeballing attempts, to report the maximum of
- those values.
- - added 3 test cases in test_06 to check reported values on
- successful, partially failed and totally failed connections.
-
- Reported-by: Master Inspire
- Fixes #10670
- Closes #10671
-
-Daniel Stenberg (6 Mar 2023)
-
-- test1905: update output cookie order
-
- After the #10685 update
-
-- test420: verify expiring cookies
-
- Cookies that are loaded fine from a jar but then are expired in headers.
-
-- cookie: don't load cookies again when flushing
-
- Reported-by: Sergio Mijatovic
- Fixes #10677
- Closes #10685
-
-- RELEASE-NOTES: synced
-
-Andy Alt (6 Mar 2023)
-
-- docs: note '--data-urlencode' option
-
- Closes #10687
-
-Daniel Stenberg (6 Mar 2023)
-
-- DEPRECATE: the original legacy mingw version 1
-
- Remove completely in September 2023
-
- Closes #10667
-
-Harry Sintonen (6 Mar 2023)
-
-- rand: use arc4random as fallback when available
-
- Normally curl uses cryptographically strong random provided by the
- selected SSL backend. If compiled without SSL support, a naive built-in
- function was used instead.
-
- Generally this was okay, but it will result in some downsides for non-
- SSL builds, such as predictable temporary file names.
-
- This change ensures that arc4random will be used instead, if available.
-
- Closes #10672
-
-Grisha Levit (6 Mar 2023)
-
-- tool: dump headers even if file is write-only
-
- The fixes in #10079 brought a (seemingly unrelated) change of open mode
- from `wb`/`ab` to `wb+`/`ab+` for the headerfile. This makes it no
- longer possible to write the header file to e.g. a pipe, like:
-
- curl -D >(grep ...) file:///dev/null
-
- Which presently results in `Warning: Failed to open /dev/fd/63`
-
- See #10079
- Closes #10675
diff --git a/libs/libcurl/docs/THANKS b/libs/libcurl/docs/THANKS index 08983c38a6..b8e754e4ac 100644 --- a/libs/libcurl/docs/THANKS +++ b/libs/libcurl/docs/THANKS @@ -338,6 +338,7 @@ Bjoern Sikora Bjorn Augustsson
Bjorn Reese
Björn Stenberg
+black-desk on github
Blaise Potard
Blake Burkhart
bnfp on github
@@ -404,6 +405,7 @@ Bylon2 on github Byrial Jensen
Caleb Raitto
Calvin Buckley
+calvin2021y on github
Cameron Blomquist
Cameron Cawley
Cameron Kaiser
@@ -490,6 +492,7 @@ civodul on github Claes Jakobsson
Clarence Gardner
Claudio Neves
+claudiusaiz on github
clbr on github
Clemens Gruber
Cliff Crosland
@@ -513,6 +516,7 @@ Colin Watson Colm Buckley
Colman Mbuya
Constantine Sapuntzakis
+consulion on github
coralw on github
correctmost on github
Cory Benfield
@@ -552,7 +556,6 @@ Dan Becker Dan Cristian
Dan Donahue
Dan Fandrich
-Dan Frandrich
Dan Johnson
Dan Kenigsberg
Dan Locks
@@ -770,6 +773,7 @@ Edin Kadribasic Edmond Yu
Edoardo Lolletti
Eduard Bloch
+Eduard Strehlau
Edward Kimmel
Edward Rudd
Edward Sheldrake
@@ -784,6 +788,7 @@ elelel on github elephoenix on github
Eli Schwartz
Elia Tufarolo
+Elliot Killick
Elliot Saba
Ellis Pritchard
Elmira A Semenova
@@ -814,6 +819,7 @@ Eric Lavigne Eric Lubin
Eric Melville
Eric Mertens
+Eric Murphy
Eric Musser
Eric Rautman
Eric Rescorla
@@ -1024,6 +1030,7 @@ h1zzz on github H3RSKO on github
Hagai Auro
Haibo Huang
+Hakan Sunay Halil
Hamish Mackenzie
hamstergene on github
Han Han
@@ -1153,6 +1160,7 @@ Jaime Fullaondo jakirkham on github
Jakob Hirsch
Jakub Bochenski
+Jakub Jelen
Jakub Wilk
Jakub Zakrzewski
James Atwill
@@ -1391,6 +1399,7 @@ Josh Kapell Josh McCullough
Josh Soref
joshhe on github
+Joshix-1 on github
Joshua Kwan
Joshua Root
Joshua Swink
@@ -1417,6 +1426,7 @@ Julian Z Julien Chaffraix
Julien Nabet
Julien Royer
+Juliusz Sosinowicz
Jun Tseng
Jun-ichiro itojun Hagino
Jun-ya Kato
@@ -1554,6 +1564,7 @@ Larry Lin Larry Stefani
Larry Stone
Lars Buitinck
+Lars Francke
Lars Gustafsson
Lars J. Aas
Lars Johannesen
@@ -1612,6 +1623,7 @@ Loganaden Velvindron Loic Dachary
Loren Kirkby
Lorenzo Miniero
+Loïc Yhuel
Luan Cestari
Luca Altea
Luca Boccassi
@@ -1764,6 +1776,7 @@ MasterInQuestion on github Mateusz Loskot
Mathew Benson
Mathias Axelsson
+Mathias Fuchs
Mathias Gumz
Mathieu Carbonneaux
Mathieu Legare
@@ -1806,6 +1819,7 @@ Max Mehl Max Peal
Max Savenkov
Max Zettlmeißl
+Maxim Dzhura
Maxim Ivanov
Maxim Perenesenko
Maxim Prohorov
@@ -1940,6 +1954,7 @@ Nach M. S. Nagai H
Nao Yonashiro
naost3rn on github
+Natanael Copa
Nate Prewitt
Nathan Coulter
Nathan Moinvaziri
@@ -2127,6 +2142,7 @@ Pawel A. Gajda Pawel Kierski
Paweł Kowalski
Paweł Wegner
+PBudmark on github
Pedro Henrique
Pedro Larroy
Pedro Monreal
@@ -2356,6 +2372,7 @@ Robert Olson Robert Prag
Robert Ronto
Robert Schumann
+Robert Simpson
Robert Weaver
Robert Wruck
Robin A. Meade
@@ -2422,6 +2439,7 @@ Ryuichi KAWAMATA rzrymiak on github
Rémy Léone
S. Moonesamy
+s0urc3_ on hackerone
Sai Ram Kunala
Salah-Eddin Shaban
Saleem Abdulrasool
@@ -2861,6 +2879,7 @@ vvb2060 on github Vyron Tsingaras
Vítor Galvão
W. Mark Kubacki
+w0x42 on hackerone
Waldek Kozba
Walter J. Mack
wangzhikun
@@ -2977,6 +2996,7 @@ zzq1015 on github ウさん
不确定
加藤郁之
+南宫雪珊
左潇峰
梦终无痕
積丹尼 Dan Jacobson
diff --git a/libs/libcurl/include/curl/curl.h b/libs/libcurl/include/curl/curl.h index 0432a2cdd7..05c90b7ce3 100644 --- a/libs/libcurl/include/curl/curl.h +++ b/libs/libcurl/include/curl/curl.h @@ -159,7 +159,7 @@ typedef enum { CURLSSLBACKEND_NONE = 0,
CURLSSLBACKEND_OPENSSL = 1,
CURLSSLBACKEND_GNUTLS = 2,
- CURLSSLBACKEND_NSS = 3,
+ CURLSSLBACKEND_NSS CURL_DEPRECATED(8.3.0, "") = 3,
CURLSSLBACKEND_OBSOLETE4 = 4, /* Was QSOSSL. */
CURLSSLBACKEND_GSKIT CURL_DEPRECATED(8.3.0, "") = 5,
CURLSSLBACKEND_POLARSSL CURL_DEPRECATED(7.69.0, "") = 6,
@@ -646,10 +646,10 @@ typedef enum { #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
the obsolete stuff removed! */
-/* Previously obsolete error code re-used in 7.38.0 */
+/* Previously obsolete error code reused in 7.38.0 */
#define CURLE_OBSOLETE16 CURLE_HTTP2
-/* Previously obsolete error codes re-used in 7.24.0 */
+/* Previously obsolete error codes reused in 7.24.0 */
#define CURLE_OBSOLETE10 CURLE_FTP_ACCEPT_FAILED
#define CURLE_OBSOLETE12 CURLE_FTP_ACCEPT_TIMEOUT
@@ -1358,7 +1358,7 @@ typedef enum { operation slower and is less friendly for the network. */
CURLOPT(CURLOPT_FRESH_CONNECT, CURLOPTTYPE_LONG, 74),
- /* Set to explicitly forbid the upcoming transfer's connection to be re-used
+ /* Set to explicitly forbid the upcoming transfer's connection to be reused
when done. Do not use this unless you're absolutely sure of this, as it
makes the operation slower and is less friendly for the network. */
CURLOPT(CURLOPT_FORBID_REUSE, CURLOPTTYPE_LONG, 75),
@@ -1652,7 +1652,7 @@ typedef enum { CURLOPT(CURLOPT_SOCKOPTFUNCTION, CURLOPTTYPE_FUNCTIONPOINT, 148),
CURLOPT(CURLOPT_SOCKOPTDATA, CURLOPTTYPE_CBPOINT, 149),
- /* set to 0 to disable session ID re-use for this transfer, default is
+ /* set to 0 to disable session ID reuse for this transfer, default is
enabled (== 1) */
CURLOPT(CURLOPT_SSL_SESSIONID_CACHE, CURLOPTTYPE_LONG, 150),
diff --git a/libs/libcurl/include/curl/curlver.h b/libs/libcurl/include/curl/curlver.h index ac9fd9673d..7d64b35c92 100644 --- a/libs/libcurl/include/curl/curlver.h +++ b/libs/libcurl/include/curl/curlver.h @@ -32,12 +32,12 @@ /* This is the version number of the libcurl package from which this header
file origins: */
-#define LIBCURL_VERSION "8.3.0"
+#define LIBCURL_VERSION "8.4.0"
/* The numeric version number is also available "in parts" by using these
defines: */
#define LIBCURL_VERSION_MAJOR 8
-#define LIBCURL_VERSION_MINOR 3
+#define LIBCURL_VERSION_MINOR 4
#define LIBCURL_VERSION_PATCH 0
/* This is the numeric version of the libcurl version number, meant for easier
@@ -59,7 +59,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it
and needs it to contain the full number.
*/
-#define LIBCURL_VERSION_NUM 0x080300
+#define LIBCURL_VERSION_NUM 0x080400
/*
* This is the date and time when the full source package was created. The
@@ -70,7 +70,7 @@ *
* "2007-11-23"
*/
-#define LIBCURL_TIMESTAMP "2023-09-13"
+#define LIBCURL_TIMESTAMP "2023-10-11"
#define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|(z))
#define CURL_AT_LEAST_VERSION(x,y,z) \
diff --git a/libs/libcurl/include/curl/multi.h b/libs/libcurl/include/curl/multi.h index caa948953c..9ea91ef7a1 100644 --- a/libs/libcurl/include/curl/multi.h +++ b/libs/libcurl/include/curl/multi.h @@ -426,6 +426,17 @@ CURL_EXTERN CURLMcode curl_multi_setopt(CURLM *multi_handle, CURL_EXTERN CURLMcode curl_multi_assign(CURLM *multi_handle,
curl_socket_t sockfd, void *sockp);
+/*
+ * Name: curl_multi_get_handles()
+ *
+ * Desc: Returns an allocated array holding all handles currently added to
+ * the multi handle. Marks the final entry with a NULL pointer. If
+ * there is no easy handle added to the multi handle, this function
+ * returns an array with the first entry as a NULL pointer.
+ *
+ * Returns: NULL on failure, otherwise a CURL **array pointer
+ */
+CURL_EXTERN CURL **curl_multi_get_handles(CURLM *multi_handle);
/*
* Name: curl_push_callback
diff --git a/libs/libcurl/src/CMakeLists.txt b/libs/libcurl/src/CMakeLists.txt index 0f6bce9759..283488e935 100644 --- a/libs/libcurl/src/CMakeLists.txt +++ b/libs/libcurl/src/CMakeLists.txt @@ -56,9 +56,9 @@ add_library( target_compile_definitions(curlu PUBLIC UNITTESTS CURL_STATICLIB)
if(ENABLE_CURLDEBUG)
- # We must compile memdebug.c separately to avoid memdebug.h redefinitions
- # being applied to memdebug.c itself.
- set_source_files_properties(memdebug.c PROPERTIES SKIP_UNITY_BUILD_INCLUSION ON)
+ # We must compile these sources separately to avoid memdebug.h redefinitions
+ # applying to them.
+ set_source_files_properties(memdebug.c curl_multibyte.c PROPERTIES SKIP_UNITY_BUILD_INCLUSION ON)
endif()
target_link_libraries(curlu PRIVATE ${CURL_LIBS})
@@ -85,19 +85,6 @@ else() unset(CMAKESONAME)
endif()
-if(NOT WIN32 AND NOT CMAKE_CROSSCOMPILING)
- # on not-Windows and not-crosscompiling, check for writable argv[]
- include(CheckCSourceRuns)
- check_c_source_runs("
-int main(int argc, char **argv)
-{
- (void)argc;
- argv[0][0] = ' ';
- return (argv[0][0] == ' ')?0:1;
-}"
- HAVE_WRITABLE_ARGV)
-endif()
-
## Library definition
# Add "_imp" as a suffix before the extension to avoid conflicting with
@@ -122,18 +109,23 @@ if(NOT DEFINED SHARE_LIB_OBJECT) endif()
endif()
+if(WIN32)
+ # Define CURL_STATICLIB always, to disable __declspec(dllexport) for exported
+ # libcurl symbols. We handle exports via libcurl.def instead. Except with
+ # symbol hiding disabled or debug mode enabled, when we export _all_ symbols
+ # from libcurl DLL, without using libcurl.def.
+ add_definitions("-DCURL_STATICLIB")
+endif()
+
if(SHARE_LIB_OBJECT)
set(LIB_OBJECT "libcurl_object")
add_library(${LIB_OBJECT} OBJECT ${HHEADERS} ${CSOURCES})
target_link_libraries(${LIB_OBJECT} PRIVATE ${CURL_LIBS})
set_target_properties(${LIB_OBJECT} PROPERTIES
- COMPILE_DEFINITIONS "BUILDING_LIBCURL"
- INTERFACE_COMPILE_DEFINITIONS "CURL_STATICLIB"
POSITION_INDEPENDENT_CODE ON)
if(HIDES_CURL_PRIVATE_SYMBOLS)
- set_target_properties(${LIB_OBJECT} PROPERTIES
- COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS"
- COMPILE_FLAGS "${CURL_CFLAG_SYMBOLS_HIDE}")
+ set_property(TARGET ${LIB_OBJECT} APPEND PROPERTY COMPILE_FLAGS "${CURL_CFLAG_SYMBOLS_HIDE}")
+ set_property(TARGET ${LIB_OBJECT} APPEND PROPERTY COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS")
endif()
if(CURL_HAS_LTO)
set_target_properties(${LIB_OBJECT} PROPERTIES
@@ -160,12 +152,10 @@ if(BUILD_STATIC_LIBS) set_target_properties(${LIB_STATIC} PROPERTIES
PREFIX "" OUTPUT_NAME "${LIBCURL_OUTPUT_NAME}"
SUFFIX "${STATIC_LIB_SUFFIX}${CMAKE_STATIC_LIBRARY_SUFFIX}"
- COMPILE_DEFINITIONS "BUILDING_LIBCURL"
INTERFACE_COMPILE_DEFINITIONS "CURL_STATICLIB")
if(HIDES_CURL_PRIVATE_SYMBOLS)
- set_target_properties(${LIB_STATIC} PROPERTIES
- COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS"
- COMPILE_FLAGS "${CURL_CFLAG_SYMBOLS_HIDE}")
+ set_property(TARGET ${LIB_STATIC} APPEND PROPERTY COMPILE_FLAGS "${CURL_CFLAG_SYMBOLS_HIDE}")
+ set_property(TARGET ${LIB_STATIC} APPEND PROPERTY COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS")
endif()
if(CURL_HAS_LTO)
set_target_properties(${LIB_STATIC} PROPERTIES
@@ -187,19 +177,20 @@ if(BUILD_SHARED_LIBS) add_library(${LIB_SHARED} SHARED ${LIB_SOURCE})
add_library(${PROJECT_NAME}::${LIB_SHARED} ALIAS ${LIB_SHARED})
if(WIN32)
- set_property(TARGET ${LIB_SHARED} APPEND PROPERTY SOURCES libcurl.rc ${CURL_SOURCE_DIR}/libcurl.def)
+ set_property(TARGET ${LIB_SHARED} APPEND PROPERTY SOURCES libcurl.rc)
+ if(HIDES_CURL_PRIVATE_SYMBOLS)
+ set_property(TARGET ${LIB_SHARED} APPEND PROPERTY SOURCES "${CURL_SOURCE_DIR}/libcurl.def")
+ endif()
endif()
target_link_libraries(${LIB_SHARED} PRIVATE ${CURL_LIBS})
# Remove the "lib" prefix since the library is already named "libcurl".
set_target_properties(${LIB_SHARED} PROPERTIES
PREFIX "" OUTPUT_NAME "${LIBCURL_OUTPUT_NAME}"
IMPORT_PREFIX "" IMPORT_SUFFIX "${IMPORT_LIB_SUFFIX}${CMAKE_IMPORT_LIBRARY_SUFFIX}"
- COMPILE_DEFINITIONS "BUILDING_LIBCURL"
POSITION_INDEPENDENT_CODE ON)
if(HIDES_CURL_PRIVATE_SYMBOLS)
- set_target_properties(${LIB_SHARED} PROPERTIES
- COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS"
- COMPILE_FLAGS "${CURL_CFLAG_SYMBOLS_HIDE}")
+ set_property(TARGET ${LIB_SHARED} APPEND PROPERTY COMPILE_FLAGS "${CURL_CFLAG_SYMBOLS_HIDE}")
+ set_property(TARGET ${LIB_SHARED} APPEND PROPERTY COMPILE_DEFINITIONS "CURL_HIDDEN_SYMBOLS")
endif()
if(CURL_HAS_LTO)
set_target_properties(${LIB_SHARED} PROPERTIES
diff --git a/libs/libcurl/src/Makefile.in b/libs/libcurl/src/Makefile.in index 32f1887592..4d75b419c9 100644 --- a/libs/libcurl/src/Makefile.in +++ b/libs/libcurl/src/Makefile.in @@ -224,8 +224,8 @@ am__libcurl_la_SOURCES_DIST = altsvc.c amigaos.c asyn-ares.c \ file.c fileinfo.c fopen.c formdata.c ftp.c ftplistparser.c \
getenv.c getinfo.c gopher.c hash.c headers.c hmac.c hostasyn.c \
hostip.c hostip4.c hostip6.c hostsyn.c hsts.c http.c http1.c \
- http2.c http_chunks.c http_digest.c http_negotiate.c \
- http_ntlm.c http_proxy.c http_aws_sigv4.c idn.c if2ip.c imap.c \
+ http2.c http_aws_sigv4.c http_chunks.c http_digest.c \
+ http_negotiate.c http_ntlm.c http_proxy.c idn.c if2ip.c imap.c \
inet_ntop.c inet_pton.c krb5.c ldap.c llist.c macos.c md4.c \
md5.c memdebug.c mime.c mprintf.c mqtt.c multi.c netrc.c \
nonblock.c noproxy.c openldap.c parsedate.c pingpong.c pop3.c \
@@ -258,11 +258,11 @@ am__libcurl_la_SOURCES_DIST = altsvc.c amigaos.c asyn-ares.c \ curl_setup.h curl_setup_once.h curl_sha256.h curl_sspi.h \
curl_threads.h curl_trc.h curlx.h dict.h doh.h dynbuf.h \
dynhds.h easy_lock.h easyif.h easyoptions.h escape.h file.h \
- fileinfo.h fopen.h formdata.h functypes.h ftp.h \
- ftplistparser.h getinfo.h gopher.h hash.h headers.h hostip.h \
- hsts.h http.h http1.h http2.h http_chunks.h http_digest.h \
- http_negotiate.h http_ntlm.h http_proxy.h http_aws_sigv4.h \
- idn.h if2ip.h imap.h inet_ntop.h inet_pton.h llist.h macos.h \
+ fileinfo.h fopen.h formdata.h ftp.h ftplistparser.h \
+ functypes.h getinfo.h gopher.h hash.h headers.h hostip.h \
+ hsts.h http.h http1.h http2.h http_aws_sigv4.h http_chunks.h \
+ http_digest.h http_negotiate.h http_ntlm.h http_proxy.h idn.h \
+ if2ip.h imap.h inet_ntop.h inet_pton.h llist.h macos.h \
memdebug.h mime.h mqtt.h multihandle.h multiif.h netrc.h \
nonblock.h noproxy.h parsedate.h pingpong.h pop3.h progress.h \
psl.h rand.h rename.h rtsp.h select.h sendf.h setopt.h \
@@ -307,9 +307,9 @@ am__objects_1 = libcurl_la-altsvc.lo libcurl_la-amigaos.lo \ libcurl_la-hostip4.lo libcurl_la-hostip6.lo \
libcurl_la-hostsyn.lo libcurl_la-hsts.lo libcurl_la-http.lo \
libcurl_la-http1.lo libcurl_la-http2.lo \
- libcurl_la-http_chunks.lo libcurl_la-http_digest.lo \
- libcurl_la-http_negotiate.lo libcurl_la-http_ntlm.lo \
- libcurl_la-http_proxy.lo libcurl_la-http_aws_sigv4.lo \
+ libcurl_la-http_aws_sigv4.lo libcurl_la-http_chunks.lo \
+ libcurl_la-http_digest.lo libcurl_la-http_negotiate.lo \
+ libcurl_la-http_ntlm.lo libcurl_la-http_proxy.lo \
libcurl_la-idn.lo libcurl_la-if2ip.lo libcurl_la-imap.lo \
libcurl_la-inet_ntop.lo libcurl_la-inet_pton.lo \
libcurl_la-krb5.lo libcurl_la-ldap.lo libcurl_la-llist.lo \
@@ -404,9 +404,9 @@ am__objects_11 = libcurlu_la-altsvc.lo libcurlu_la-amigaos.lo \ libcurlu_la-hostip4.lo libcurlu_la-hostip6.lo \
libcurlu_la-hostsyn.lo libcurlu_la-hsts.lo libcurlu_la-http.lo \
libcurlu_la-http1.lo libcurlu_la-http2.lo \
- libcurlu_la-http_chunks.lo libcurlu_la-http_digest.lo \
- libcurlu_la-http_negotiate.lo libcurlu_la-http_ntlm.lo \
- libcurlu_la-http_proxy.lo libcurlu_la-http_aws_sigv4.lo \
+ libcurlu_la-http_aws_sigv4.lo libcurlu_la-http_chunks.lo \
+ libcurlu_la-http_digest.lo libcurlu_la-http_negotiate.lo \
+ libcurlu_la-http_ntlm.lo libcurlu_la-http_proxy.lo \
libcurlu_la-idn.lo libcurlu_la-if2ip.lo libcurlu_la-imap.lo \
libcurlu_la-inet_ntop.lo libcurlu_la-inet_pton.lo \
libcurlu_la-krb5.lo libcurlu_la-ldap.lo libcurlu_la-llist.lo \
@@ -1270,12 +1270,12 @@ LIB_CFILES = \ http.c \
http1.c \
http2.c \
+ http_aws_sigv4.c \
http_chunks.c \
http_digest.c \
http_negotiate.c \
http_ntlm.c \
http_proxy.c \
- http_aws_sigv4.c \
idn.c \
if2ip.c \
imap.c \
@@ -1397,9 +1397,9 @@ LIB_HFILES = \ fileinfo.h \
fopen.h \
formdata.h \
- functypes.h \
ftp.h \
ftplistparser.h \
+ functypes.h \
getinfo.h \
gopher.h \
hash.h \
@@ -1409,12 +1409,12 @@ LIB_HFILES = \ http.h \
http1.h \
http2.h \
+ http_aws_sigv4.h \
http_chunks.h \
http_digest.h \
http_negotiate.h \
http_ntlm.h \
http_proxy.h \
- http_aws_sigv4.h \
idn.h \
if2ip.h \
imap.h \
@@ -2594,6 +2594,13 @@ libcurl_la-http2.lo: http2.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-http2.lo `test -f 'http2.c' || echo '$(srcdir)/'`http2.c
+libcurl_la-http_aws_sigv4.lo: http_aws_sigv4.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-http_aws_sigv4.lo -MD -MP -MF $(DEPDIR)/libcurl_la-http_aws_sigv4.Tpo -c -o libcurl_la-http_aws_sigv4.lo `test -f 'http_aws_sigv4.c' || echo '$(srcdir)/'`http_aws_sigv4.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-http_aws_sigv4.Tpo $(DEPDIR)/libcurl_la-http_aws_sigv4.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http_aws_sigv4.c' object='libcurl_la-http_aws_sigv4.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-http_aws_sigv4.lo `test -f 'http_aws_sigv4.c' || echo '$(srcdir)/'`http_aws_sigv4.c
+
libcurl_la-http_chunks.lo: http_chunks.c
@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-http_chunks.lo -MD -MP -MF $(DEPDIR)/libcurl_la-http_chunks.Tpo -c -o libcurl_la-http_chunks.lo `test -f 'http_chunks.c' || echo '$(srcdir)/'`http_chunks.c
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-http_chunks.Tpo $(DEPDIR)/libcurl_la-http_chunks.Plo
@@ -2629,13 +2636,6 @@ libcurl_la-http_proxy.lo: http_proxy.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-http_proxy.lo `test -f 'http_proxy.c' || echo '$(srcdir)/'`http_proxy.c
-libcurl_la-http_aws_sigv4.lo: http_aws_sigv4.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-http_aws_sigv4.lo -MD -MP -MF $(DEPDIR)/libcurl_la-http_aws_sigv4.Tpo -c -o libcurl_la-http_aws_sigv4.lo `test -f 'http_aws_sigv4.c' || echo '$(srcdir)/'`http_aws_sigv4.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-http_aws_sigv4.Tpo $(DEPDIR)/libcurl_la-http_aws_sigv4.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http_aws_sigv4.c' object='libcurl_la-http_aws_sigv4.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -c -o libcurl_la-http_aws_sigv4.lo `test -f 'http_aws_sigv4.c' || echo '$(srcdir)/'`http_aws_sigv4.c
-
libcurl_la-idn.lo: idn.c
@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurl_la_CPPFLAGS) $(CPPFLAGS) $(libcurl_la_CFLAGS) $(CFLAGS) -MT libcurl_la-idn.lo -MD -MP -MF $(DEPDIR)/libcurl_la-idn.Tpo -c -o libcurl_la-idn.lo `test -f 'idn.c' || echo '$(srcdir)/'`idn.c
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurl_la-idn.Tpo $(DEPDIR)/libcurl_la-idn.Plo
@@ -3742,6 +3742,13 @@ libcurlu_la-http2.lo: http2.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-http2.lo `test -f 'http2.c' || echo '$(srcdir)/'`http2.c
+libcurlu_la-http_aws_sigv4.lo: http_aws_sigv4.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-http_aws_sigv4.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-http_aws_sigv4.Tpo -c -o libcurlu_la-http_aws_sigv4.lo `test -f 'http_aws_sigv4.c' || echo '$(srcdir)/'`http_aws_sigv4.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-http_aws_sigv4.Tpo $(DEPDIR)/libcurlu_la-http_aws_sigv4.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http_aws_sigv4.c' object='libcurlu_la-http_aws_sigv4.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-http_aws_sigv4.lo `test -f 'http_aws_sigv4.c' || echo '$(srcdir)/'`http_aws_sigv4.c
+
libcurlu_la-http_chunks.lo: http_chunks.c
@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-http_chunks.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-http_chunks.Tpo -c -o libcurlu_la-http_chunks.lo `test -f 'http_chunks.c' || echo '$(srcdir)/'`http_chunks.c
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-http_chunks.Tpo $(DEPDIR)/libcurlu_la-http_chunks.Plo
@@ -3777,13 +3784,6 @@ libcurlu_la-http_proxy.lo: http_proxy.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-http_proxy.lo `test -f 'http_proxy.c' || echo '$(srcdir)/'`http_proxy.c
-libcurlu_la-http_aws_sigv4.lo: http_aws_sigv4.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-http_aws_sigv4.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-http_aws_sigv4.Tpo -c -o libcurlu_la-http_aws_sigv4.lo `test -f 'http_aws_sigv4.c' || echo '$(srcdir)/'`http_aws_sigv4.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-http_aws_sigv4.Tpo $(DEPDIR)/libcurlu_la-http_aws_sigv4.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='http_aws_sigv4.c' object='libcurlu_la-http_aws_sigv4.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -c -o libcurlu_la-http_aws_sigv4.lo `test -f 'http_aws_sigv4.c' || echo '$(srcdir)/'`http_aws_sigv4.c
-
libcurlu_la-idn.lo: idn.c
@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcurlu_la_CPPFLAGS) $(CPPFLAGS) $(libcurlu_la_CFLAGS) $(CFLAGS) -MT libcurlu_la-idn.lo -MD -MP -MF $(DEPDIR)/libcurlu_la-idn.Tpo -c -o libcurlu_la-idn.lo `test -f 'idn.c' || echo '$(srcdir)/'`idn.c
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libcurlu_la-idn.Tpo $(DEPDIR)/libcurlu_la-idn.Plo
diff --git a/libs/libcurl/src/Makefile.inc b/libs/libcurl/src/Makefile.inc index ee4ba45b4b..efaf2f50db 100644 --- a/libs/libcurl/src/Makefile.inc +++ b/libs/libcurl/src/Makefile.inc @@ -162,12 +162,12 @@ LIB_CFILES = \ http.c \
http1.c \
http2.c \
+ http_aws_sigv4.c \
http_chunks.c \
http_digest.c \
http_negotiate.c \
http_ntlm.c \
http_proxy.c \
- http_aws_sigv4.c \
idn.c \
if2ip.c \
imap.c \
@@ -289,9 +289,9 @@ LIB_HFILES = \ fileinfo.h \
fopen.h \
formdata.h \
- functypes.h \
ftp.h \
ftplistparser.h \
+ functypes.h \
getinfo.h \
gopher.h \
hash.h \
@@ -301,12 +301,12 @@ LIB_HFILES = \ http.h \
http1.h \
http2.h \
+ http_aws_sigv4.h \
http_chunks.h \
http_digest.h \
http_negotiate.h \
http_ntlm.h \
http_proxy.h \
- http_aws_sigv4.h \
idn.h \
if2ip.h \
imap.h \
diff --git a/libs/libcurl/src/base64.c b/libs/libcurl/src/base64.c index 5223b86c58..1244677cb0 100644 --- a/libs/libcurl/src/base64.c +++ b/libs/libcurl/src/base64.c @@ -31,7 +31,7 @@ !defined(CURL_DISABLE_SMTP) || \
!defined(CURL_DISABLE_POP3) || \
!defined(CURL_DISABLE_IMAP) || \
- !defined(CURL_DISABLE_DOH) || defined(USE_SSL)
+ !defined(CURL_DISABLE_DOH) || defined(USE_SSL) || defined(BUILDING_CURL)
#include "curl/curl.h"
#include "warnless.h"
#include "curl_base64.h"
diff --git a/libs/libcurl/src/bufq.c b/libs/libcurl/src/bufq.c index d851e63400..a8c6b73c75 100644 --- a/libs/libcurl/src/bufq.c +++ b/libs/libcurl/src/bufq.c @@ -144,21 +144,6 @@ static size_t chunk_skip(struct buf_chunk *chunk, size_t amount) return n;
}
-static void chunk_shift(struct buf_chunk *chunk)
-{
- if(chunk->r_offset) {
- if(!chunk_is_empty(chunk)) {
- size_t n = chunk->w_offset - chunk->r_offset;
- memmove(chunk->x.data, chunk->x.data + chunk->r_offset, n);
- chunk->w_offset -= chunk->r_offset;
- chunk->r_offset = 0;
- }
- else {
- chunk->r_offset = chunk->w_offset = 0;
- }
- }
-}
-
static void chunk_list_free(struct buf_chunk **anchor)
{
struct buf_chunk *chunk;
@@ -504,13 +489,6 @@ void Curl_bufq_skip(struct bufq *q, size_t amount) }
}
-void Curl_bufq_skip_and_shift(struct bufq *q, size_t amount)
-{
- Curl_bufq_skip(q, amount);
- if(q->tail)
- chunk_shift(q->tail);
-}
-
ssize_t Curl_bufq_pass(struct bufq *q, Curl_bufq_writer *writer,
void *writer_ctx, CURLcode *err)
{
diff --git a/libs/libcurl/src/bufq.h b/libs/libcurl/src/bufq.h index 8a6ea2b52f..bdde1137da 100644 --- a/libs/libcurl/src/bufq.h +++ b/libs/libcurl/src/bufq.h @@ -209,12 +209,6 @@ bool Curl_bufq_peek_at(struct bufq *q, size_t offset, */
void Curl_bufq_skip(struct bufq *q, size_t amount);
-/**
- * Same as `skip` but shift tail data to the start afterwards,
- * so that further writes will find room in tail.
- */
-void Curl_bufq_skip_and_shift(struct bufq *q, size_t amount);
-
typedef ssize_t Curl_bufq_writer(void *writer_ctx,
const unsigned char *buf, size_t len,
CURLcode *err);
diff --git a/libs/libcurl/src/c-hyper.c b/libs/libcurl/src/c-hyper.c index 6f3eb794f7..74adf4e44b 100644 --- a/libs/libcurl/src/c-hyper.c +++ b/libs/libcurl/src/c-hyper.c @@ -174,8 +174,6 @@ static int hyper_each_header(void *userdata, if(!data->state.hconnect || !data->set.suppress_connect_headers) {
writetype = CLIENTWRITE_HEADER;
- if(data->set.include_header)
- writetype |= CLIENTWRITE_BODY;
if(data->state.hconnect)
writetype |= CLIENTWRITE_CONNECT;
if(data->req.httpcode/100 == 1)
@@ -248,11 +246,7 @@ static int hyper_body_chunk(void *userdata, const hyper_buf *chunk) if(0 == len)
return HYPER_ITER_CONTINUE;
Curl_debug(data, CURLINFO_DATA_IN, buf, len);
- if(!data->set.http_ce_skip && k->writer_stack)
- /* content-encoded data */
- result = Curl_unencode_write(data, k->writer_stack, buf, len);
- else
- result = Curl_client_write(data, CLIENTWRITE_BODY, buf, len);
+ result = Curl_client_write(data, CLIENTWRITE_BODY, buf, len);
if(result) {
data->state.hresult = result;
@@ -260,7 +254,11 @@ static int hyper_body_chunk(void *userdata, const hyper_buf *chunk) }
data->req.bytecount += len;
- Curl_pgrsSetDownloadCounter(data, data->req.bytecount);
+ result = Curl_pgrsSetDownloadCounter(data, data->req.bytecount);
+ if(result) {
+ data->state.hresult = result;
+ return HYPER_ITER_BREAK;
+ }
return HYPER_ITER_CONTINUE;
}
@@ -314,8 +312,6 @@ static CURLcode status_line(struct Curl_easy *data, if(!data->state.hconnect || !data->set.suppress_connect_headers) {
writetype = CLIENTWRITE_HEADER|CLIENTWRITE_STATUS;
- if(data->set.include_header)
- writetype |= CLIENTWRITE_BODY;
result = Curl_client_write(data, writetype,
Curl_dyn_ptr(&data->state.headerb), len);
if(result)
diff --git a/libs/libcurl/src/cf-h1-proxy.c b/libs/libcurl/src/cf-h1-proxy.c index e2b5da42fd..bec2d1dea4 100644 --- a/libs/libcurl/src/cf-h1-proxy.c +++ b/libs/libcurl/src/cf-h1-proxy.c @@ -34,6 +34,7 @@ #include "dynbuf.h"
#include "sendf.h"
#include "http.h"
+#include "http1.h"
#include "http_proxy.h"
#include "url.h"
#include "select.h"
@@ -64,13 +65,10 @@ typedef enum { /* struct for HTTP CONNECT tunneling */
struct h1_tunnel_state {
- int sockindex;
- const char *hostname;
- int remote_port;
struct HTTP CONNECT;
struct dynbuf rcvbuf;
- struct dynbuf req;
- size_t nsend;
+ struct dynbuf request_data;
+ size_t nsent;
size_t headerlines;
enum keeponval {
KEEPON_DONE,
@@ -94,46 +92,31 @@ static bool tunnel_is_failed(struct h1_tunnel_state *ts) return ts && (ts->tunnel_state == H1_TUNNEL_FAILED);
}
-static CURLcode tunnel_reinit(struct h1_tunnel_state *ts,
- struct connectdata *conn,
- struct Curl_easy *data)
+static CURLcode tunnel_reinit(struct Curl_cfilter *cf,
+ struct Curl_easy *data,
+ struct h1_tunnel_state *ts)
{
(void)data;
+ (void)cf;
DEBUGASSERT(ts);
Curl_dyn_reset(&ts->rcvbuf);
- Curl_dyn_reset(&ts->req);
+ Curl_dyn_reset(&ts->request_data);
ts->tunnel_state = H1_TUNNEL_INIT;
ts->keepon = KEEPON_CONNECT;
ts->cl = 0;
ts->close_connection = FALSE;
-
- if(conn->bits.conn_to_host)
- ts->hostname = conn->conn_to_host.name;
- else if(ts->sockindex == SECONDARYSOCKET)
- ts->hostname = conn->secondaryhostname;
- else
- ts->hostname = conn->host.name;
-
- if(ts->sockindex == SECONDARYSOCKET)
- ts->remote_port = conn->secondary_port;
- else if(conn->bits.conn_to_port)
- ts->remote_port = conn->conn_to_port;
- else
- ts->remote_port = conn->remote_port;
-
return CURLE_OK;
}
-static CURLcode tunnel_init(struct h1_tunnel_state **pts,
+static CURLcode tunnel_init(struct Curl_cfilter *cf,
struct Curl_easy *data,
- struct connectdata *conn,
- int sockindex)
+ struct h1_tunnel_state **pts)
{
struct h1_tunnel_state *ts;
CURLcode result;
- if(conn->handler->flags & PROTOPT_NOTCPPROXY) {
- failf(data, "%s cannot be done over CONNECT", conn->handler->scheme);
+ if(cf->conn->handler->flags & PROTOPT_NOTCPPROXY) {
+ failf(data, "%s cannot be done over CONNECT", cf->conn->handler->scheme);
return CURLE_UNSUPPORTED_PROTOCOL;
}
@@ -146,15 +129,14 @@ static CURLcode tunnel_init(struct h1_tunnel_state **pts, if(!ts)
return CURLE_OUT_OF_MEMORY;
- ts->sockindex = sockindex;
infof(data, "allocate connect buffer");
Curl_dyn_init(&ts->rcvbuf, DYN_PROXY_CONNECT_HEADERS);
- Curl_dyn_init(&ts->req, DYN_HTTP_REQUEST);
+ Curl_dyn_init(&ts->request_data, DYN_HTTP_REQUEST);
*pts = ts;
- connkeep(conn, "HTTP proxy CONNECT");
- return tunnel_reinit(ts, conn, data);
+ connkeep(cf->conn, "HTTP proxy CONNECT");
+ return tunnel_reinit(cf, data, ts);
}
static void h1_tunnel_go_state(struct Curl_cfilter *cf,
@@ -176,7 +158,7 @@ static void h1_tunnel_go_state(struct Curl_cfilter *cf, switch(new_state) {
case H1_TUNNEL_INIT:
CURL_TRC_CF(data, cf, "new tunnel state 'init'");
- tunnel_reinit(ts, cf->conn, data);
+ tunnel_reinit(cf, data, ts);
break;
case H1_TUNNEL_CONNECT:
@@ -207,7 +189,7 @@ static void h1_tunnel_go_state(struct Curl_cfilter *cf, CURL_TRC_CF(data, cf, "new tunnel state 'failed'");
ts->tunnel_state = new_state;
Curl_dyn_reset(&ts->rcvbuf);
- Curl_dyn_reset(&ts->req);
+ Curl_dyn_reset(&ts->request_data);
/* restore the protocol pointer */
data->info.httpcode = 0; /* clear it as it might've been used for the
proxy */
@@ -229,171 +211,80 @@ static void tunnel_free(struct Curl_cfilter *cf, if(ts) {
h1_tunnel_go_state(cf, ts, H1_TUNNEL_FAILED, data);
Curl_dyn_free(&ts->rcvbuf);
- Curl_dyn_free(&ts->req);
+ Curl_dyn_free(&ts->request_data);
free(ts);
cf->ctx = NULL;
}
}
-static CURLcode CONNECT_host(struct Curl_easy *data,
- struct connectdata *conn,
- const char *hostname,
- int remote_port,
- char **connecthostp,
- char **hostp)
-{
- char *hostheader; /* for CONNECT */
- char *host = NULL; /* Host: */
- bool ipv6_ip = conn->bits.ipv6_ip;
-
- /* the hostname may be different */
- if(hostname != conn->host.name)
- ipv6_ip = (strchr(hostname, ':') != NULL);
- hostheader = /* host:port with IPv6 support */
- aprintf("%s%s%s:%d", ipv6_ip?"[":"", hostname, ipv6_ip?"]":"",
- remote_port);
- if(!hostheader)
- return CURLE_OUT_OF_MEMORY;
-
- if(!Curl_checkProxyheaders(data, conn, STRCONST("Host"))) {
- host = aprintf("Host: %s\r\n", hostheader);
- if(!host) {
- free(hostheader);
- return CURLE_OUT_OF_MEMORY;
- }
- }
- *connecthostp = hostheader;
- *hostp = host;
- return CURLE_OK;
-}
-
#ifndef USE_HYPER
static CURLcode start_CONNECT(struct Curl_cfilter *cf,
struct Curl_easy *data,
struct h1_tunnel_state *ts)
{
- struct connectdata *conn = cf->conn;
- char *hostheader = NULL;
- char *host = NULL;
- const char *httpv;
+ struct httpreq *req = NULL;
+ int http_minor;
CURLcode result;
- infof(data, "Establish HTTP proxy tunnel to %s:%d",
- ts->hostname, ts->remote_port);
-
/* This only happens if we've looped here due to authentication
reasons, and we don't really use the newly cloned URL here
then. Just free() it. */
Curl_safefree(data->req.newurl);
- result = CONNECT_host(data, conn,
- ts->hostname, ts->remote_port,
- &hostheader, &host);
- if(result)
- goto out;
-
- /* Setup the proxy-authorization header, if any */
- result = Curl_http_output_auth(data, conn, "CONNECT", HTTPREQ_GET,
- hostheader, TRUE);
- if(result)
- goto out;
-
- httpv = (conn->http_proxy.proxytype == CURLPROXY_HTTP_1_0) ? "1.0" : "1.1";
-
- result =
- Curl_dyn_addf(&ts->req,
- "CONNECT %s HTTP/%s\r\n"
- "%s" /* Host: */
- "%s", /* Proxy-Authorization */
- hostheader,
- httpv,
- host?host:"",
- data->state.aptr.proxyuserpwd?
- data->state.aptr.proxyuserpwd:"");
+ result = Curl_http_proxy_create_CONNECT(&req, cf, data, 1);
if(result)
goto out;
- if(!Curl_checkProxyheaders(data, conn, STRCONST("User-Agent"))
- && data->set.str[STRING_USERAGENT])
- result = Curl_dyn_addf(&ts->req, "User-Agent: %s\r\n",
- data->set.str[STRING_USERAGENT]);
- if(result)
- goto out;
-
- if(!Curl_checkProxyheaders(data, conn, STRCONST("Proxy-Connection")))
- result = Curl_dyn_addn(&ts->req,
- STRCONST("Proxy-Connection: Keep-Alive\r\n"));
- if(result)
- goto out;
-
- result = Curl_add_custom_headers(data, TRUE, &ts->req);
- if(result)
- goto out;
+ infof(data, "Establish HTTP proxy tunnel to %s", req->authority);
- /* CRLF terminate the request */
- result = Curl_dyn_addn(&ts->req, STRCONST("\r\n"));
- if(result)
- goto out;
-
- /* Send the connect request to the proxy */
- result = Curl_buffer_send(&ts->req, data, &ts->CONNECT,
- &data->info.request_size, 0,
- ts->sockindex);
+ Curl_dyn_reset(&ts->request_data);
+ ts->nsent = 0;
ts->headerlines = 0;
+ http_minor = (cf->conn->http_proxy.proxytype == CURLPROXY_HTTP_1_0) ? 0 : 1;
+
+ result = Curl_h1_req_write_head(req, http_minor, &ts->request_data);
out:
if(result)
failf(data, "Failed sending CONNECT to proxy");
- free(host);
- free(hostheader);
+ if(req)
+ Curl_http_req_free(req);
return result;
}
-static CURLcode send_CONNECT(struct Curl_easy *data,
- struct connectdata *conn,
+static CURLcode send_CONNECT(struct Curl_cfilter *cf,
+ struct Curl_easy *data,
struct h1_tunnel_state *ts,
bool *done)
{
- struct SingleRequest *k = &data->req;
- struct HTTP *http = &ts->CONNECT;
+ char *buf = Curl_dyn_ptr(&ts->request_data);
+ size_t request_len = Curl_dyn_len(&ts->request_data);
+ size_t blen = request_len;
CURLcode result = CURLE_OK;
+ ssize_t nwritten;
- if(http->sending != HTTPSEND_REQUEST)
- goto out;
+ if(blen <= ts->nsent)
+ goto out; /* we are done */
- if(!ts->nsend) {
- size_t fillcount;
- k->upload_fromhere = data->state.ulbuf;
- result = Curl_fillreadbuffer(data, data->set.upload_buffer_size,
- &fillcount);
- if(result)
- goto out;
- ts->nsend = fillcount;
- }
- if(ts->nsend) {
- ssize_t bytes_written;
- /* write to socket (send away data) */
- result = Curl_write(data,
- conn->writesockfd, /* socket to send to */
- k->upload_fromhere, /* buffer pointer */
- ts->nsend, /* buffer size */
- &bytes_written); /* actually sent */
- if(result)
- goto out;
- /* send to debug callback! */
- Curl_debug(data, CURLINFO_HEADER_OUT,
- k->upload_fromhere, bytes_written);
+ blen -= ts->nsent;
+ buf += ts->nsent;
- ts->nsend -= bytes_written;
- k->upload_fromhere += bytes_written;
+ nwritten = cf->next->cft->do_send(cf->next, data, buf, blen, &result);
+ if(nwritten < 0) {
+ if(result == CURLE_AGAIN) {
+ result = CURLE_OK;
+ }
+ goto out;
}
- if(!ts->nsend)
- http->sending = HTTPSEND_NADA;
+
+ DEBUGASSERT(blen >= (size_t)nwritten);
+ ts->nsent += (size_t)nwritten;
+ Curl_debug(data, CURLINFO_HEADER_OUT, buf, (size_t)nwritten);
out:
if(result)
failf(data, "Failed sending CONNECT to proxy");
- *done = (http->sending != HTTPSEND_REQUEST);
+ *done = (!result && (ts->nsent >= request_len));
return result;
}
@@ -491,7 +382,7 @@ static CURLcode recv_CONNECT_resp(struct Curl_cfilter *cf, error = SELECT_OK;
*done = FALSE;
- if(!Curl_conn_data_pending(data, ts->sockindex))
+ if(!Curl_conn_data_pending(data, cf->sockindex))
return CURLE_OK;
while(ts->keepon) {
@@ -579,7 +470,6 @@ static CURLcode recv_CONNECT_resp(struct Curl_cfilter *cf, if(!data->set.suppress_connect_headers) {
/* send the header to the callback */
int writetype = CLIENTWRITE_HEADER | CLIENTWRITE_CONNECT |
- (data->set.include_header ? CLIENTWRITE_BODY : 0) |
(ts->headerlines == 1 ? CLIENTWRITE_STATUS : 0);
result = Curl_client_write(data, writetype, linep, perline);
@@ -670,6 +560,41 @@ static CURLcode recv_CONNECT_resp(struct Curl_cfilter *cf, }
#else /* USE_HYPER */
+
+static CURLcode CONNECT_host(struct Curl_cfilter *cf,
+ struct Curl_easy *data,
+ char **pauthority,
+ char **phost_header)
+{
+ const char *hostname;
+ int port;
+ bool ipv6_ip;
+ CURLcode result;
+ char *authority; /* for CONNECT, the destination host + port */
+ char *host_header = NULL; /* Host: authority */
+
+ result = Curl_http_proxy_get_destination(cf, &hostname, &port, &ipv6_ip);
+ if(result)
+ return result;
+
+ authority = aprintf("%s%s%s:%d", ipv6_ip?"[":"", hostname, ipv6_ip?"]":"",
+ port);
+ if(!authority)
+ return CURLE_OUT_OF_MEMORY;
+
+ /* If user is not overriding the Host header later */
+ if(!Curl_checkProxyheaders(data, cf->conn, STRCONST("Host"))) {
+ host_header = aprintf("Host: %s\r\n", authority);
+ if(!host_header) {
+ free(authority);
+ return CURLE_OUT_OF_MEMORY;
+ }
+ }
+ *pauthority = authority;
+ *phost_header = host_header;
+ return CURLE_OK;
+}
+
/* The Hyper version of CONNECT */
static CURLcode start_CONNECT(struct Curl_cfilter *cf,
struct Curl_easy *data,
@@ -686,9 +611,10 @@ static CURLcode start_CONNECT(struct Curl_cfilter *cf, hyper_task *task = NULL; /* for the handshake */
hyper_clientconn *client = NULL;
hyper_task *sendtask = NULL; /* for the send */
- char *hostheader = NULL; /* for CONNECT */
- char *host = NULL; /* Host: */
+ char *authority = NULL; /* for CONNECT */
+ char *host_header = NULL; /* Host: */
CURLcode result = CURLE_OUT_OF_MEMORY;
+ (void)ts;
io = hyper_io_new();
if(!io) {
@@ -766,27 +692,25 @@ static CURLcode start_CONNECT(struct Curl_cfilter *cf, goto error;
}
- infof(data, "Establish HTTP proxy tunnel to %s:%d",
- ts->hostname, ts->remote_port);
-
/* This only happens if we've looped here due to authentication
reasons, and we don't really use the newly cloned URL here
then. Just free() it. */
Curl_safefree(data->req.newurl);
- result = CONNECT_host(data, conn, ts->hostname, ts->remote_port,
- &hostheader, &host);
+ result = CONNECT_host(cf, data, &authority, &host_header);
if(result)
goto error;
- if(hyper_request_set_uri(req, (uint8_t *)hostheader,
- strlen(hostheader))) {
+ infof(data, "Establish HTTP proxy tunnel to %s", authority);
+
+ if(hyper_request_set_uri(req, (uint8_t *)authority,
+ strlen(authority))) {
failf(data, "error setting path");
result = CURLE_OUT_OF_MEMORY;
goto error;
}
if(data->set.verbose) {
- char *se = aprintf("CONNECT %s HTTP/1.1\r\n", hostheader);
+ char *se = aprintf("CONNECT %s HTTP/1.1\r\n", authority);
if(!se) {
result = CURLE_OUT_OF_MEMORY;
goto error;
@@ -796,10 +720,10 @@ static CURLcode start_CONNECT(struct Curl_cfilter *cf, }
/* Setup the proxy-authorization header, if any */
result = Curl_http_output_auth(data, conn, "CONNECT", HTTPREQ_GET,
- hostheader, TRUE);
+ authority, TRUE);
if(result)
goto error;
- Curl_safefree(hostheader);
+ Curl_safefree(authority);
/* default is 1.1 */
if((conn->http_proxy.proxytype == CURLPROXY_HTTP_1_0) &&
@@ -816,11 +740,11 @@ static CURLcode start_CONNECT(struct Curl_cfilter *cf, result = CURLE_OUT_OF_MEMORY;
goto error;
}
- if(host) {
- result = Curl_hyper_header(data, headers, host);
+ if(host_header) {
+ result = Curl_hyper_header(data, headers, host_header);
if(result)
goto error;
- Curl_safefree(host);
+ Curl_safefree(host_header);
}
if(data->state.aptr.proxyuserpwd) {
@@ -874,8 +798,8 @@ static CURLcode start_CONNECT(struct Curl_cfilter *cf, client = NULL;
error:
- free(host);
- free(hostheader);
+ free(host_header);
+ free(authority);
if(io)
hyper_io_free(io);
if(options)
@@ -890,12 +814,13 @@ error: return result;
}
-static CURLcode send_CONNECT(struct Curl_easy *data,
- struct connectdata *conn,
+static CURLcode send_CONNECT(struct Curl_cfilter *cf,
+ struct Curl_easy *data,
struct h1_tunnel_state *ts,
bool *done)
{
struct hyptransfer *h = &data->hyp;
+ struct connectdata *conn = cf->conn;
hyper_task *task = NULL;
hyper_error *hypererr = NULL;
CURLcode result = CURLE_OK;
@@ -995,7 +920,7 @@ static CURLcode H1_CONNECT(struct Curl_cfilter *cf, case H1_TUNNEL_CONNECT:
/* see that the request is completely sent */
CURL_TRC_CF(data, cf, "CONNECT send");
- result = send_CONNECT(data, cf->conn, ts, &done);
+ result = send_CONNECT(cf, data, ts, &done);
if(result || !done)
goto out;
h1_tunnel_go_state(cf, ts, H1_TUNNEL_RECEIVE, data);
@@ -1090,7 +1015,7 @@ static CURLcode cf_h1_proxy_connect(struct Curl_cfilter *cf, *done = FALSE;
if(!ts) {
- result = tunnel_init(&ts, data, cf->conn, cf->sockindex);
+ result = tunnel_init(cf, data, &ts);
if(result)
return result;
cf->ctx = ts;
diff --git a/libs/libcurl/src/cf-h2-proxy.c b/libs/libcurl/src/cf-h2-proxy.c index c18e1e0cf7..aab4f4661b 100644 --- a/libs/libcurl/src/cf-h2-proxy.c +++ b/libs/libcurl/src/cf-h2-proxy.c @@ -84,7 +84,8 @@ static CURLcode tunnel_stream_init(struct Curl_cfilter *cf, {
const char *hostname;
int port;
- bool ipv6_ip = cf->conn->bits.ipv6_ip;
+ bool ipv6_ip;
+ CURLcode result;
ts->state = H2_TUNNEL_INIT;
ts->stream_id = -1;
@@ -92,22 +93,9 @@ static CURLcode tunnel_stream_init(struct Curl_cfilter *cf, BUFQ_OPT_SOFT_LIMIT);
Curl_bufq_init(&ts->sendbuf, PROXY_H2_CHUNK_SIZE, H2_TUNNEL_SEND_CHUNKS);
- if(cf->conn->bits.conn_to_host)
- hostname = cf->conn->conn_to_host.name;
- else if(cf->sockindex == SECONDARYSOCKET)
- hostname = cf->conn->secondaryhostname;
- else
- hostname = cf->conn->host.name;
-
- if(cf->sockindex == SECONDARYSOCKET)
- port = cf->conn->secondary_port;
- else if(cf->conn->bits.conn_to_port)
- port = cf->conn->conn_to_port;
- else
- port = cf->conn->remote_port;
-
- if(hostname != cf->conn->host.name)
- ipv6_ip = (strchr(hostname, ':') != NULL);
+ result = Curl_http_proxy_get_destination(cf, &hostname, &port, &ipv6_ip);
+ if(result)
+ return result;
ts->authority = /* host:port with IPv6 support */
aprintf("%s%s%s:%d", ipv6_ip?"[":"", hostname, ipv6_ip?"]":"", port);
@@ -233,7 +221,7 @@ static void drain_tunnel(struct Curl_cfilter *cf, bits = CURL_CSELECT_IN;
if(!tunnel->closed && !tunnel->reset && tunnel->upload_blocked_len)
bits |= CURL_CSELECT_OUT;
- if(data->state.dselect_bits != bits || 1) {
+ if(data->state.dselect_bits != bits) {
CURL_TRC_CF(data, cf, "[%d] DRAIN dselect_bits=%x",
tunnel->stream_id, bits);
data->state.dselect_bits = bits;
@@ -309,8 +297,9 @@ static int proxy_h2_on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame,
void *userp);
#ifndef CURL_DISABLE_VERBOSE_STRINGS
-static int on_frame_send(nghttp2_session *session, const nghttp2_frame *frame,
- void *userp);
+static int proxy_h2_on_frame_send(nghttp2_session *session,
+ const nghttp2_frame *frame,
+ void *userp);
#endif
static int proxy_h2_on_stream_close(nghttp2_session *session,
int32_t stream_id,
@@ -355,7 +344,8 @@ static CURLcode cf_h2_proxy_ctx_init(struct Curl_cfilter *cf, nghttp2_session_callbacks_set_on_frame_recv_callback(
cbs, proxy_h2_on_frame_recv);
#ifndef CURL_DISABLE_VERBOSE_STRINGS
- nghttp2_session_callbacks_set_on_frame_send_callback(cbs, on_frame_send);
+ nghttp2_session_callbacks_set_on_frame_send_callback(cbs,
+ proxy_h2_on_frame_send);
#endif
nghttp2_session_callbacks_set_on_data_chunk_recv_callback(
cbs, tunnel_recv_callback);
@@ -575,7 +565,8 @@ static ssize_t on_session_send(nghttp2_session *h2, }
#ifndef CURL_DISABLE_VERBOSE_STRINGS
-static int fr_print(const nghttp2_frame *frame, char *buffer, size_t blen)
+static int proxy_h2_fr_print(const nghttp2_frame *frame,
+ char *buffer, size_t blen)
{
switch(frame->hd.type) {
case NGHTTP2_DATA: {
@@ -646,8 +637,9 @@ static int fr_print(const nghttp2_frame *frame, char *buffer, size_t blen) }
}
-static int on_frame_send(nghttp2_session *session, const nghttp2_frame *frame,
- void *userp)
+static int proxy_h2_on_frame_send(nghttp2_session *session,
+ const nghttp2_frame *frame,
+ void *userp)
{
struct Curl_cfilter *cf = userp;
struct Curl_easy *data = CF_DATA_CURRENT(cf);
@@ -657,7 +649,7 @@ static int on_frame_send(nghttp2_session *session, const nghttp2_frame *frame, if(data && Curl_trc_cf_is_verbose(cf, data)) {
char buffer[256];
int len;
- len = fr_print(frame, buffer, sizeof(buffer)-1);
+ len = proxy_h2_fr_print(frame, buffer, sizeof(buffer)-1);
buffer[len] = 0;
CURL_TRC_CF(data, cf, "[%d] -> %s", frame->hd.stream_id, buffer);
}
@@ -680,7 +672,7 @@ static int proxy_h2_on_frame_recv(nghttp2_session *session, if(Curl_trc_cf_is_verbose(cf, data)) {
char buffer[256];
int len;
- len = fr_print(frame, buffer, sizeof(buffer)-1);
+ len = proxy_h2_fr_print(frame, buffer, sizeof(buffer)-1);
buffer[len] = 0;
CURL_TRC_CF(data, cf, "[%d] <- %s",frame->hd.stream_id, buffer);
}
@@ -980,38 +972,11 @@ static CURLcode submit_CONNECT(struct Curl_cfilter *cf, CURLcode result;
struct httpreq *req = NULL;
- infof(data, "Establish HTTP/2 proxy tunnel to %s", ts->authority);
-
- result = Curl_http_req_make(&req, "CONNECT", sizeof("CONNECT")-1,
- NULL, 0, ts->authority, strlen(ts->authority),
- NULL, 0);
+ result = Curl_http_proxy_create_CONNECT(&req, cf, data, 2);
if(result)
goto out;
- /* Setup the proxy-authorization header, if any */
- result = Curl_http_output_auth(data, cf->conn, req->method, HTTPREQ_GET,
- req->authority, TRUE);
- if(result)
- goto out;
-
- if(data->state.aptr.proxyuserpwd) {
- result = Curl_dynhds_h1_cadd_line(&req->headers,
- data->state.aptr.proxyuserpwd);
- if(result)
- goto out;
- }
-
- if(!Curl_checkProxyheaders(data, cf->conn, STRCONST("User-Agent"))
- && data->set.str[STRING_USERAGENT]) {
- result = Curl_dynhds_cadd(&req->headers, "User-Agent",
- data->set.str[STRING_USERAGENT]);
- if(result)
- goto out;
- }
-
- result = Curl_dynhds_add_custom(data, TRUE, &req->headers);
- if(result)
- goto out;
+ infof(data, "Establish HTTP/2 proxy tunnel to %s", req->authority);
result = proxy_h2_submit(&ts->stream_id, cf, data, ctx->h2, req,
NULL, ts, tunnel_send_callback, cf);
@@ -1058,7 +1023,7 @@ static CURLcode inspect_response(struct Curl_cfilter *cf, if(result)
return result;
if(data->req.newurl) {
- /* Inidicator that we should try again */
+ /* Indicator that we should try again */
Curl_safefree(data->req.newurl);
h2_tunnel_go_state(cf, ts, H2_TUNNEL_INIT, data);
return CURLE_OK;
@@ -1195,6 +1160,8 @@ static void cf_h2_proxy_close(struct Curl_cfilter *cf, struct Curl_easy *data) cf_h2_proxy_ctx_clear(ctx);
CF_DATA_RESTORE(cf, save);
}
+ if(cf->next)
+ cf->next->cft->do_close(cf->next, data);
}
static void cf_h2_proxy_destroy(struct Curl_cfilter *cf,
diff --git a/libs/libcurl/src/cf-socket.c b/libs/libcurl/src/cf-socket.c index 00fb06b2ff..d815752089 100644 --- a/libs/libcurl/src/cf-socket.c +++ b/libs/libcurl/src/cf-socket.c @@ -781,6 +781,8 @@ struct cf_socket_ctx { #ifdef DEBUGBUILD
int wblock_percent; /* percent of writes doing EAGAIN */
int wpartial_percent; /* percent of bytes written in send */
+ int rblock_percent; /* percent of reads doing EAGAIN */
+ size_t recv_max; /* max enforced read size */
#endif
BIT(got_first_byte); /* if first byte was received */
BIT(accepted); /* socket was accepted, not connected */
@@ -811,6 +813,18 @@ static void cf_socket_ctx_init(struct cf_socket_ctx *ctx, if(l >= 0 && l <= 100)
ctx->wpartial_percent = (int)l;
}
+ p = getenv("CURL_DBG_SOCK_RBLOCK");
+ if(p) {
+ long l = strtol(p, NULL, 10);
+ if(l >= 0 && l <= 100)
+ ctx->rblock_percent = (int)l;
+ }
+ p = getenv("CURL_DBG_SOCK_RMAX");
+ if(p) {
+ long l = strtol(p, NULL, 10);
+ if(l >= 0)
+ ctx->recv_max = (size_t)l;
+ }
}
#endif
}
@@ -1358,6 +1372,27 @@ static ssize_t cf_socket_recv(struct Curl_cfilter *cf, struct Curl_easy *data, fdsave = cf->conn->sock[cf->sockindex];
cf->conn->sock[cf->sockindex] = ctx->sock;
+#ifdef DEBUGBUILD
+ /* simulate network blocking/partial reads */
+ if(cf->cft != &Curl_cft_udp && ctx->rblock_percent > 0) {
+ unsigned char c;
+ Curl_rand(data, &c, 1);
+ if(c >= ((100-ctx->rblock_percent)*256/100)) {
+ CURL_TRC_CF(data, cf, "recv(len=%zu) SIMULATE EWOULDBLOCK", len);
+ *err = CURLE_AGAIN;
+ nread = -1;
+ cf->conn->sock[cf->sockindex] = fdsave;
+ return nread;
+ }
+ }
+ if(cf->cft != &Curl_cft_udp && ctx->recv_max && ctx->recv_max < len) {
+ size_t orig_len = len;
+ len = ctx->recv_max;
+ CURL_TRC_CF(data, cf, "recv(len=%zu) SIMULATE max read of %zu bytes",
+ orig_len, len);
+ }
+#endif
+
if(ctx->buffer_recv && !Curl_bufq_is_empty(&ctx->recvbuf)) {
CURL_TRC_CF(data, cf, "recv from buffer");
nread = Curl_bufq_read(&ctx->recvbuf, (unsigned char *)buf, len, err);
diff --git a/libs/libcurl/src/config-amigaos.h b/libs/libcurl/src/config-amigaos.h index 2d86531ffc..26bd2a6b5f 100644 --- a/libs/libcurl/src/config-amigaos.h +++ b/libs/libcurl/src/config-amigaos.h @@ -41,15 +41,12 @@ #define HAVE_NET_IF_H 1
#define HAVE_PWD_H 1
#define HAVE_SELECT 1
-#define HAVE_SETJMP_H 1
#define HAVE_SIGNAL 1
-#define HAVE_SIGNAL_H 1
#define HAVE_SOCKET 1
#define HAVE_STRCASECMP 1
#define HAVE_STRDUP 1
#define HAVE_STRICMP 1
#define HAVE_STRINGS_H 1
-#define HAVE_STRING_H 1
#define HAVE_STRUCT_TIMEVAL 1
#define HAVE_SYS_PARAM_H 1
#define HAVE_SYS_SOCKET_H 1
@@ -57,7 +54,6 @@ #define HAVE_SYS_STAT_H 1
#define HAVE_SYS_TIME_H 1
#define HAVE_SYS_TYPES_H 1
-#define HAVE_TIME_H 1
#define HAVE_UNISTD_H 1
#define HAVE_UTIME 1
#define HAVE_UTIME_H 1
@@ -96,7 +92,6 @@ #endif
#define STDC_HEADERS 1
-#define TIME_WITH_SYS_TIME 1
#define in_addr_t int
diff --git a/libs/libcurl/src/config-dos.h b/libs/libcurl/src/config-dos.h index 1313183f8c..92bb083e04 100644 --- a/libs/libcurl/src/config-dos.h +++ b/libs/libcurl/src/config-dos.h @@ -61,7 +61,6 @@ #define HAVE_RECV 1
#define HAVE_SELECT 1
#define HAVE_SEND 1
-#define HAVE_SETJMP_H 1
#define HAVE_SETLOCALE 1
#define HAVE_SETMODE 1
#define HAVE_SIGNAL 1
@@ -74,7 +73,6 @@ #define HAVE_SYS_SOCKET_H 1
#define HAVE_SYS_STAT_H 1
#define HAVE_SYS_TYPES_H 1
-#define HAVE_TIME_H 1
#define HAVE_UNISTD_H 1
#define NEED_MALLOC_H 1
@@ -84,7 +82,6 @@ #define SIZEOF_SIZE_T 4
#define SIZEOF_CURL_OFF_T 8
#define STDC_HEADERS 1
-#define TIME_WITH_SYS_TIME 1
/* Qualifiers for send() and recv() */
diff --git a/libs/libcurl/src/config-mac.h b/libs/libcurl/src/config-mac.h index bd457187db..ab07f74183 100644 --- a/libs/libcurl/src/config-mac.h +++ b/libs/libcurl/src/config-mac.h @@ -52,15 +52,10 @@ #define HAVE_GETTIMEOFDAY 1
#define HAVE_FCNTL_H 1
#define HAVE_SYS_STAT_H 1
-#define HAVE_STDLIB_H 1
-#define HAVE_TIME_H 1
#define HAVE_UTIME_H 1
#define HAVE_SYS_TIME_H 1
#define HAVE_SYS_UTIME_H 1
#define HAVE_SYS_IOCTL_H 1
-
-#define TIME_WITH_SYS_TIME 1
-
#define HAVE_ALARM 1
#define HAVE_FTRUNCATE 1
#define HAVE_UTIME 1
@@ -69,7 +64,6 @@ #define HAVE_STRUCT_TIMEVAL 1
#define HAVE_SIGACTION 1
-#define HAVE_SIGNAL_H 1
#ifdef MACOS_SSL_SUPPORT
# define USE_OPENSSL 1
diff --git a/libs/libcurl/src/config-os400.h b/libs/libcurl/src/config-os400.h index 35e95018a9..ff7b8afaa5 100644 --- a/libs/libcurl/src/config-os400.h +++ b/libs/libcurl/src/config-os400.h @@ -149,18 +149,12 @@ /* Define if you have the `signal' function. */
#undef HAVE_SIGNAL
-/* Define if you have the <signal.h> header file. */
-#define HAVE_SIGNAL_H
-
/* Define if you have the `socket' function. */
#define HAVE_SOCKET
/* Define if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
-/* Define if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H
-
/* The following define is needed on OS400 to enable strcmpi(), stricmp() and
strdup(). */
@@ -181,9 +175,6 @@ /* Define if you have the <strings.h> header file. */
#define HAVE_STRINGS_H
-/* Define if you have the <string.h> header file. */
-#define HAVE_STRING_H
-
/* Define if you have the <stropts.h> header file. */
#undef HAVE_STROPTS_H
@@ -226,9 +217,6 @@ /* Define if you have the <termio.h> header file. */
#undef HAVE_TERMIO_H
-/* Define if you have the <time.h> header file. */
-#define HAVE_TIME_H
-
/* Define if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H
@@ -259,9 +247,6 @@ /* Define if you have the ANSI C header files. */
#define STDC_HEADERS
-/* Define if you can safely include both <sys/time.h> and <time.h>. */
-#define TIME_WITH_SYS_TIME
-
/* Define to enable HTTP3 support (experimental, requires NGTCP2, QUICHE or
MSH3) */
#undef ENABLE_QUIC
diff --git a/libs/libcurl/src/config-plan9.h b/libs/libcurl/src/config-plan9.h index 79e8ccecbc..e667cbd378 100644 --- a/libs/libcurl/src/config-plan9.h +++ b/libs/libcurl/src/config-plan9.h @@ -108,22 +108,18 @@ #define HAVE_POLL_FINE 1
#define HAVE_POLL_H 1
#define HAVE_PTHREAD_H 1
-#define HAVE_SETJMP_H 1
#define HAVE_SETLOCALE 1
#define HAVE_SIGACTION 1
#define HAVE_SIGNAL 1
-#define HAVE_SIGNAL_H 1
#define HAVE_SIGSETJMP 1
#define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
#define HAVE_SOCKET 1
#define HAVE_SSL_GET_SHUTDOWN 1
#define HAVE_STDBOOL_H 1
#define HAVE_STDINT_H 1
-#define HAVE_STDLIB_H 1
#define HAVE_STRCASECMP 1
#define HAVE_STRDUP 1
-#define HAVE_STRING_H 1
#define HAVE_STRTOK_R 1
#define HAVE_STRTOLL 1
#define HAVE_STRUCT_TIMEVAL 1
@@ -136,15 +132,12 @@ #define HAVE_SYS_TYPES_H 1
#define HAVE_SYS_UN_H 1
#define HAVE_TERMIOS_H 1
-#define HAVE_TIME_H 1
#define HAVE_UNISTD_H 1
#define HAVE_UTIME 1
#define HAVE_UTIME_H 1
#define HAVE_POSIX_STRERROR_R 1
#define HAVE_STRERROR_R 1
-
-#define TIME_WITH_SYS_TIME 1
#define USE_MANUAL 1
#define __attribute__(x)
diff --git a/libs/libcurl/src/config-riscos.h b/libs/libcurl/src/config-riscos.h index fdd22e2723..cab2472e32 100644 --- a/libs/libcurl/src/config-riscos.h +++ b/libs/libcurl/src/config-riscos.h @@ -141,18 +141,12 @@ /* Define if you have the `signal' function. */
#define HAVE_SIGNAL
-/* Define if you have the <signal.h> header file. */
-#define HAVE_SIGNAL_H
-
/* Define if you have the `socket' function. */
#define HAVE_SOCKET
/* Define if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
-/* Define if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H
-
/* Define if you have the `strcasecmp' function. */
#undef HAVE_STRCASECMP
@@ -168,9 +162,6 @@ /* Define if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H
-/* Define if you have the <string.h> header file. */
-#define HAVE_STRING_H
-
/* Define if you have the `strtok_r' function. */
#undef HAVE_STRTOK_R
@@ -204,9 +195,6 @@ /* Define if you have the <termio.h> header file. */
#undef HAVE_TERMIO_H
-/* Define if you have the <time.h> header file. */
-#undef HAVE_TIME_H
-
/* Define if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H
@@ -225,9 +213,6 @@ /* Define if you have the ANSI C header files. */
#undef STDC_HEADERS
-/* Define if you can safely include both <sys/time.h> and <time.h>. */
-#undef TIME_WITH_SYS_TIME
-
/* Version number of package */
#undef VERSION
diff --git a/libs/libcurl/src/config-win32.h b/libs/libcurl/src/config-win32.h index afd54c5cc5..c7c22e6811 100644 --- a/libs/libcurl/src/config-win32.h +++ b/libs/libcurl/src/config-win32.h @@ -39,15 +39,13 @@ #define HAVE_FCNTL_H 1
/* Define to 1 if you have the <inttypes.h> header file. */
-#if defined(__MINGW32__) || \
- (defined(_MSC_VER) && (_MSC_VER >= 1800))
+#if (defined(_MSC_VER) && (_MSC_VER >= 1800)) || defined(__MINGW32__)
#define HAVE_INTTYPES_H 1
#endif
/* Define to 1 if you have the <stdint.h> header file. */
-#if defined(__MINGW32__) || defined(__POCC__) || \
- (defined(_MSC_VER) && (_MSC_VER >= 1600)) || \
- (defined(__BORLANDC__) && (__BORLANDC__ >= 0x0582))
+#if (defined(_MSC_VER) && (_MSC_VER >= 1600)) || defined(__MINGW32__) || \
+ (defined(__BORLANDC__) && (__BORLANDC__ >= 0x0582)) || defined(__POCC__)
#define HAVE_STDINT_H 1
#endif
@@ -68,18 +66,11 @@ /* Define if you have the <netinet/in.h> header file. */
/* #define HAVE_NETINET_IN_H 1 */
-/* Define if you have the <signal.h> header file. */
-#define HAVE_SIGNAL_H 1
-
/* Define to 1 if you have the <stdbool.h> header file. */
-#if (defined(_MSC_VER) && (_MSC_VER >= 1800)) || \
- defined(__MINGW64_VERSION_MAJOR)
+#if (defined(_MSC_VER) && (_MSC_VER >= 1800)) || defined(__MINGW32__)
#define HAVE_STDBOOL_H 1
#endif
-/* Define if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H 1
-
/* Define if you have the <sys/param.h> header file. */
/* #define HAVE_SYS_PARAM_H 1 */
@@ -112,9 +103,6 @@ /* Define if you have the <termios.h> header file. */
/* #define HAVE_TERMIOS_H 1 */
-/* Define if you have the <time.h> header file. */
-#define HAVE_TIME_H 1
-
/* Define if you have the <unistd.h> header file. */
#if defined(__MINGW32__) || defined(__LCC__) || defined(__POCC__)
#define HAVE_UNISTD_H 1
@@ -133,14 +121,8 @@ #define HAVE_WS2TCPIP_H 1
#endif
-/* Define to 1 if you have the <setjmp.h> header file. */
-#define HAVE_SETJMP_H 1
-
-/* Define to 1 if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
/* Define to 1 if you have the <libgen.h> header file. */
-#if defined(__MINGW64_VERSION_MAJOR)
+#if defined(__MINGW32__)
#define HAVE_LIBGEN_H 1
#endif
@@ -151,12 +133,8 @@ /* Define if you have the ANSI C header files. */
#define STDC_HEADERS 1
-/* Define if you can safely include both <sys/time.h> and <time.h>. */
-/* #define TIME_WITH_SYS_TIME 1 */
-
/* Define to 1 if bool is an available type. */
-#if (defined(_MSC_VER) && (_MSC_VER >= 1800)) || \
- defined(__MINGW64_VERSION_MAJOR)
+#if (defined(_MSC_VER) && (_MSC_VER >= 1800)) || defined(__MINGW32__)
#define HAVE_BOOL_T 1
#endif
@@ -168,7 +146,7 @@ #define HAVE_CLOSESOCKET 1
/* Define if you have the ftruncate function. */
-#if defined(__MINGW64_VERSION_MAJOR)
+#if defined(__MINGW32__)
#define HAVE_FTRUNCATE 1
#endif
@@ -202,12 +180,8 @@ /* Define if you have the socket function. */
#define HAVE_SOCKET 1
-/* Define if libSSH2 is in use */
-#define USE_LIBSSH2 1
-#define HAVE_LIBSSH2_H 1
-
/* Define if you have the strcasecmp function. */
-#ifdef __MINGW32__
+#if defined(__MINGW32__)
#define HAVE_STRCASECMP 1
#endif
@@ -280,12 +254,12 @@ #endif
/* Define to 1 if you have the `basename' function. */
-#if defined(__MINGW64_VERSION_MAJOR)
+#if defined(__MINGW32__)
#define HAVE_BASENAME 1
#endif
/* Define to 1 if you have the strtok_r function. */
-#if defined(__MINGW64_VERSION_MAJOR)
+#if defined(__MINGW32__)
#define HAVE_STRTOK_R 1
#endif
@@ -415,11 +389,9 @@ #define _CRT_NONSTDC_NO_DEPRECATE 1
#endif
-/* mingw-w64, mingw using >= MSVCR80, and visual studio >= 2005 (MSVCR80)
+/* mingw-w64 and visual studio >= 2005 (MSVCR80)
all default to 64-bit time_t unless _USE_32BIT_TIME_T is defined */
-#if defined(__MINGW64_VERSION_MAJOR) || \
- (defined(__MINGW32__) && (__MSVCRT_VERSION__ >= 0x0800)) || \
- (defined(_MSC_VER) && (_MSC_VER >= 1400))
+#if (defined(_MSC_VER) && (_MSC_VER >= 1400)) || defined(__MINGW32__)
# ifndef _USE_32BIT_TIME_T
# define SIZEOF_TIME_T 8
# else
@@ -568,14 +540,18 @@ Vista #endif
/* Number of bits in a file offset, on hosts where this is settable. */
-#if defined(USE_WIN32_LARGE_FILES) && defined(__MINGW64_VERSION_MAJOR)
+#if defined(USE_WIN32_LARGE_FILES) && defined(__MINGW32__)
# ifndef _FILE_OFFSET_BITS
# define _FILE_OFFSET_BITS 64
# endif
#endif
+#ifdef USE_WIN32_LARGE_FILES
+#define HAVE__FSEEKI64
+#endif
+
/* Define to the size of `off_t', as computed by sizeof. */
-#if defined(__MINGW64_VERSION_MAJOR) && \
+#if defined(__MINGW32__) && \
defined(_FILE_OFFSET_BITS) && (_FILE_OFFSET_BITS == 64)
# define SIZEOF_OFF_T 8
#else
@@ -624,9 +600,6 @@ Vista # define CURL_DISABLE_LDAP 1
#endif
-/* if SSL is enabled */
-#define USE_OPENSSL 1
-
/* Define to use the Windows crypto library. */
#if !defined(CURL_WINDOWS_APP)
#define USE_WIN32_CRYPTO
diff --git a/libs/libcurl/src/config-win32ce.h b/libs/libcurl/src/config-win32ce.h index 2b072d060f..6898be9575 100644 --- a/libs/libcurl/src/config-win32ce.h +++ b/libs/libcurl/src/config-win32ce.h @@ -50,12 +50,6 @@ /* Define if you have the <netinet/in.h> header file. */
/* #define HAVE_NETINET_IN_H 1 */
-/* Define if you have the <signal.h> header file. */
-#define HAVE_SIGNAL_H 1
-
-/* Define if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H 1
-
/* Define if you have the <sys/param.h> header file. */
/* #define HAVE_SYS_PARAM_H 1 */
@@ -86,9 +80,6 @@ /* Define if you have the <termios.h> header file. */
/* #define HAVE_TERMIOS_H 1 */
-/* Define if you have the <time.h> header file. */
-#define HAVE_TIME_H 1
-
/* Define if you have the <unistd.h> header file. */
#if defined(__MINGW32__) || defined(__LCC__)
#define HAVE_UNISTD_H 1
@@ -110,9 +101,6 @@ /* Define if you have the ANSI C header files. */
#define STDC_HEADERS 1
-/* Define if you can safely include both <sys/time.h> and <time.h>. */
-/* #define TIME_WITH_SYS_TIME 1 */
-
/* ---------------------------------------------------------------- */
/* FUNCTIONS */
/* ---------------------------------------------------------------- */
diff --git a/libs/libcurl/src/conncache.c b/libs/libcurl/src/conncache.c index f9258090d2..fae7c0b057 100644 --- a/libs/libcurl/src/conncache.c +++ b/libs/libcurl/src/conncache.c @@ -107,6 +107,7 @@ int Curl_conncache_init(struct conncache *connc, int size) connc->closure_handle = curl_easy_init();
if(!connc->closure_handle)
return 1; /* bad */
+ connc->closure_handle->internal = true;
Curl_hash_init(&connc->hash, size, Curl_hash_str,
Curl_str_key_compare, free_bundle_hash_entry);
diff --git a/libs/libcurl/src/connect.c b/libs/libcurl/src/connect.c index 696bd8483b..ccc7bcda96 100644 --- a/libs/libcurl/src/connect.c +++ b/libs/libcurl/src/connect.c @@ -634,6 +634,7 @@ evaluate: /* next attempt was started */
CURL_TRC_CF(data, cf, "%s trying next", baller->name);
++ongoing;
+ Curl_expire(data, 0, EXPIRE_RUN_NOW);
}
}
}
@@ -646,7 +647,7 @@ evaluate: /* Nothing connected, check the time before we might
* start new ballers or return ok. */
if((ongoing || not_started) && Curl_timeleft(data, &now, TRUE) < 0) {
- failf(data, "Connection timeout after %ld ms",
+ failf(data, "Connection timeout after %" CURL_FORMAT_CURL_OFF_T " ms",
Curl_timediff(now, data->progress.t_startsingle));
return CURLE_OPERATION_TIMEDOUT;
}
@@ -823,11 +824,10 @@ static CURLcode start_connect(struct Curl_cfilter *cf, CURL_TRC_CF(data, cf, "created %s (timeout %"
CURL_FORMAT_TIMEDIFF_T "ms)",
ctx->baller[1]->name, ctx->baller[1]->timeoutms);
+ Curl_expire(data, data->set.happy_eyeballs_timeout,
+ EXPIRE_HAPPY_EYEBALLS);
}
- Curl_expire(data, data->set.happy_eyeballs_timeout,
- EXPIRE_HAPPY_EYEBALLS);
-
return CURLE_OK;
}
diff --git a/libs/libcurl/src/content_encoding.c b/libs/libcurl/src/content_encoding.c index 0793e21a91..b1a64ebd52 100644 --- a/libs/libcurl/src/content_encoding.c +++ b/libs/libcurl/src/content_encoding.c @@ -280,9 +280,6 @@ static CURLcode deflate_init_writer(struct Curl_easy *data, struct zlib_writer *zp = (struct zlib_writer *) writer;
z_stream *z = &zp->z; /* zlib state structure */
- if(!writer->downstream)
- return CURLE_WRITE_ERROR;
-
/* Initialize zlib */
z->zalloc = (alloc_func) zalloc_cb;
z->zfree = (free_func) zfree_cb;
@@ -337,9 +334,6 @@ static CURLcode gzip_init_writer(struct Curl_easy *data, struct zlib_writer *zp = (struct zlib_writer *) writer;
z_stream *z = &zp->z; /* zlib state structure */
- if(!writer->downstream)
- return CURLE_WRITE_ERROR;
-
/* Initialize zlib */
z->zalloc = (alloc_func) zalloc_cb;
z->zfree = (free_func) zfree_cb;
@@ -647,9 +641,6 @@ static CURLcode brotli_init_writer(struct Curl_easy *data, struct brotli_writer *bp = (struct brotli_writer *) writer;
(void) data;
- if(!writer->downstream)
- return CURLE_WRITE_ERROR;
-
bp->br = BrotliDecoderCreateInstance(NULL, NULL, NULL);
return bp->br? CURLE_OK: CURLE_OUT_OF_MEMORY;
}
@@ -741,9 +732,6 @@ static CURLcode zstd_init_writer(struct Curl_easy *data, (void)data;
- if(!writer->downstream)
- return CURLE_WRITE_ERROR;
-
zp->zds = ZSTD_createDStream();
zp->decomp = NULL;
return zp->zds ? CURLE_OK : CURLE_OUT_OF_MEMORY;
@@ -822,8 +810,9 @@ static const struct content_encoding zstd_encoding = { static CURLcode identity_init_writer(struct Curl_easy *data,
struct contenc_writer *writer)
{
- (void) data;
- return writer->downstream? CURLE_OK: CURLE_WRITE_ERROR;
+ (void)data;
+ (void)writer;
+ return CURLE_OK;
}
static CURLcode identity_unencode_write(struct Curl_easy *data,
@@ -903,51 +892,13 @@ char *Curl_all_content_encodings(void) }
-/* Real client writer: no downstream. */
-static CURLcode client_init_writer(struct Curl_easy *data,
- struct contenc_writer *writer)
-{
- (void) data;
- return writer->downstream? CURLE_WRITE_ERROR: CURLE_OK;
-}
-
-static CURLcode client_unencode_write(struct Curl_easy *data,
- struct contenc_writer *writer,
- const char *buf, size_t nbytes)
-{
- struct SingleRequest *k = &data->req;
-
- (void) writer;
-
- if(!nbytes || k->ignorebody)
- return CURLE_OK;
-
- return Curl_client_write(data, CLIENTWRITE_BODY, (char *) buf, nbytes);
-}
-
-static void client_close_writer(struct Curl_easy *data,
- struct contenc_writer *writer)
-{
- (void) data;
- (void) writer;
-}
-
-static const struct content_encoding client_encoding = {
- NULL,
- NULL,
- client_init_writer,
- client_unencode_write,
- client_close_writer,
- sizeof(struct contenc_writer)
-};
-
-
/* Deferred error dummy writer. */
static CURLcode error_init_writer(struct Curl_easy *data,
struct contenc_writer *writer)
{
- (void) data;
- return writer->downstream? CURLE_OK: CURLE_WRITE_ERROR;
+ (void)data;
+ (void)writer;
+ return CURLE_OK;
}
static CURLcode error_unencode_write(struct Curl_easy *data,
@@ -984,31 +935,6 @@ static const struct content_encoding error_encoding = { sizeof(struct contenc_writer)
};
-/* Create an unencoding writer stage using the given handler. */
-static struct contenc_writer *
-new_unencoding_writer(struct Curl_easy *data,
- const struct content_encoding *handler,
- struct contenc_writer *downstream,
- int order)
-{
- struct contenc_writer *writer;
-
- DEBUGASSERT(handler->writersize >= sizeof(struct contenc_writer));
- writer = (struct contenc_writer *) calloc(1, handler->writersize);
-
- if(writer) {
- writer->handler = handler;
- writer->downstream = downstream;
- writer->order = order;
- if(handler->init_writer(data, writer)) {
- free(writer);
- writer = NULL;
- }
- }
-
- return writer;
-}
-
/* Write data using an unencoding writer stack. "nbytes" is not
allowed to be 0. */
CURLcode Curl_unencode_write(struct Curl_easy *data,
@@ -1017,23 +943,11 @@ CURLcode Curl_unencode_write(struct Curl_easy *data, {
if(!nbytes)
return CURLE_OK;
+ if(!writer)
+ return CURLE_WRITE_ERROR;
return writer->handler->unencode_write(data, writer, buf, nbytes);
}
-/* Close and clean-up the connection's writer stack. */
-void Curl_unencode_cleanup(struct Curl_easy *data)
-{
- struct SingleRequest *k = &data->req;
- struct contenc_writer *writer = k->writer_stack;
-
- while(writer) {
- k->writer_stack = writer->downstream;
- writer->handler->close_writer(data, writer);
- free(writer);
- writer = k->writer_stack;
- }
-}
-
/* Find the content encoding by name. */
static const struct content_encoding *find_encoding(const char *name,
size_t len)
@@ -1049,9 +963,6 @@ static const struct content_encoding *find_encoding(const char *name, return NULL;
}
-/* allow no more than 5 "chained" compression steps */
-#define MAX_ENCODE_STACK 5
-
/* Set-up the unencoding stack from the Content-Encoding header value.
* See RFC 7231 section 3.1.2.2. */
CURLcode Curl_build_unencoding_stack(struct Curl_easy *data,
@@ -1059,6 +970,7 @@ CURLcode Curl_build_unencoding_stack(struct Curl_easy *data, {
struct SingleRequest *k = &data->req;
unsigned int order = is_transfer? 2: 1;
+ CURLcode result;
do {
const char *name;
@@ -1085,41 +997,19 @@ CURLcode Curl_build_unencoding_stack(struct Curl_easy *data, if(is_transfer && !data->set.http_transfer_encoding)
/* not requested, ignore */
return CURLE_OK;
- encoding = find_encoding(name, namelen);
-
- if(!k->writer_stack) {
- k->writer_stack = new_unencoding_writer(data, &client_encoding,
- NULL, 0);
-
- if(!k->writer_stack)
- return CURLE_OUT_OF_MEMORY;
- }
+ encoding = find_encoding(name, namelen);
if(!encoding)
encoding = &error_encoding; /* Defer error at stack use. */
- if(k->writer_stack_depth++ >= MAX_ENCODE_STACK) {
- failf(data, "Reject response due to more than %u content encodings",
- MAX_ENCODE_STACK);
- return CURLE_BAD_CONTENT_ENCODING;
- }
- /* Stack the unencoding stage. */
- if(order >= k->writer_stack->order) {
- writer = new_unencoding_writer(data, encoding,
- k->writer_stack, order);
- if(!writer)
- return CURLE_OUT_OF_MEMORY;
- k->writer_stack = writer;
- }
- else {
- struct contenc_writer *w = k->writer_stack;
- while(w->downstream && order < w->downstream->order)
- w = w->downstream;
- writer = new_unencoding_writer(data, encoding,
- w->downstream, order);
- if(!writer)
- return CURLE_OUT_OF_MEMORY;
- w->downstream = writer;
+ result = Curl_client_create_writer(&writer, data, encoding, order);
+ if(result)
+ return result;
+
+ result = Curl_client_add_writer(data, writer);
+ if(result) {
+ Curl_client_free_writer(data, writer);
+ return result;
}
}
} while(*enclist);
@@ -1149,11 +1039,6 @@ CURLcode Curl_unencode_write(struct Curl_easy *data, return CURLE_NOT_BUILT_IN;
}
-void Curl_unencode_cleanup(struct Curl_easy *data)
-{
- (void) data;
-}
-
char *Curl_all_content_encodings(void)
{
return strdup(CONTENT_ENCODING_DEFAULT); /* Satisfy caller. */
diff --git a/libs/libcurl/src/content_encoding.h b/libs/libcurl/src/content_encoding.h index 522950c3a6..4b50e9b8da 100644 --- a/libs/libcurl/src/content_encoding.h +++ b/libs/libcurl/src/content_encoding.h @@ -25,26 +25,9 @@ ***************************************************************************/
#include "curl_setup.h"
-struct contenc_writer {
- const struct content_encoding *handler; /* Encoding handler. */
- struct contenc_writer *downstream; /* Downstream writer. */
- unsigned int order; /* Ordering within writer stack. */
-};
-
-/* Content encoding writer. */
-struct content_encoding {
- const char *name; /* Encoding name. */
- const char *alias; /* Encoding name alias. */
- CURLcode (*init_writer)(struct Curl_easy *data,
- struct contenc_writer *writer);
- CURLcode (*unencode_write)(struct Curl_easy *data,
- struct contenc_writer *writer,
- const char *buf, size_t nbytes);
- void (*close_writer)(struct Curl_easy *data,
- struct contenc_writer *writer);
- size_t writersize;
-};
+struct contenc_writer;
+char *Curl_all_content_encodings(void);
CURLcode Curl_build_unencoding_stack(struct Curl_easy *data,
const char *enclist, int is_transfer);
@@ -52,6 +35,5 @@ CURLcode Curl_unencode_write(struct Curl_easy *data, struct contenc_writer *writer,
const char *buf, size_t nbytes);
void Curl_unencode_cleanup(struct Curl_easy *data);
-char *Curl_all_content_encodings(void);
#endif /* HEADER_CURL_CONTENT_ENCODING_H */
diff --git a/libs/libcurl/src/cookie.c b/libs/libcurl/src/cookie.c index e905065930..cc698af53b 100644 --- a/libs/libcurl/src/cookie.c +++ b/libs/libcurl/src/cookie.c @@ -112,14 +112,11 @@ static void strstore(char **str, const char *newstr, size_t len); static void freecookie(struct Cookie *co)
{
- free(co->expirestr);
free(co->domain);
free(co->path);
free(co->spath);
free(co->name);
free(co->value);
- free(co->maxage);
- free(co->version);
free(co);
}
@@ -487,7 +484,7 @@ Curl_cookie_add(struct Curl_easy *data, struct CookieInfo *c,
bool httpheader, /* TRUE if HTTP header-style line */
bool noexpire, /* if TRUE, skip remove_expired() */
- char *lineptr, /* first character of the line */
+ const char *lineptr, /* first character of the line */
const char *domain, /* default domain */
const char *path, /* full path used when this cookie is set,
used to get default path for the cookie
@@ -718,11 +715,7 @@ Curl_cookie_add(struct Curl_easy *data, }
}
else if((nlen == 7) && strncasecompare("version", namep, 7)) {
- strstore(&co->version, valuep, vlen);
- if(!co->version) {
- badcookie = TRUE;
- break;
- }
+ /* just ignore */
}
else if((nlen == 7) && strncasecompare("max-age", namep, 7)) {
/*
@@ -734,17 +727,55 @@ Curl_cookie_add(struct Curl_easy *data, * client should discard the cookie. A value of zero means the
* cookie should be discarded immediately.
*/
- strstore(&co->maxage, valuep, vlen);
- if(!co->maxage) {
- badcookie = TRUE;
+ CURLofft offt;
+ const char *maxage = valuep;
+ offt = curlx_strtoofft((*maxage == '\"')?
+ &maxage[1]:&maxage[0], NULL, 10,
+ &co->expires);
+ switch(offt) {
+ case CURL_OFFT_FLOW:
+ /* overflow, used max value */
+ co->expires = CURL_OFF_T_MAX;
+ break;
+ case CURL_OFFT_INVAL:
+ /* negative or otherwise bad, expire */
+ co->expires = 1;
+ break;
+ case CURL_OFFT_OK:
+ if(!co->expires)
+ /* already expired */
+ co->expires = 1;
+ else if(CURL_OFF_T_MAX - now < co->expires)
+ /* would overflow */
+ co->expires = CURL_OFF_T_MAX;
+ else
+ co->expires += now;
break;
}
}
else if((nlen == 7) && strncasecompare("expires", namep, 7)) {
- strstore(&co->expirestr, valuep, vlen);
- if(!co->expirestr) {
- badcookie = TRUE;
- break;
+ char date[128];
+ if(!co->expires && (vlen < sizeof(date))) {
+ /* copy the date so that it can be null terminated */
+ memcpy(date, valuep, vlen);
+ date[vlen] = 0;
+ /*
+ * Let max-age have priority.
+ *
+ * If the date cannot get parsed for whatever reason, the cookie
+ * will be treated as a session cookie
+ */
+ co->expires = Curl_getdate_capped(date);
+
+ /*
+ * Session cookies have expires set to 0 so if we get that back
+ * from the date parser let's add a second to make it a
+ * non-session cookie
+ */
+ if(co->expires == 0)
+ co->expires = 1;
+ else if(co->expires < 0)
+ co->expires = 0;
}
}
@@ -764,49 +795,6 @@ Curl_cookie_add(struct Curl_easy *data, break;
} while(1);
- if(co->maxage) {
- CURLofft offt;
- offt = curlx_strtoofft((*co->maxage == '\"')?
- &co->maxage[1]:&co->maxage[0], NULL, 10,
- &co->expires);
- switch(offt) {
- case CURL_OFFT_FLOW:
- /* overflow, used max value */
- co->expires = CURL_OFF_T_MAX;
- break;
- case CURL_OFFT_INVAL:
- /* negative or otherwise bad, expire */
- co->expires = 1;
- break;
- case CURL_OFFT_OK:
- if(!co->expires)
- /* already expired */
- co->expires = 1;
- else if(CURL_OFF_T_MAX - now < co->expires)
- /* would overflow */
- co->expires = CURL_OFF_T_MAX;
- else
- co->expires += now;
- break;
- }
- }
- else if(co->expirestr) {
- /*
- * Note that if the date couldn't get parsed for whatever reason, the
- * cookie will be treated as a session cookie
- */
- co->expires = Curl_getdate_capped(co->expirestr);
-
- /*
- * Session cookies have expires set to 0 so if we get that back from the
- * date parser let's add a second to make it a non-session cookie
- */
- if(co->expires == 0)
- co->expires = 1;
- else if(co->expires < 0)
- co->expires = 0;
- }
-
if(!badcookie && !co->domain) {
if(domain) {
/* no domain was given in the header line, set the default */
@@ -894,7 +882,7 @@ Curl_cookie_add(struct Curl_easy *data, if(ptr)
*ptr = 0; /* clear it */
- firstptr = strtok_r(lineptr, "\t", &tok_buf); /* tokenize it on the TAB */
+ firstptr = strtok_r((char *)lineptr, "\t", &tok_buf); /* tokenize on TAB */
/*
* Now loop through the fields and init the struct we already have
@@ -1159,9 +1147,6 @@ Curl_cookie_add(struct Curl_easy *data, free(clist->domain);
free(clist->path);
free(clist->spath);
- free(clist->expirestr);
- free(clist->version);
- free(clist->maxage);
*clist = *co; /* then store all the new data */
@@ -1224,9 +1209,6 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, c = calloc(1, sizeof(struct CookieInfo));
if(!c)
return NULL; /* failed to get memory */
- c->filename = strdup(file?file:"none"); /* copy the name just in case */
- if(!c->filename)
- goto fail; /* failed to get memory */
/*
* Initialize the next_expiration time to signal that we don't have enough
* information yet.
@@ -1255,24 +1237,20 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, c->running = FALSE; /* this is not running, this is init */
if(fp) {
- char *lineptr;
- bool headerline;
line = malloc(MAX_COOKIE_LINE);
if(!line)
goto fail;
while(Curl_get_line(line, MAX_COOKIE_LINE, fp)) {
+ char *lineptr = line;
+ bool headerline = FALSE;
if(checkprefix("Set-Cookie:", line)) {
/* This is a cookie line, get it! */
lineptr = &line[11];
headerline = TRUE;
+ while(*lineptr && ISBLANK(*lineptr))
+ lineptr++;
}
- else {
- lineptr = line;
- headerline = FALSE;
- }
- while(*lineptr && ISBLANK(*lineptr))
- lineptr++;
Curl_cookie_add(data, c, headerline, TRUE, lineptr, NULL, NULL, TRUE);
}
@@ -1288,8 +1266,8 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, fclose(handle);
}
data->state.cookie_engine = TRUE;
- c->running = TRUE; /* now, we're running */
}
+ c->running = TRUE; /* now, we're running */
return c;
@@ -1371,14 +1349,11 @@ static struct Cookie *dup_cookie(struct Cookie *src) {
struct Cookie *d = calloc(sizeof(struct Cookie), 1);
if(d) {
- CLONE(expirestr);
CLONE(domain);
CLONE(path);
CLONE(spath);
CLONE(name);
CLONE(value);
- CLONE(maxage);
- CLONE(version);
d->expires = src->expires;
d->tailmatch = src->tailmatch;
d->secure = src->secure;
@@ -1595,7 +1570,6 @@ void Curl_cookie_cleanup(struct CookieInfo *c) {
if(c) {
unsigned int i;
- free(c->filename);
for(i = 0; i < COOKIE_HASH_SIZE; i++)
Curl_cookie_freelist(c->cookies[i]);
free(c); /* free the base struct as well */
diff --git a/libs/libcurl/src/cookie.h b/libs/libcurl/src/cookie.h index 5a28a75c4a..e936625af8 100644 --- a/libs/libcurl/src/cookie.h +++ b/libs/libcurl/src/cookie.h @@ -35,12 +35,6 @@ struct Cookie { char *spath; /* sanitized cookie path */
char *domain; /* domain = <this> */
curl_off_t expires; /* expires = <this> */
- char *expirestr; /* the plain text version */
-
- /* RFC 2109 keywords. Version=1 means 2109-compliant cookie sending */
- char *version; /* Version = <value> */
- char *maxage; /* Max-Age = <value> */
-
bool tailmatch; /* whether we do tail-matching of the domain name */
bool secure; /* whether the 'secure' keyword was used */
bool livecookie; /* updated from a server, not a stored file */
@@ -56,17 +50,16 @@ struct Cookie { #define COOKIE_PREFIX__SECURE (1<<0)
#define COOKIE_PREFIX__HOST (1<<1)
-#define COOKIE_HASH_SIZE 256
+#define COOKIE_HASH_SIZE 63
struct CookieInfo {
/* linked list of cookies we know of */
struct Cookie *cookies[COOKIE_HASH_SIZE];
- char *filename; /* file we read from/write to */
- long numcookies; /* number of cookies in the "jar" */
+ curl_off_t next_expiration; /* the next time at which expiration happens */
+ int numcookies; /* number of cookies in the "jar" */
+ int lastct; /* last creation-time used in the jar */
bool running; /* state info, for cookie adding information */
bool newsession; /* new session, discard session cookies on load */
- int lastct; /* last creation-time used in the jar */
- curl_off_t next_expiration; /* the next time at which expiration happens */
};
/* The maximum sizes we accept for cookies. RFC 6265 section 6.1 says
@@ -75,7 +68,6 @@ struct CookieInfo { - At least 4096 bytes per cookie (as measured by the sum of the length of
the cookie's name, value, and attributes).
-
In the 6265bis draft document section 5.4 it is phrased even stronger: "If
the sum of the lengths of the name string and the value string is more than
4096 octets, abort these steps and ignore the set-cookie-string entirely."
@@ -116,7 +108,7 @@ struct Curl_easy; struct Cookie *Curl_cookie_add(struct Curl_easy *data,
struct CookieInfo *c, bool header,
- bool noexpiry, char *lineptr,
+ bool noexpiry, const char *lineptr,
const char *domain, const char *path,
bool secure);
diff --git a/libs/libcurl/src/curl_config.h.cmake b/libs/libcurl/src/curl_config.h.cmake index c335aba6cf..a3774a05c1 100644 --- a/libs/libcurl/src/curl_config.h.cmake +++ b/libs/libcurl/src/curl_config.h.cmake @@ -159,18 +159,21 @@ /* Define to 1 if you have the alarm function. */
#cmakedefine HAVE_ALARM 1
+/* Define to 1 if you have the arc4random function. */
+#cmakedefine HAVE_ARC4RANDOM 1
+
/* Define to 1 if you have the <arpa/inet.h> header file. */
#cmakedefine HAVE_ARPA_INET_H 1
-/* Define to 1 if you have the <arpa/tftp.h> header file. */
-#cmakedefine HAVE_ARPA_TFTP_H 1
-
/* Define to 1 if you have _Atomic support. */
#cmakedefine HAVE_ATOMIC 1
/* Define to 1 if you have the `fchmod' function. */
#cmakedefine HAVE_FCHMOD 1
+/* Define to 1 if you have the `fnmatch' function. */
+#cmakedefine HAVE_FNMATCH 1
+
/* Define to 1 if you have the `basename' function. */
#cmakedefine HAVE_BASENAME 1
@@ -183,6 +186,10 @@ /* Define to 1 if you have the clock_gettime function and monotonic timer. */
#cmakedefine HAVE_CLOCK_GETTIME_MONOTONIC 1
+/* Define to 1 if you have the clock_gettime function and raw monotonic timer.
+ */
+#cmakedefine HAVE_CLOCK_GETTIME_MONOTONIC_RAW 1
+
/* Define to 1 if you have the `closesocket' function. */
#cmakedefine HAVE_CLOSESOCKET 1
@@ -198,6 +205,12 @@ /* Define to 1 if you have the freeaddrinfo function. */
#cmakedefine HAVE_FREEADDRINFO 1
+/* Define to 1 if you have the fseeko function. */
+#cmakedefine HAVE_FSEEKO 1
+
+/* Define to 1 if you have the _fseeki64 function. */
+#cmakedefine HAVE__FSEEKI64 1
+
/* Define to 1 if you have the ftruncate function. */
#cmakedefine HAVE_FTRUNCATE 1
@@ -234,9 +247,6 @@ /* Define to 1 if you have the `getpass_r' function. */
#cmakedefine HAVE_GETPASS_R 1
-/* Define to 1 if you have the `getppid' function. */
-#cmakedefine HAVE_GETPPID 1
-
/* Define to 1 if you have the `getpeername' function. */
#cmakedefine HAVE_GETPEERNAME 1
@@ -373,6 +383,9 @@ /* Define to 1 if the compiler supports the 'long long' data type. */
#cmakedefine HAVE_LONGLONG 1
+/* Define to 1 if you have the 'suseconds_t' data type. */
+#cmakedefine HAVE_SUSECONDS_T 1
+
/* Define to 1 if you have the MSG_NOSIGNAL flag. */
#cmakedefine HAVE_MSG_NOSIGNAL 1
@@ -385,6 +398,9 @@ /* Define to 1 if you have the <netinet/tcp.h> header file. */
#cmakedefine HAVE_NETINET_TCP_H 1
+/* Define to 1 if you have the <netinet/udp.h> header file. */
+#cmakedefine HAVE_NETINET_UDP_H 1
+
/* Define to 1 if you have the <linux/tcp.h> header file. */
#cmakedefine HAVE_LINUX_TCP_H 1
@@ -421,9 +437,15 @@ /* Define to 1 if you have the select function. */
#cmakedefine HAVE_SELECT 1
+/* Define to 1 if you have the sched_yield function. */
+#cmakedefine HAVE_SCHED_YIELD 1
+
/* Define to 1 if you have the send function. */
#cmakedefine HAVE_SEND 1
+/* Define to 1 if you have the sendmsg function. */
+#cmakedefine HAVE_SENDMSG 1
+
/* Define to 1 if you have the 'fsetxattr' function. */
#cmakedefine HAVE_FSETXATTR 1
@@ -433,9 +455,6 @@ /* fsetxattr() takes 6 args */
#cmakedefine HAVE_FSETXATTR_6 1
-/* Define to 1 if you have the <setjmp.h> header file. */
-#cmakedefine HAVE_SETJMP_H 1
-
/* Define to 1 if you have the `setlocale' function. */
#cmakedefine HAVE_SETLOCALE 1
@@ -457,14 +476,11 @@ /* Define to 1 if you have the signal function. */
#cmakedefine HAVE_SIGNAL 1
-/* Define to 1 if you have the <signal.h> header file. */
-#cmakedefine HAVE_SIGNAL_H 1
-
/* Define to 1 if you have the sigsetjmp function or macro. */
#cmakedefine HAVE_SIGSETJMP 1
/* Define to 1 if you have the `snprintf' function. */
-#cmakedefine HAVE_SNPRINTF
+#cmakedefine HAVE_SNPRINTF 1
/* Define to 1 if struct sockaddr_in6 has the sin6_scope_id member */
#cmakedefine HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
@@ -484,9 +500,6 @@ /* Define to 1 if you have the <stdint.h> header file. */
#cmakedefine HAVE_STDINT_H 1
-/* Define to 1 if you have the <stdlib.h> header file. */
-#cmakedefine HAVE_STDLIB_H 1
-
/* Define to 1 if you have the strcasecmp function. */
#cmakedefine HAVE_STRCASECMP 1
@@ -505,9 +518,6 @@ /* Define to 1 if you have the <strings.h> header file. */
#cmakedefine HAVE_STRINGS_H 1
-/* Define to 1 if you have the <string.h> header file. */
-#cmakedefine HAVE_STRING_H 1
-
/* Define to 1 if you have the <stropts.h> header file. */
#cmakedefine HAVE_STROPTS_H 1
@@ -517,6 +527,9 @@ /* Define to 1 if you have the strtoll function. */
#cmakedefine HAVE_STRTOLL 1
+/* Define to 1 if you have the memrchr function. */
+#cmakedefine HAVE_MEMRCHR 1
+
/* if struct sockaddr_storage is defined */
#cmakedefine HAVE_STRUCT_SOCKADDR_STORAGE 1
@@ -526,6 +539,9 @@ /* Define to 1 if you have the <sys/filio.h> header file. */
#cmakedefine HAVE_SYS_FILIO_H 1
+/* Define to 1 if you have the <sys/wait.h> header file. */
+#cmakedefine HAVE_SYS_WAIT_H 1
+
/* Define to 1 if you have the <sys/ioctl.h> header file. */
#cmakedefine HAVE_SYS_IOCTL_H 1
@@ -568,9 +584,6 @@ /* Define to 1 if you have the <termio.h> header file. */
#cmakedefine HAVE_TERMIO_H 1
-/* Define to 1 if you have the <time.h> header file. */
-#cmakedefine HAVE_TIME_H 1
-
/* Define to 1 if you have the <unistd.h> header file. */
#cmakedefine HAVE_UNISTD_H 1
@@ -658,6 +671,9 @@ ${SIZEOF_OFF_T_CODE} /* The size of `curl_off_t', as computed by sizeof. */
${SIZEOF_CURL_OFF_T_CODE}
+/* The size of `curl_socket_t', as computed by sizeof. */
+${SIZEOF_CURL_SOCKET_T_CODE}
+
/* The size of `size_t', as computed by sizeof. */
${SIZEOF_SIZE_T_CODE}
@@ -667,9 +683,6 @@ ${SIZEOF_TIME_T_CODE} /* Define to 1 if you have the ANSI C header files. */
#cmakedefine STDC_HEADERS 1
-/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
-#cmakedefine TIME_WITH_SYS_TIME 1
-
/* Define if you want to enable c-ares support */
#cmakedefine USE_ARES 1
@@ -735,7 +748,7 @@ ${SIZEOF_TIME_T_CODE} #cmakedefine USE_MSH3 1
/* if Unix domain sockets are enabled */
-#cmakedefine USE_UNIX_SOCKETS
+#cmakedefine USE_UNIX_SOCKETS 1
/* Define to 1 if you are building a Windows target with large file support. */
#cmakedefine USE_WIN32_LARGE_FILES 1
@@ -792,3 +805,12 @@ ${SIZEOF_TIME_T_CODE} /* Define to 1 to enable websocket support. */
#cmakedefine USE_WEBSOCKETS 1
+
+/* Define to 1 if OpenSSL has the SSL_CTX_set_srp_username function. */
+#cmakedefine HAVE_OPENSSL_SRP 1
+
+/* Define to 1 if GnuTLS has the gnutls_srp_verifier function. */
+#cmakedefine HAVE_GNUTLS_SRP 1
+
+/* Define to 1 to enable TLS-SRP support. */
+#cmakedefine USE_TLS_SRP 1
diff --git a/libs/libcurl/src/curl_config.h.in b/libs/libcurl/src/curl_config.h.in index d7b28336e8..8aa193abb6 100644 --- a/libs/libcurl/src/curl_config.h.in +++ b/libs/libcurl/src/curl_config.h.in @@ -165,24 +165,15 @@ /* Define to 1 if you have the <arpa/inet.h> header file. */
#undef HAVE_ARPA_INET_H
-/* Define to 1 if you have the <arpa/tftp.h> header file. */
-#undef HAVE_ARPA_TFTP_H
-
/* Define to 1 if you have _Atomic support. */
#undef HAVE_ATOMIC
-/* Define to 1 if using AWS-LC. */
-#undef HAVE_AWSLC
-
/* Define to 1 if you have the basename function. */
#undef HAVE_BASENAME
/* Define to 1 if bool is an available type. */
#undef HAVE_BOOL_T
-/* Define to 1 if using BoringSSL. */
-#undef HAVE_BORINGSSL
-
/* if BROTLI is in use */
#undef HAVE_BROTLI
@@ -205,9 +196,6 @@ /* Define to 1 if you have the CloseSocket camel case function. */
#undef HAVE_CLOSESOCKET_CAMEL
-/* Define to 1 if you have the connect function. */
-#undef HAVE_CONNECT
-
/* Define to 1 if you have the <crypto.h> header file. */
#undef HAVE_CRYPTO_H
@@ -239,12 +227,12 @@ /* Define to 1 if you have the `fnmatch' function. */
#undef HAVE_FNMATCH
-/* Define to 1 if you have the `fork' function. */
-#undef HAVE_FORK
-
/* Define to 1 if you have the freeaddrinfo function. */
#undef HAVE_FREEADDRINFO
+/* Define to 1 if you have the `fseeko' function. */
+#undef HAVE_FSEEKO
+
/* Define to 1 if you have the fsetxattr function. */
#undef HAVE_FSETXATTR
@@ -362,6 +350,9 @@ /* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
+/* Define to 1 if you have the ioctl function. */
+#undef HAVE_IOCTL
+
/* Define to 1 if you have the ioctlsocket function. */
#undef HAVE_IOCTLSOCKET
@@ -375,6 +366,12 @@ /* Define to 1 if you have a working ioctlsocket FIONBIO function. */
#undef HAVE_IOCTLSOCKET_FIONBIO
+/* Define to 1 if you have a working ioctl FIONBIO function. */
+#undef HAVE_IOCTL_FIONBIO
+
+/* Define to 1 if you have a working ioctl SIOCGIFADDR function. */
+#undef HAVE_IOCTL_SIOCGIFADDR
+
/* Define to 1 if you have the <io.h> header file. */
#undef HAVE_IO_H
@@ -578,9 +575,6 @@ /* Define to 1 if you have the signal function. */
#undef HAVE_SIGNAL
-/* Define to 1 if you have the <signal.h> header file. */
-#undef HAVE_SIGNAL_H
-
/* Define to 1 if you have the sigsetjmp function or macro. */
#undef HAVE_SIGSETJMP
@@ -644,6 +638,9 @@ /* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
+/* Define to 1 if you have the <stropts.h> header file. */
+#undef HAVE_STROPTS_H
+
/* Define to 1 if you have the strtok_r function. */
#undef HAVE_STRTOK_R
@@ -692,9 +689,6 @@ /* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
-/* Define to 1 if you have the <sys/uio.h> header file. */
-#undef HAVE_SYS_UIO_H
-
/* Define to 1 if you have the <sys/un.h> header file. */
#undef HAVE_SYS_UN_H
@@ -770,6 +764,9 @@ /* Define to 1 if you have the <zstd.h> header file. */
#undef HAVE_ZSTD_H
+/* Define to 1 if you have the `_fseeki64' function. */
+#undef HAVE__FSEEKI64
+
/* Define to the sub-directory where libtool stores uninstalled libraries. */
#undef LT_OBJDIR
diff --git a/libs/libcurl/src/curl_ctype.h b/libs/libcurl/src/curl_ctype.h index 1b3fe1e467..a04dc358ea 100644 --- a/libs/libcurl/src/curl_ctype.h +++ b/libs/libcurl/src/curl_ctype.h @@ -43,5 +43,9 @@ #define ISDIGIT(x) (((x) >= '0') && ((x) <= '9'))
#define ISBLANK(x) (((x) == ' ') || ((x) == '\t'))
#define ISSPACE(x) (ISBLANK(x) || (((x) >= 0xa) && ((x) <= 0x0d)))
+#define ISURLPUNTCS(x) (((x) == '-') || ((x) == '.') || ((x) == '_') || \
+ ((x) == '~'))
+#define ISUNRESERVED(x) (ISALNUM(x) || ISURLPUNTCS(x))
+
#endif /* HEADER_CURL_CTYPE_H */
diff --git a/libs/libcurl/src/curl_hmac.h b/libs/libcurl/src/curl_hmac.h index 6fe497554c..50b3052de8 100644 --- a/libs/libcurl/src/curl_hmac.h +++ b/libs/libcurl/src/curl_hmac.h @@ -24,8 +24,8 @@ *
***************************************************************************/
-#if (defined(USE_CURL_NTLM_CORE) && !defined(USE_WINDOWS_SSPI)) \
- || !defined(CURL_DISABLE_AWS)
+#if (defined(USE_CURL_NTLM_CORE) && !defined(USE_WINDOWS_SSPI)) \
+ || !defined(CURL_DISABLE_AWS) || !defined(CURL_DISABLE_DIGEST_AUTH)
#include <curl/curl.h>
diff --git a/libs/libcurl/src/curl_memrchr.h b/libs/libcurl/src/curl_memrchr.h index f013e07c3a..7e2de316b6 100644 --- a/libs/libcurl/src/curl_memrchr.h +++ b/libs/libcurl/src/curl_memrchr.h @@ -28,9 +28,7 @@ #ifdef HAVE_MEMRCHR
-#ifdef HAVE_STRING_H
-# include <string.h>
-#endif
+#include <string.h>
#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif
diff --git a/libs/libcurl/src/curl_ntlm_wb.c b/libs/libcurl/src/curl_ntlm_wb.c index e5ad47fea6..93a1d5b3b0 100644 --- a/libs/libcurl/src/curl_ntlm_wb.c +++ b/libs/libcurl/src/curl_ntlm_wb.c @@ -39,9 +39,7 @@ #ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif
-#ifdef HAVE_SIGNAL_H
#include <signal.h>
-#endif
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
diff --git a/libs/libcurl/src/curl_setup.h b/libs/libcurl/src/curl_setup.h index 48bcdd222d..f1fff53e7b 100644 --- a/libs/libcurl/src/curl_setup.h +++ b/libs/libcurl/src/curl_setup.h @@ -28,11 +28,6 @@ #define CURL_NO_OLDIES
#endif
-/* define mingw version macros, eg __MINGW{32,64}_{MINOR,MAJOR}_VERSION */
-#ifdef __MINGW32__
-#include <_mingw.h>
-#endif
-
/*
* Disable Visual Studio warnings:
* 4127 "conditional expression is constant"
@@ -61,6 +56,16 @@ # ifndef NOGDI
# define NOGDI
# endif
+/* Detect Windows App environment which has a restricted access
+ * to the Win32 APIs. */
+# if (defined(_WIN32_WINNT) && (_WIN32_WINNT >= 0x0602)) || \
+ defined(WINAPI_FAMILY)
+# include <winapifamily.h>
+# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \
+ !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
+# define CURL_WINDOWS_APP
+# endif
+# endif
#endif
/*
@@ -820,9 +825,6 @@ int getpwuid_r(uid_t uid, struct passwd *pwd, char *buf, #endif
#if defined(USE_UNIX_SOCKETS) && defined(WIN32)
-# if defined(__MINGW32__) && !defined(LUP_SECURE)
- typedef u_short ADDRESS_FAMILY; /* Classic mingw, 11y+ old mingw-w64 */
-# endif
# if !defined(UNIX_PATH_MAX)
/* Replicating logic present in afunix.h
(distributed with newer Windows 10 SDK versions only) */
diff --git a/libs/libcurl/src/curl_sspi.h b/libs/libcurl/src/curl_sspi.h index e1a2539a6f..33b0129c36 100644 --- a/libs/libcurl/src/curl_sspi.h +++ b/libs/libcurl/src/curl_sspi.h @@ -70,227 +70,6 @@ extern PSecurityFunctionTable s_pSecFn; #define ISC_REQ_USE_HTTP_STYLE 0x01000000
#endif
-#ifndef ISC_RET_REPLAY_DETECT
-#define ISC_RET_REPLAY_DETECT 0x00000004
-#endif
-
-#ifndef ISC_RET_SEQUENCE_DETECT
-#define ISC_RET_SEQUENCE_DETECT 0x00000008
-#endif
-
-#ifndef ISC_RET_CONFIDENTIALITY
-#define ISC_RET_CONFIDENTIALITY 0x00000010
-#endif
-
-#ifndef ISC_RET_ALLOCATED_MEMORY
-#define ISC_RET_ALLOCATED_MEMORY 0x00000100
-#endif
-
-#ifndef ISC_RET_STREAM
-#define ISC_RET_STREAM 0x00008000
-#endif
-
-#ifndef SEC_E_INSUFFICIENT_MEMORY
-# define SEC_E_INSUFFICIENT_MEMORY ((HRESULT)0x80090300L)
-#endif
-#ifndef SEC_E_INVALID_HANDLE
-# define SEC_E_INVALID_HANDLE ((HRESULT)0x80090301L)
-#endif
-#ifndef SEC_E_UNSUPPORTED_FUNCTION
-# define SEC_E_UNSUPPORTED_FUNCTION ((HRESULT)0x80090302L)
-#endif
-#ifndef SEC_E_TARGET_UNKNOWN
-# define SEC_E_TARGET_UNKNOWN ((HRESULT)0x80090303L)
-#endif
-#ifndef SEC_E_INTERNAL_ERROR
-# define SEC_E_INTERNAL_ERROR ((HRESULT)0x80090304L)
-#endif
-#ifndef SEC_E_SECPKG_NOT_FOUND
-# define SEC_E_SECPKG_NOT_FOUND ((HRESULT)0x80090305L)
-#endif
-#ifndef SEC_E_NOT_OWNER
-# define SEC_E_NOT_OWNER ((HRESULT)0x80090306L)
-#endif
-#ifndef SEC_E_CANNOT_INSTALL
-# define SEC_E_CANNOT_INSTALL ((HRESULT)0x80090307L)
-#endif
-#ifndef SEC_E_INVALID_TOKEN
-# define SEC_E_INVALID_TOKEN ((HRESULT)0x80090308L)
-#endif
-#ifndef SEC_E_CANNOT_PACK
-# define SEC_E_CANNOT_PACK ((HRESULT)0x80090309L)
-#endif
-#ifndef SEC_E_QOP_NOT_SUPPORTED
-# define SEC_E_QOP_NOT_SUPPORTED ((HRESULT)0x8009030AL)
-#endif
-#ifndef SEC_E_NO_IMPERSONATION
-# define SEC_E_NO_IMPERSONATION ((HRESULT)0x8009030BL)
-#endif
-#ifndef SEC_E_LOGON_DENIED
-# define SEC_E_LOGON_DENIED ((HRESULT)0x8009030CL)
-#endif
-#ifndef SEC_E_UNKNOWN_CREDENTIALS
-# define SEC_E_UNKNOWN_CREDENTIALS ((HRESULT)0x8009030DL)
-#endif
-#ifndef SEC_E_NO_CREDENTIALS
-# define SEC_E_NO_CREDENTIALS ((HRESULT)0x8009030EL)
-#endif
-#ifndef SEC_E_MESSAGE_ALTERED
-# define SEC_E_MESSAGE_ALTERED ((HRESULT)0x8009030FL)
-#endif
-#ifndef SEC_E_OUT_OF_SEQUENCE
-# define SEC_E_OUT_OF_SEQUENCE ((HRESULT)0x80090310L)
-#endif
-#ifndef SEC_E_NO_AUTHENTICATING_AUTHORITY
-# define SEC_E_NO_AUTHENTICATING_AUTHORITY ((HRESULT)0x80090311L)
-#endif
-#ifndef SEC_E_BAD_PKGID
-# define SEC_E_BAD_PKGID ((HRESULT)0x80090316L)
-#endif
-#ifndef SEC_E_CONTEXT_EXPIRED
-# define SEC_E_CONTEXT_EXPIRED ((HRESULT)0x80090317L)
-#endif
-#ifndef SEC_E_INCOMPLETE_MESSAGE
-# define SEC_E_INCOMPLETE_MESSAGE ((HRESULT)0x80090318L)
-#endif
-#ifndef SEC_E_INCOMPLETE_CREDENTIALS
-# define SEC_E_INCOMPLETE_CREDENTIALS ((HRESULT)0x80090320L)
-#endif
-#ifndef SEC_E_BUFFER_TOO_SMALL
-# define SEC_E_BUFFER_TOO_SMALL ((HRESULT)0x80090321L)
-#endif
-#ifndef SEC_E_WRONG_PRINCIPAL
-# define SEC_E_WRONG_PRINCIPAL ((HRESULT)0x80090322L)
-#endif
-#ifndef SEC_E_TIME_SKEW
-# define SEC_E_TIME_SKEW ((HRESULT)0x80090324L)
-#endif
-#ifndef SEC_E_UNTRUSTED_ROOT
-# define SEC_E_UNTRUSTED_ROOT ((HRESULT)0x80090325L)
-#endif
-#ifndef SEC_E_ILLEGAL_MESSAGE
-# define SEC_E_ILLEGAL_MESSAGE ((HRESULT)0x80090326L)
-#endif
-#ifndef SEC_E_CERT_UNKNOWN
-# define SEC_E_CERT_UNKNOWN ((HRESULT)0x80090327L)
-#endif
-#ifndef SEC_E_CERT_EXPIRED
-# define SEC_E_CERT_EXPIRED ((HRESULT)0x80090328L)
-#endif
-#ifndef SEC_E_ENCRYPT_FAILURE
-# define SEC_E_ENCRYPT_FAILURE ((HRESULT)0x80090329L)
-#endif
-#ifndef SEC_E_DECRYPT_FAILURE
-# define SEC_E_DECRYPT_FAILURE ((HRESULT)0x80090330L)
-#endif
-#ifndef SEC_E_ALGORITHM_MISMATCH
-# define SEC_E_ALGORITHM_MISMATCH ((HRESULT)0x80090331L)
-#endif
-#ifndef SEC_E_SECURITY_QOS_FAILED
-# define SEC_E_SECURITY_QOS_FAILED ((HRESULT)0x80090332L)
-#endif
-#ifndef SEC_E_UNFINISHED_CONTEXT_DELETED
-# define SEC_E_UNFINISHED_CONTEXT_DELETED ((HRESULT)0x80090333L)
-#endif
-#ifndef SEC_E_NO_TGT_REPLY
-# define SEC_E_NO_TGT_REPLY ((HRESULT)0x80090334L)
-#endif
-#ifndef SEC_E_NO_IP_ADDRESSES
-# define SEC_E_NO_IP_ADDRESSES ((HRESULT)0x80090335L)
-#endif
-#ifndef SEC_E_WRONG_CREDENTIAL_HANDLE
-# define SEC_E_WRONG_CREDENTIAL_HANDLE ((HRESULT)0x80090336L)
-#endif
-#ifndef SEC_E_CRYPTO_SYSTEM_INVALID
-# define SEC_E_CRYPTO_SYSTEM_INVALID ((HRESULT)0x80090337L)
-#endif
-#ifndef SEC_E_MAX_REFERRALS_EXCEEDED
-# define SEC_E_MAX_REFERRALS_EXCEEDED ((HRESULT)0x80090338L)
-#endif
-#ifndef SEC_E_MUST_BE_KDC
-# define SEC_E_MUST_BE_KDC ((HRESULT)0x80090339L)
-#endif
-#ifndef SEC_E_STRONG_CRYPTO_NOT_SUPPORTED
-# define SEC_E_STRONG_CRYPTO_NOT_SUPPORTED ((HRESULT)0x8009033AL)
-#endif
-#ifndef SEC_E_TOO_MANY_PRINCIPALS
-# define SEC_E_TOO_MANY_PRINCIPALS ((HRESULT)0x8009033BL)
-#endif
-#ifndef SEC_E_NO_PA_DATA
-# define SEC_E_NO_PA_DATA ((HRESULT)0x8009033CL)
-#endif
-#ifndef SEC_E_PKINIT_NAME_MISMATCH
-# define SEC_E_PKINIT_NAME_MISMATCH ((HRESULT)0x8009033DL)
-#endif
-#ifndef SEC_E_SMARTCARD_LOGON_REQUIRED
-# define SEC_E_SMARTCARD_LOGON_REQUIRED ((HRESULT)0x8009033EL)
-#endif
-#ifndef SEC_E_SHUTDOWN_IN_PROGRESS
-# define SEC_E_SHUTDOWN_IN_PROGRESS ((HRESULT)0x8009033FL)
-#endif
-#ifndef SEC_E_KDC_INVALID_REQUEST
-# define SEC_E_KDC_INVALID_REQUEST ((HRESULT)0x80090340L)
-#endif
-#ifndef SEC_E_KDC_UNABLE_TO_REFER
-# define SEC_E_KDC_UNABLE_TO_REFER ((HRESULT)0x80090341L)
-#endif
-#ifndef SEC_E_KDC_UNKNOWN_ETYPE
-# define SEC_E_KDC_UNKNOWN_ETYPE ((HRESULT)0x80090342L)
-#endif
-#ifndef SEC_E_UNSUPPORTED_PREAUTH
-# define SEC_E_UNSUPPORTED_PREAUTH ((HRESULT)0x80090343L)
-#endif
-#ifndef SEC_E_DELEGATION_REQUIRED
-# define SEC_E_DELEGATION_REQUIRED ((HRESULT)0x80090345L)
-#endif
-#ifndef SEC_E_BAD_BINDINGS
-# define SEC_E_BAD_BINDINGS ((HRESULT)0x80090346L)
-#endif
-#ifndef SEC_E_MULTIPLE_ACCOUNTS
-# define SEC_E_MULTIPLE_ACCOUNTS ((HRESULT)0x80090347L)
-#endif
-#ifndef SEC_E_NO_KERB_KEY
-# define SEC_E_NO_KERB_KEY ((HRESULT)0x80090348L)
-#endif
-#ifndef SEC_E_CERT_WRONG_USAGE
-# define SEC_E_CERT_WRONG_USAGE ((HRESULT)0x80090349L)
-#endif
-#ifndef SEC_E_DOWNGRADE_DETECTED
-# define SEC_E_DOWNGRADE_DETECTED ((HRESULT)0x80090350L)
-#endif
-#ifndef SEC_E_SMARTCARD_CERT_REVOKED
-# define SEC_E_SMARTCARD_CERT_REVOKED ((HRESULT)0x80090351L)
-#endif
-#ifndef SEC_E_ISSUING_CA_UNTRUSTED
-# define SEC_E_ISSUING_CA_UNTRUSTED ((HRESULT)0x80090352L)
-#endif
-#ifndef SEC_E_REVOCATION_OFFLINE_C
-# define SEC_E_REVOCATION_OFFLINE_C ((HRESULT)0x80090353L)
-#endif
-#ifndef SEC_E_PKINIT_CLIENT_FAILURE
-# define SEC_E_PKINIT_CLIENT_FAILURE ((HRESULT)0x80090354L)
-#endif
-#ifndef SEC_E_SMARTCARD_CERT_EXPIRED
-# define SEC_E_SMARTCARD_CERT_EXPIRED ((HRESULT)0x80090355L)
-#endif
-#ifndef SEC_E_NO_S4U_PROT_SUPPORT
-# define SEC_E_NO_S4U_PROT_SUPPORT ((HRESULT)0x80090356L)
-#endif
-#ifndef SEC_E_CROSSREALM_DELEGATION_FAILURE
-# define SEC_E_CROSSREALM_DELEGATION_FAILURE ((HRESULT)0x80090357L)
-#endif
-#ifndef SEC_E_REVOCATION_OFFLINE_KDC
-# define SEC_E_REVOCATION_OFFLINE_KDC ((HRESULT)0x80090358L)
-#endif
-#ifndef SEC_E_ISSUING_CA_UNTRUSTED_KDC
-# define SEC_E_ISSUING_CA_UNTRUSTED_KDC ((HRESULT)0x80090359L)
-#endif
-#ifndef SEC_E_KDC_CERT_EXPIRED
-# define SEC_E_KDC_CERT_EXPIRED ((HRESULT)0x8009035AL)
-#endif
-#ifndef SEC_E_KDC_CERT_REVOKED
-# define SEC_E_KDC_CERT_REVOKED ((HRESULT)0x8009035BL)
-#endif
#ifndef SEC_E_INVALID_PARAMETER
# define SEC_E_INVALID_PARAMETER ((HRESULT)0x8009035DL)
#endif
@@ -301,30 +80,6 @@ extern PSecurityFunctionTable s_pSecFn; # define SEC_E_POLICY_NLTM_ONLY ((HRESULT)0x8009035FL)
#endif
-#ifndef SEC_I_CONTINUE_NEEDED
-# define SEC_I_CONTINUE_NEEDED ((HRESULT)0x00090312L)
-#endif
-#ifndef SEC_I_COMPLETE_NEEDED
-# define SEC_I_COMPLETE_NEEDED ((HRESULT)0x00090313L)
-#endif
-#ifndef SEC_I_COMPLETE_AND_CONTINUE
-# define SEC_I_COMPLETE_AND_CONTINUE ((HRESULT)0x00090314L)
-#endif
-#ifndef SEC_I_LOCAL_LOGON
-# define SEC_I_LOCAL_LOGON ((HRESULT)0x00090315L)
-#endif
-#ifndef SEC_I_CONTEXT_EXPIRED
-# define SEC_I_CONTEXT_EXPIRED ((HRESULT)0x00090317L)
-#endif
-#ifndef SEC_I_INCOMPLETE_CREDENTIALS
-# define SEC_I_INCOMPLETE_CREDENTIALS ((HRESULT)0x00090320L)
-#endif
-#ifndef SEC_I_RENEGOTIATE
-# define SEC_I_RENEGOTIATE ((HRESULT)0x00090321L)
-#endif
-#ifndef SEC_I_NO_LSA_CONTEXT
-# define SEC_I_NO_LSA_CONTEXT ((HRESULT)0x00090323L)
-#endif
#ifndef SEC_I_SIGNATURE_NEEDED
# define SEC_I_SIGNATURE_NEEDED ((HRESULT)0x0009035CL)
#endif
diff --git a/libs/libcurl/src/curl_threads.c b/libs/libcurl/src/curl_threads.c index 5386f53324..41bcdbc91e 100644 --- a/libs/libcurl/src/curl_threads.c +++ b/libs/libcurl/src/curl_threads.c @@ -106,8 +106,6 @@ curl_thread_t Curl_thread_create(unsigned int (CURL_STDCALL *func) (void *), {
#ifdef _WIN32_WCE
typedef HANDLE curl_win_thread_handle_t;
-#elif defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR)
- typedef unsigned long curl_win_thread_handle_t;
#else
typedef uintptr_t curl_win_thread_handle_t;
#endif
diff --git a/libs/libcurl/src/curl_threads.h b/libs/libcurl/src/curl_threads.h index fd4ef2b185..bf7c4a6b1e 100644 --- a/libs/libcurl/src/curl_threads.h +++ b/libs/libcurl/src/curl_threads.h @@ -40,8 +40,7 @@ # define curl_thread_t HANDLE
# define curl_thread_t_null (HANDLE)0
# if !defined(_WIN32_WINNT) || !defined(_WIN32_WINNT_VISTA) || \
- (_WIN32_WINNT < _WIN32_WINNT_VISTA) || \
- (defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR))
+ (_WIN32_WINNT < _WIN32_WINNT_VISTA)
# define Curl_mutex_init(m) InitializeCriticalSection(m)
# else
# define Curl_mutex_init(m) InitializeCriticalSectionEx(m, 0, 1)
diff --git a/libs/libcurl/src/curl_trc.c b/libs/libcurl/src/curl_trc.c index 5cc56353a4..f4946ed337 100644 --- a/libs/libcurl/src/curl_trc.c +++ b/libs/libcurl/src/curl_trc.c @@ -61,6 +61,10 @@ void Curl_debug(struct Curl_easy *data, curl_infotype type, "* ", "< ", "> ", "{ ", "} ", "{ ", "} " };
if(data->set.fdebug) {
bool inCallback = Curl_is_in_callback(data);
+ /* CURLOPT_DEBUGFUNCTION doc says the user may set CURLOPT_PRIVATE to
+ distinguish their handle from internal handles. */
+ if(data->internal)
+ DEBUGASSERT(!data->set.private_data);
Curl_set_in_callback(data, true);
(void)(*data->set.fdebug)(data, type, ptr, size, data->set.debugdata);
Curl_set_in_callback(data, inCallback);
diff --git a/libs/libcurl/src/doh.c b/libs/libcurl/src/doh.c index 59cb71d7e4..06c9eb17e3 100644 --- a/libs/libcurl/src/doh.c +++ b/libs/libcurl/src/doh.c @@ -242,6 +242,7 @@ static CURLcode dohprobe(struct Curl_easy *data, /* pass in the struct pointer via a local variable to please coverity and
the gcc typecheck helpers */
struct dynbuf *resp = &p->serverdoh;
+ doh->internal = true;
ERROR_CHECK_SETOPT(CURLOPT_URL, url);
ERROR_CHECK_SETOPT(CURLOPT_DEFAULT_PROTOCOL, "https");
ERROR_CHECK_SETOPT(CURLOPT_WRITEFUNCTION, doh_write_cb);
@@ -307,6 +308,10 @@ static CURLcode dohprobe(struct Curl_easy *data, ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_FUNCTION, data->set.ssl.fsslctx);
if(data->set.ssl.fsslctxp)
ERROR_CHECK_SETOPT(CURLOPT_SSL_CTX_DATA, data->set.ssl.fsslctxp);
+ if(data->set.fdebug)
+ ERROR_CHECK_SETOPT(CURLOPT_DEBUGFUNCTION, data->set.fdebug);
+ if(data->set.debugdata)
+ ERROR_CHECK_SETOPT(CURLOPT_DEBUGDATA, data->set.debugdata);
if(data->set.str[STRING_SSL_EC_CURVES]) {
ERROR_CHECK_SETOPT(CURLOPT_SSL_EC_CURVES,
data->set.str[STRING_SSL_EC_CURVES]);
diff --git a/libs/libcurl/src/dynbuf.h b/libs/libcurl/src/dynbuf.h index 8f85254cc0..76b551d93b 100644 --- a/libs/libcurl/src/dynbuf.h +++ b/libs/libcurl/src/dynbuf.h @@ -89,4 +89,5 @@ int Curl_dyn_vprintf(struct dynbuf *dyn, const char *format, va_list ap_save); #define DYN_H1_TRAILER 4096
#define DYN_PINGPPONG_CMD (64*1024)
#define DYN_IMAP_CMD (64*1024)
+#define DYN_MQTT_RECV (64*1024)
#endif
diff --git a/libs/libcurl/src/dynhds.c b/libs/libcurl/src/dynhds.c index 346426e427..95e0b32227 100644 --- a/libs/libcurl/src/dynhds.c +++ b/libs/libcurl/src/dynhds.c @@ -344,6 +344,8 @@ size_t Curl_dynhds_cremove(struct dynhds *dynhds, const char *name) return Curl_dynhds_remove(dynhds, name, strlen(name));
}
+#endif
+
CURLcode Curl_dynhds_h1_dprint(struct dynhds *dynhds, struct dynbuf *dbuf)
{
CURLcode result = CURLE_OK;
@@ -363,4 +365,3 @@ CURLcode Curl_dynhds_h1_dprint(struct dynhds *dynhds, struct dynbuf *dbuf) return result;
}
-#endif
diff --git a/libs/libcurl/src/easy.c b/libs/libcurl/src/easy.c index 2cfd8e6139..807b6391d3 100644 --- a/libs/libcurl/src/easy.c +++ b/libs/libcurl/src/easy.c @@ -303,9 +303,6 @@ void curl_global_cleanup(void) Curl_ssh_cleanup();
-#ifdef USE_WOLFSSH
- (void)wolfSSH_Cleanup();
-#endif
#ifdef DEBUGBUILD
free(leakpointer);
#endif
@@ -925,9 +922,7 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data) if(data->cookies) {
/* If cookies are enabled in the parent handle, we enable them
in the clone as well! */
- outcurl->cookies = Curl_cookie_init(data,
- data->cookies->filename,
- outcurl->cookies,
+ outcurl->cookies = Curl_cookie_init(data, NULL, outcurl->cookies,
data->set.cookiesession);
if(!outcurl->cookies)
goto fail;
@@ -1088,11 +1083,14 @@ CURLcode curl_easy_pause(struct Curl_easy *data, int action) CURLcode result = CURLE_OK;
int oldstate;
int newstate;
+ bool recursive = FALSE;
if(!GOOD_EASY_HANDLE(data) || !data->conn)
/* crazy input, don't continue */
return CURLE_BAD_FUNCTION_ARGUMENT;
+ if(Curl_is_in_callback(data))
+ recursive = TRUE;
k = &data->req;
oldstate = k->keepon & (KEEP_RECV_PAUSE| KEEP_SEND_PAUSE);
@@ -1120,34 +1118,9 @@ CURLcode curl_easy_pause(struct Curl_easy *data, int action) if(!(newstate & KEEP_RECV_PAUSE)) {
Curl_conn_ev_data_pause(data, FALSE);
-
- if(data->state.tempcount) {
- /* there are buffers for sending that can be delivered as the receive
- pausing is lifted! */
- unsigned int i;
- unsigned int count = data->state.tempcount;
- struct tempbuf writebuf[3]; /* there can only be three */
-
- /* copy the structs to allow for immediate re-pausing */
- for(i = 0; i < data->state.tempcount; i++) {
- writebuf[i] = data->state.tempwrite[i];
- Curl_dyn_init(&data->state.tempwrite[i].b, DYN_PAUSE_BUFFER);
- }
- data->state.tempcount = 0;
-
- for(i = 0; i < count; i++) {
- /* even if one function returns error, this loops through and frees
- all buffers */
- if(!result)
- result = Curl_client_write(data, writebuf[i].type,
- Curl_dyn_ptr(&writebuf[i].b),
- Curl_dyn_len(&writebuf[i].b));
- Curl_dyn_free(&writebuf[i].b);
- }
-
- if(result)
- return result;
- }
+ result = Curl_client_unpause(data);
+ if(result)
+ return result;
}
#ifdef USE_HYPER
@@ -1184,6 +1157,11 @@ CURLcode curl_easy_pause(struct Curl_easy *data, int action) corresponding socket callback, if used */
result = Curl_updatesocket(data);
+ if(recursive)
+ /* this might have called a callback recursively which might have set this
+ to false again on exit */
+ Curl_set_in_callback(data, TRUE);
+
return result;
}
diff --git a/libs/libcurl/src/easy_lock.h b/libs/libcurl/src/easy_lock.h index dfa39ad3b2..49c5e58c86 100644 --- a/libs/libcurl/src/easy_lock.h +++ b/libs/libcurl/src/easy_lock.h @@ -31,13 +31,6 @@ #if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x600
#ifdef __MINGW32__
-#ifndef __MINGW64_VERSION_MAJOR
-#if (__MINGW32_MAJOR_VERSION < 5) || \
- (__MINGW32_MAJOR_VERSION == 5 && __MINGW32_MINOR_VERSION == 0)
-/* mingw >= 5.0.1 defines SRWLOCK, and slightly different from MS define */
-typedef PVOID SRWLOCK, *PSRWLOCK;
-#endif
-#endif
#ifndef SRWLOCK_INIT
#define SRWLOCK_INIT NULL
#endif
diff --git a/libs/libcurl/src/escape.c b/libs/libcurl/src/escape.c index de706797a2..a64137c8ae 100644 --- a/libs/libcurl/src/escape.c +++ b/libs/libcurl/src/escape.c @@ -38,33 +38,6 @@ #include "curl_memory.h"
#include "memdebug.h"
-/* Portable character check (remember EBCDIC). Do not use isalnum() because
- its behavior is altered by the current locale.
- See https://datatracker.ietf.org/doc/html/rfc3986#section-2.3
-*/
-bool Curl_isunreserved(unsigned char in)
-{
- switch(in) {
- case '0': case '1': case '2': case '3': case '4':
- case '5': case '6': case '7': case '8': case '9':
- case 'a': case 'b': case 'c': case 'd': case 'e':
- case 'f': case 'g': case 'h': case 'i': case 'j':
- case 'k': case 'l': case 'm': case 'n': case 'o':
- case 'p': case 'q': case 'r': case 's': case 't':
- case 'u': case 'v': case 'w': case 'x': case 'y': case 'z':
- case 'A': case 'B': case 'C': case 'D': case 'E':
- case 'F': case 'G': case 'H': case 'I': case 'J':
- case 'K': case 'L': case 'M': case 'N': case 'O':
- case 'P': case 'Q': case 'R': case 'S': case 'T':
- case 'U': case 'V': case 'W': case 'X': case 'Y': case 'Z':
- case '-': case '.': case '_': case '~':
- return TRUE;
- default:
- break;
- }
- return FALSE;
-}
-
/* for ABI-compatibility with previous versions */
char *curl_escape(const char *string, int inlength)
{
@@ -99,7 +72,7 @@ char *curl_easy_escape(struct Curl_easy *data, const char *string, while(length--) {
unsigned char in = *string++; /* treat the characters unsigned */
- if(Curl_isunreserved(in)) {
+ if(ISUNRESERVED(in)) {
/* append this */
if(Curl_dyn_addn(&d, &in, 1))
return NULL;
@@ -233,3 +206,29 @@ void curl_free(void *p) {
free(p);
}
+
+/*
+ * Curl_hexencode()
+ *
+ * Converts binary input to lowercase hex-encoded ASCII output.
+ * Null-terminated.
+ */
+void Curl_hexencode(const unsigned char *src, size_t len, /* input length */
+ unsigned char *out, size_t olen) /* output buffer size */
+{
+ const char *hex = "0123456789abcdef";
+ DEBUGASSERT(src && len && (olen >= 3));
+ if(src && len && (olen >= 3)) {
+ while(len-- && (olen >= 3)) {
+ /* clang-tidy warns on this line without this comment: */
+ /* NOLINTNEXTLINE(clang-analyzer-core.UndefinedBinaryOperatorResult) */
+ *out++ = hex[(*src & 0xF0)>>4];
+ *out++ = hex[*src & 0x0F];
+ ++src;
+ olen -= 2;
+ }
+ *out = 0;
+ }
+ else if(olen)
+ *out = 0;
+}
diff --git a/libs/libcurl/src/escape.h b/libs/libcurl/src/escape.h index f2aa0d6df1..d2039af1e1 100644 --- a/libs/libcurl/src/escape.h +++ b/libs/libcurl/src/escape.h @@ -26,7 +26,7 @@ /* Escape and unescape URL encoding in strings. The functions return a new
* allocated string or NULL if an error occurred. */
-bool Curl_isunreserved(unsigned char in);
+#include "curl_ctype.h"
enum urlreject {
REJECT_NADA = 2,
@@ -38,4 +38,7 @@ CURLcode Curl_urldecode(const char *string, size_t length, char **ostring, size_t *olen,
enum urlreject ctrl);
+void Curl_hexencode(const unsigned char *src, size_t len, /* input length */
+ unsigned char *out, size_t olen); /* output buffer size */
+
#endif /* HEADER_CURL_ESCAPE_H */
diff --git a/libs/libcurl/src/file.c b/libs/libcurl/src/file.c index 39b9e80059..925372cf3f 100644 --- a/libs/libcurl/src/file.c +++ b/libs/libcurl/src/file.c @@ -571,7 +571,9 @@ static CURLcode file_do(struct Curl_easy *data, bool *done) if(result)
return result;
- Curl_pgrsSetDownloadCounter(data, bytecount);
+ result = Curl_pgrsSetDownloadCounter(data, bytecount);
+ if(result)
+ return result;
if(Curl_pgrsUpdate(data))
result = CURLE_ABORTED_BY_CALLBACK;
diff --git a/libs/libcurl/src/fopen.c b/libs/libcurl/src/fopen.c index 60dd1e18c4..d1b2c57e31 100644 --- a/libs/libcurl/src/fopen.c +++ b/libs/libcurl/src/fopen.c @@ -64,7 +64,7 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename, fclose(*fh);
*fh = NULL;
- result = Curl_rand_hex(data, randsuffix, sizeof(randsuffix));
+ result = Curl_rand_alnum(data, randsuffix, sizeof(randsuffix));
if(result)
goto fail;
diff --git a/libs/libcurl/src/formdata.c b/libs/libcurl/src/formdata.c index b02213161b..337cd3b2c5 100644 --- a/libs/libcurl/src/formdata.c +++ b/libs/libcurl/src/formdata.c @@ -789,6 +789,20 @@ static CURLcode setname(curl_mimepart *part, const char *name, size_t len) return res;
}
+/* wrap call to fseeko so it matches the calling convention of callback */
+static int fseeko_wrapper(void *stream, curl_off_t offset, int whence)
+{
+#if defined(HAVE_FSEEKO)
+ return fseeko(stream, (off_t)offset, whence);
+#elif defined(HAVE__FSEEKI64)
+ return _fseeki64(stream, (__int64)offset, whence);
+#else
+ if(offset > LONG_MAX)
+ return -1;
+ return fseek(stream, (long)offset, whence);
+#endif
+}
+
/*
* Curl_getformdata() converts a linked list of "meta data" into a mime
* structure. The input list is in 'post', while the output is stored in
@@ -874,8 +888,7 @@ CURLcode Curl_getformdata(struct Curl_easy *data, compatibility: use of "-" pseudo file name should be avoided. */
result = curl_mime_data_cb(part, (curl_off_t) -1,
(curl_read_callback) fread,
- CURLX_FUNCTION_CAST(curl_seek_callback,
- fseek),
+ fseeko_wrapper,
NULL, (void *) stdin);
}
else
diff --git a/libs/libcurl/src/ftp.c b/libs/libcurl/src/ftp.c index 3e10be2de4..a4e0045122 100644 --- a/libs/libcurl/src/ftp.c +++ b/libs/libcurl/src/ftp.c @@ -2067,6 +2067,31 @@ static bool ftp_213_date(const char *p, int *year, int *month, int *day, return TRUE;
}
+static CURLcode client_write_header(struct Curl_easy *data,
+ char *buf, size_t blen)
+{
+ /* Some replies from an FTP server are written to the client
+ * as CLIENTWRITE_HEADER, formatted as if they came from a
+ * HTTP conversation.
+ * In all protocols, CLIENTWRITE_HEADER data is only passed to
+ * the body write callback when data->set.include_header is set
+ * via CURLOPT_HEADER.
+ * For historic reasons, FTP never played this game and expects
+ * all its HEADERs to do that always. Set that flag during the
+ * call to Curl_client_write() so it does the right thing.
+ *
+ * Notice that we cannot enable this flag for FTP in general,
+ * as an FTP transfer might involve a HTTP proxy connection and
+ * headers from CONNECT should not automatically be part of the
+ * output. */
+ CURLcode result;
+ int save = data->set.include_header;
+ data->set.include_header = TRUE;
+ result = Curl_client_write(data, CLIENTWRITE_HEADER, buf, blen);
+ data->set.include_header = save? TRUE:FALSE;
+ return result;
+}
+
static CURLcode ftp_state_mdtm_resp(struct Curl_easy *data,
int ftpcode)
{
@@ -2120,8 +2145,7 @@ static CURLcode ftp_state_mdtm_resp(struct Curl_easy *data, tm->tm_hour,
tm->tm_min,
tm->tm_sec);
- result = Curl_client_write(data, CLIENTWRITE_BOTH, headerbuf,
- headerbuflen);
+ result = client_write_header(data, headerbuf, headerbuflen);
if(result)
return result;
} /* end of a ridiculous amount of conditionals */
@@ -2331,7 +2355,7 @@ static CURLcode ftp_state_size_resp(struct Curl_easy *data, char clbuf[128];
int clbuflen = msnprintf(clbuf, sizeof(clbuf),
"Content-Length: %" CURL_FORMAT_CURL_OFF_T "\r\n", filesize);
- result = Curl_client_write(data, CLIENTWRITE_BOTH, clbuf, clbuflen);
+ result = client_write_header(data, clbuf, clbuflen);
if(result)
return result;
}
@@ -2365,8 +2389,7 @@ static CURLcode ftp_state_rest_resp(struct Curl_easy *data, #ifdef CURL_FTP_HTTPSTYLE_HEAD
if(ftpcode == 350) {
char buffer[24]= { "Accept-ranges: bytes\r\n" };
- result = Curl_client_write(data, CLIENTWRITE_BOTH, buffer,
- strlen(buffer));
+ result = client_write_header(data, buffer, strlen(buffer));
if(result)
return result;
}
@@ -3457,7 +3480,7 @@ CURLcode ftp_sendquote(struct Curl_easy *data, /* if a command starts with an asterisk, which a legal FTP command never
can, the command will be allowed to fail without it causing any
aborts or cancels etc. It will cause libcurl to act as if the command
- is successful, whatever the server reponds. */
+ is successful, whatever the server responds. */
if(cmd[0] == '*') {
cmd++;
diff --git a/libs/libcurl/src/ftplistparser.c b/libs/libcurl/src/ftplistparser.c index 7c88595335..4d54379acc 100644 --- a/libs/libcurl/src/ftplistparser.c +++ b/libs/libcurl/src/ftplistparser.c @@ -379,7 +379,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t nmemb, /* scenario:
* 1. call => OK..
* 2. call => OUT_OF_MEMORY (or other error)
- * 3. (last) call => is skipped RIGHT HERE and the error is hadled later
+ * 3. (last) call => is skipped RIGHT HERE and the error is handled later
* in wc_statemach()
*/
goto fail;
diff --git a/libs/libcurl/src/hmac.c b/libs/libcurl/src/hmac.c index 9172ff71a2..48ddb42ab4 100644 --- a/libs/libcurl/src/hmac.c +++ b/libs/libcurl/src/hmac.c @@ -26,8 +26,8 @@ #include "curl_setup.h"
-#if (defined(USE_CURL_NTLM_CORE) && !defined(USE_WINDOWS_SSPI)) \
- || !defined(CURL_DISABLE_AWS)
+#if (defined(USE_CURL_NTLM_CORE) && !defined(USE_WINDOWS_SSPI)) \
+ || !defined(CURL_DISABLE_AWS) || !defined(CURL_DISABLE_DIGEST_AUTH)
#include <curl/curl.h>
diff --git a/libs/libcurl/src/hostip.c b/libs/libcurl/src/hostip.c index 52632e7162..5490650ee9 100644 --- a/libs/libcurl/src/hostip.c +++ b/libs/libcurl/src/hostip.c @@ -41,12 +41,8 @@ #include <inet.h>
#endif
-#ifdef HAVE_SETJMP_H
#include <setjmp.h>
-#endif
-#ifdef HAVE_SIGNAL_H
#include <signal.h>
-#endif
#include "urldata.h"
#include "sendf.h"
diff --git a/libs/libcurl/src/hostip.h b/libs/libcurl/src/hostip.h index 28381dc37a..756d55c1d3 100644 --- a/libs/libcurl/src/hostip.h +++ b/libs/libcurl/src/hostip.h @@ -30,9 +30,7 @@ #include "timeval.h" /* for timediff_t */
#include "asyn.h"
-#ifdef HAVE_SETJMP_H
#include <setjmp.h>
-#endif
/* Allocate enough memory to hold the full name information structs and
* everything. OSF1 is known to require at least 8872 bytes. The buffer
diff --git a/libs/libcurl/src/http.c b/libs/libcurl/src/http.c index 68d4bb3655..9b935d88e1 100644 --- a/libs/libcurl/src/http.c +++ b/libs/libcurl/src/http.c @@ -1139,6 +1139,8 @@ CURLcode Curl_http_input_auth(struct Curl_easy *data, bool proxy, data->state.authproblem = TRUE;
}
}
+#else
+ ;
#endif
/* there may be multiple methods on one line, so keep reading */
@@ -1157,8 +1159,6 @@ CURLcode Curl_http_input_auth(struct Curl_easy *data, bool proxy, * http_should_fail() determines whether an HTTP response has gotten us
* into an error state or not.
*
- * @param conn all information about the current connection
- *
* @retval FALSE communications should continue
*
* @retval TRUE communications should not continue
@@ -1602,8 +1602,6 @@ CURLcode Curl_http_done(struct Curl_easy *data, data->state.authhost.multipass = FALSE;
data->state.authproxy.multipass = FALSE;
- Curl_unencode_cleanup(data);
-
/* set the proper values (possibly modified on POST) */
conn->seek_func = data->set.seek_func; /* restore */
conn->seek_client = data->set.seek_client; /* restore */
@@ -3970,18 +3968,23 @@ CURLcode Curl_bump_headersize(struct Curl_easy *data, bool connect_only)
{
size_t bad = 0;
+ unsigned int max = MAX_HTTP_RESP_HEADER_SIZE;
if(delta < MAX_HTTP_RESP_HEADER_SIZE) {
+ data->info.header_size += (unsigned int)delta;
+ data->req.allheadercount += (unsigned int)delta;
if(!connect_only)
data->req.headerbytecount += (unsigned int)delta;
- data->info.header_size += (unsigned int)delta;
- if(data->info.header_size > MAX_HTTP_RESP_HEADER_SIZE)
+ if(data->req.allheadercount > max)
+ bad = data->req.allheadercount;
+ else if(data->info.header_size > (max * 20)) {
bad = data->info.header_size;
+ max *= 20;
+ }
}
else
- bad = data->info.header_size + delta;
+ bad = data->req.allheadercount + delta;
if(bad) {
- failf(data, "Too large response headers: %zu > %u",
- bad, MAX_HTTP_RESP_HEADER_SIZE);
+ failf(data, "Too large response headers: %zu > %u", bad, max);
return CURLE_RECV_ERROR;
}
return CURLE_OK;
@@ -4231,7 +4234,6 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, /* now, only output this if the header AND body are requested:
*/
writetype = CLIENTWRITE_HEADER |
- (data->set.include_header ? CLIENTWRITE_BODY : 0) |
((k->httpcode/100 == 1) ? CLIENTWRITE_1XX : 0);
headerlen = Curl_dyn_len(&data->state.headerb);
@@ -4563,8 +4565,6 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, /*
* End of header-checks. Write them to the client.
*/
- if(data->set.include_header)
- writetype |= CLIENTWRITE_BODY;
if(k->httpcode/100 == 1)
writetype |= CLIENTWRITE_1XX;
diff --git a/libs/libcurl/src/http1.c b/libs/libcurl/src/http1.c index 1f54cf7212..3cef64f5c1 100644 --- a/libs/libcurl/src/http1.c +++ b/libs/libcurl/src/http1.c @@ -318,5 +318,29 @@ out: return nread;
}
+CURLcode Curl_h1_req_write_head(struct httpreq *req, int http_minor,
+ struct dynbuf *dbuf)
+{
+ CURLcode result;
+
+ result = Curl_dyn_addf(dbuf, "%s %s%s%s%s HTTP/1.%d\r\n",
+ req->method,
+ req->scheme? req->scheme : "",
+ req->scheme? "://" : "",
+ req->authority? req->authority : "",
+ req->path? req->path : "",
+ http_minor);
+ if(result)
+ goto out;
+
+ result = Curl_dynhds_h1_dprint(&req->headers, dbuf);
+ if(result)
+ goto out;
+
+ result = Curl_dyn_addn(dbuf, STRCONST("\r\n"));
+
+out:
+ return result;
+}
#endif /* !CURL_DISABLE_HTTP */
diff --git a/libs/libcurl/src/http1.h b/libs/libcurl/src/http1.h index 0047b349ca..650c984922 100644 --- a/libs/libcurl/src/http1.h +++ b/libs/libcurl/src/http1.h @@ -56,6 +56,8 @@ ssize_t Curl_h1_req_parse_read(struct h1_req_parser *parser, CURLcode Curl_h1_req_dprint(const struct httpreq *req,
struct dynbuf *dbuf);
+CURLcode Curl_h1_req_write_head(struct httpreq *req, int http_minor,
+ struct dynbuf *dbuf);
#endif /* !CURL_DISABLE_HTTP */
#endif /* HEADER_CURL_HTTP1_H */
diff --git a/libs/libcurl/src/http2.c b/libs/libcurl/src/http2.c index e7a7d69f27..ba3bfef61c 100644 --- a/libs/libcurl/src/http2.c +++ b/libs/libcurl/src/http2.c @@ -1688,7 +1688,7 @@ static ssize_t http2_handle_stream_close(struct Curl_cfilter *cf, "connection", stream->id);
connclose(cf->conn, "REFUSED_STREAM"); /* don't use this anymore */
data->state.refused_stream = TRUE;
- *err = CURLE_SEND_ERROR; /* trigger Curl_retry_request() later */
+ *err = CURLE_RECV_ERROR; /* trigger Curl_retry_request() later */
return -1;
}
else if(stream->error != NGHTTP2_NO_ERROR) {
@@ -2313,7 +2313,7 @@ out: "h2 windows %d-%d (stream-conn), "
"buffers %zu-%zu (stream-conn)",
stream->id, len, nwritten, *err,
- (ssize_t)stream->upload_left,
+ stream->upload_left,
nghttp2_session_get_stream_remote_window_size(
ctx->h2, stream->id),
nghttp2_session_get_remote_window_size(ctx->h2),
@@ -2425,6 +2425,8 @@ static void cf_h2_close(struct Curl_cfilter *cf, struct Curl_easy *data) cf_h2_ctx_clear(ctx);
CF_DATA_RESTORE(cf, save);
}
+ if(cf->next)
+ cf->next->cft->do_close(cf->next, data);
}
static void cf_h2_destroy(struct Curl_cfilter *cf, struct Curl_easy *data)
diff --git a/libs/libcurl/src/http_aws_sigv4.c b/libs/libcurl/src/http_aws_sigv4.c index 395c8093cc..8bbc022511 100644 --- a/libs/libcurl/src/http_aws_sigv4.c +++ b/libs/libcurl/src/http_aws_sigv4.c @@ -34,6 +34,7 @@ #include "transfer.h"
#include "parsedate.h"
#include "sendf.h"
+#include "escape.h"
#include <time.h>
@@ -63,11 +64,8 @@ static void sha256_to_hex(char *dst, unsigned char *sha)
{
- int i;
-
- for(i = 0; i < SHA256_DIGEST_LENGTH; ++i) {
- msnprintf(dst + (i * 2), SHA256_HEX_LENGTH - (i * 2), "%02x", sha[i]);
- }
+ Curl_hexencode(sha, SHA256_DIGEST_LENGTH,
+ (unsigned char *)dst, SHA256_HEX_LENGTH);
}
static char *find_date_hdr(struct Curl_easy *data, const char *sig_hdr)
@@ -409,6 +407,11 @@ static int compare_func(const void *a, const void *b) {
const struct pair *aa = a;
const struct pair *bb = b;
+ /* If one element is empty, the other is always sorted higher */
+ if(aa->len == 0)
+ return -1;
+ if(bb->len == 0)
+ return 1;
return strncmp(aa->p, bb->p, aa->len < bb->len ? aa->len : bb->len);
}
diff --git a/libs/libcurl/src/http_chunks.c b/libs/libcurl/src/http_chunks.c index 100eb07ea7..5541dd5b1b 100644 --- a/libs/libcurl/src/http_chunks.c +++ b/libs/libcurl/src/http_chunks.c @@ -175,10 +175,7 @@ CHUNKcode Curl_httpchunk_read(struct Curl_easy *data, /* Write the data portion available */
if(!data->set.http_te_skip && !k->ignorebody) {
- if(!data->set.http_ce_skip && k->writer_stack)
- result = Curl_unencode_write(data, k->writer_stack, datap, piece);
- else
- result = Curl_client_write(data, CLIENTWRITE_BODY, datap, piece);
+ result = Curl_client_write(data, CLIENTWRITE_BODY, datap, piece);
if(result) {
*extrap = result;
diff --git a/libs/libcurl/src/http_proxy.c b/libs/libcurl/src/http_proxy.c index fb4e4fa91c..4c247cc96e 100644 --- a/libs/libcurl/src/http_proxy.c +++ b/libs/libcurl/src/http_proxy.c @@ -52,6 +52,113 @@ #include "memdebug.h"
+CURLcode Curl_http_proxy_get_destination(struct Curl_cfilter *cf,
+ const char **phostname,
+ int *pport, bool *pipv6_ip)
+{
+ DEBUGASSERT(cf);
+ DEBUGASSERT(cf->conn);
+
+ if(cf->conn->bits.conn_to_host)
+ *phostname = cf->conn->conn_to_host.name;
+ else if(cf->sockindex == SECONDARYSOCKET)
+ *phostname = cf->conn->secondaryhostname;
+ else
+ *phostname = cf->conn->host.name;
+
+ if(cf->sockindex == SECONDARYSOCKET)
+ *pport = cf->conn->secondary_port;
+ else if(cf->conn->bits.conn_to_port)
+ *pport = cf->conn->conn_to_port;
+ else
+ *pport = cf->conn->remote_port;
+
+ if(*phostname != cf->conn->host.name)
+ *pipv6_ip = (strchr(*phostname, ':') != NULL);
+ else
+ *pipv6_ip = cf->conn->bits.ipv6_ip;
+
+ return CURLE_OK;
+}
+
+CURLcode Curl_http_proxy_create_CONNECT(struct httpreq **preq,
+ struct Curl_cfilter *cf,
+ struct Curl_easy *data,
+ int http_version_major)
+{
+ const char *hostname = NULL;
+ char *authority = NULL;
+ int port;
+ bool ipv6_ip;
+ CURLcode result;
+ struct httpreq *req = NULL;
+
+ result = Curl_http_proxy_get_destination(cf, &hostname, &port, &ipv6_ip);
+ if(result)
+ goto out;
+
+ authority = aprintf("%s%s%s:%d", ipv6_ip?"[":"", hostname,
+ ipv6_ip?"]":"", port);
+ if(!authority) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
+
+ result = Curl_http_req_make(&req, "CONNECT", sizeof("CONNECT")-1,
+ NULL, 0, authority, strlen(authority),
+ NULL, 0);
+ if(result)
+ goto out;
+
+ /* Setup the proxy-authorization header, if any */
+ result = Curl_http_output_auth(data, cf->conn, req->method, HTTPREQ_GET,
+ req->authority, TRUE);
+ if(result)
+ goto out;
+
+ /* If user is not overriding Host: header, we add for HTTP/1.x */
+ if(http_version_major == 1 &&
+ !Curl_checkProxyheaders(data, cf->conn, STRCONST("Host"))) {
+ result = Curl_dynhds_cadd(&req->headers, "Host", authority);
+ if(result)
+ goto out;
+ }
+
+ if(data->state.aptr.proxyuserpwd) {
+ result = Curl_dynhds_h1_cadd_line(&req->headers,
+ data->state.aptr.proxyuserpwd);
+ if(result)
+ goto out;
+ }
+
+ if(!Curl_checkProxyheaders(data, cf->conn, STRCONST("User-Agent"))
+ && data->set.str[STRING_USERAGENT]) {
+ result = Curl_dynhds_cadd(&req->headers, "User-Agent",
+ data->set.str[STRING_USERAGENT]);
+ if(result)
+ goto out;
+ }
+
+ if(http_version_major == 1 &&
+ !Curl_checkProxyheaders(data, cf->conn, STRCONST("Proxy-Connection"))) {
+ result = Curl_dynhds_cadd(&req->headers, "Proxy-Connection", "Keep-Alive");
+ if(result)
+ goto out;
+ }
+
+ result = Curl_dynhds_add_custom(data, TRUE, &req->headers);
+
+out:
+ if(result && req) {
+ Curl_http_req_free(req);
+ req = NULL;
+ }
+ free(authority);
+ *preq = req;
+ return result;
+}
+
+
struct cf_proxy_ctx {
/* the protocol specific sub-filter we install during connect */
struct Curl_cfilter *cf_protocol;
@@ -105,7 +212,6 @@ connect_sub: break;
#endif
default:
- CURL_TRC_CF(data, cf, "installing subfilter for default HTTP/1.1");
infof(data, "CONNECT tunnel: unsupported ALPN(%d) negotiated", alpn);
result = CURLE_COULDNT_CONNECT;
goto out;
diff --git a/libs/libcurl/src/http_proxy.h b/libs/libcurl/src/http_proxy.h index ce09046e95..5566a7c0bd 100644 --- a/libs/libcurl/src/http_proxy.h +++ b/libs/libcurl/src/http_proxy.h @@ -30,6 +30,15 @@ #include "urldata.h"
+CURLcode Curl_http_proxy_get_destination(struct Curl_cfilter *cf,
+ const char **phostname,
+ int *pport, bool *pipv6_ip);
+
+CURLcode Curl_http_proxy_create_CONNECT(struct httpreq **preq,
+ struct Curl_cfilter *cf,
+ struct Curl_easy *data,
+ int http_version_major);
+
/* Default proxy timeout in milliseconds */
#define PROXY_TIMEOUT (3600*1000)
diff --git a/libs/libcurl/src/idn.c b/libs/libcurl/src/idn.c index 80836bef5e..b409039ade 100644 --- a/libs/libcurl/src/idn.c +++ b/libs/libcurl/src/idn.c @@ -91,6 +91,8 @@ static CURLcode win32_idn_to_ascii(const char *in, char **out) else
return CURLE_URL_MALFORMAT;
}
+ else
+ return CURLE_URL_MALFORMAT;
return CURLE_OK;
}
@@ -174,6 +176,9 @@ static CURLcode idn_decode(const char *input, char **output) if(rc != IDN2_OK)
result = CURLE_URL_MALFORMAT;
}
+ else
+ /* a too old libidn2 version */
+ result = CURLE_NOT_BUILT_IN;
#elif defined(USE_WIN32_IDN)
result = win32_idn_to_ascii(input, &decoded);
#endif
diff --git a/libs/libcurl/src/inet_ntop.c b/libs/libcurl/src/inet_ntop.c index 90a9453a30..cf07b888dc 100644 --- a/libs/libcurl/src/inet_ntop.c +++ b/libs/libcurl/src/inet_ntop.c @@ -96,10 +96,10 @@ static char *inet_ntop6 (const unsigned char *src, char *dst, size_t size) char tmp[sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255")];
char *tp;
struct {
- long base;
- long len;
+ int base;
+ int len;
} best, cur;
- unsigned long words[IN6ADDRSZ / INT16SZ];
+ unsigned int words[IN6ADDRSZ / INT16SZ];
int i;
/* Preprocess:
@@ -108,7 +108,7 @@ static char *inet_ntop6 (const unsigned char *src, char *dst, size_t size) */
memset(words, '\0', sizeof(words));
for(i = 0; i < IN6ADDRSZ; i++)
- words[i/2] |= (src[i] << ((1 - (i % 2)) << 3));
+ words[i/2] |= ((unsigned int)src[i] << ((1 - (i % 2)) << 3));
best.base = -1;
cur.base = -1;
@@ -159,7 +159,7 @@ static char *inet_ntop6 (const unsigned char *src, char *dst, size_t size) tp += strlen(tp);
break;
}
- tp += msnprintf(tp, 5, "%lx", words[i]);
+ tp += msnprintf(tp, 5, "%x", words[i]);
}
/* Was it a trailing run of 0x00's?
diff --git a/libs/libcurl/src/ldap.c b/libs/libcurl/src/ldap.c index c144c24d51..a67a487a89 100644 --- a/libs/libcurl/src/ldap.c +++ b/libs/libcurl/src/ldap.c @@ -735,7 +735,9 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) if(result)
goto quit;
dlsize++;
- Curl_pgrsSetDownloadCounter(data, dlsize);
+ result = Curl_pgrsSetDownloadCounter(data, dlsize);
+ if(result)
+ goto quit;
}
if(ber)
diff --git a/libs/libcurl/src/libcurl.plist b/libs/libcurl/src/libcurl.plist index 62325c2f70..216f07a612 100644 --- a/libs/libcurl/src/libcurl.plist +++ b/libs/libcurl/src/libcurl.plist @@ -15,7 +15,7 @@ <string>se.curl.libcurl</string>
<key>CFBundleVersion</key>
- <string>8.3.0</string>
+ <string>8.4.0</string>
<key>CFBundleName</key>
<string>libcurl</string>
@@ -27,9 +27,9 @@ <string>????</string>
<key>CFBundleShortVersionString</key>
- <string>libcurl 8.3.0</string>
+ <string>libcurl 8.4.0</string>
<key>CFBundleGetInfoString</key>
- <string>libcurl.plist 8.3.0</string>
+ <string>libcurl.plist 8.4.0</string>
</dict>
</plist>
diff --git a/libs/libcurl/src/mime.c b/libs/libcurl/src/mime.c index 90849e7508..19ac72c49f 100644 --- a/libs/libcurl/src/mime.c +++ b/libs/libcurl/src/mime.c @@ -1289,9 +1289,9 @@ curl_mime *curl_mime_init(struct Curl_easy *easy) mime->lastpart = NULL;
memset(mime->boundary, '-', MIME_BOUNDARY_DASHES);
- if(Curl_rand_hex(easy,
- (unsigned char *) &mime->boundary[MIME_BOUNDARY_DASHES],
- MIME_RAND_BOUNDARY_CHARS + 1)) {
+ if(Curl_rand_alnum(easy,
+ (unsigned char *) &mime->boundary[MIME_BOUNDARY_DASHES],
+ MIME_RAND_BOUNDARY_CHARS + 1)) {
/* failed to get random separator, bail out */
free(mime);
return NULL;
diff --git a/libs/libcurl/src/mime.h b/libs/libcurl/src/mime.h index 8abb4194b3..359fceea04 100644 --- a/libs/libcurl/src/mime.h +++ b/libs/libcurl/src/mime.h @@ -27,7 +27,7 @@ #include "curl_setup.h"
#define MIME_BOUNDARY_DASHES 24 /* leading boundary dashes */
-#define MIME_RAND_BOUNDARY_CHARS 16 /* Nb. of random boundary chars. */
+#define MIME_RAND_BOUNDARY_CHARS 22 /* Nb. of random boundary chars. */
#define MAX_ENCODED_LINE_LENGTH 76 /* Maximum encoded line length. */
#define ENCODING_BUFFER_SIZE 256 /* Encoding temp buffers size. */
diff --git a/libs/libcurl/src/mqtt.c b/libs/libcurl/src/mqtt.c index eb4ee55533..712b736250 100644 --- a/libs/libcurl/src/mqtt.c +++ b/libs/libcurl/src/mqtt.c @@ -109,6 +109,7 @@ static CURLcode mqtt_setup_conn(struct Curl_easy *data, mq = calloc(1, sizeof(struct MQTT));
if(!mq)
return CURLE_OUT_OF_MEMORY;
+ Curl_dyn_init(&mq->recvbuf, DYN_MQTT_RECV);
data->req.p.mqtt = mq;
return CURLE_OK;
}
@@ -295,12 +296,12 @@ static CURLcode mqtt_connect(struct Curl_easy *data) /* set initial values for the CONNECT packet */
pos = init_connpack(packet, remain, remain_pos);
- result = Curl_rand_hex(data, (unsigned char *)&client_id[clen],
- MQTT_CLIENTID_LEN - clen + 1);
+ result = Curl_rand_alnum(data, (unsigned char *)&client_id[clen],
+ MQTT_CLIENTID_LEN - clen + 1);
/* add client id */
rc = add_client_id(client_id, strlen(client_id), packet, pos + 1);
if(rc) {
- failf(data, "Client ID length mismatched: [%lu]", strlen(client_id));
+ failf(data, "Client ID length mismatched: [%zu]", strlen(client_id));
result = CURLE_WEIRD_SERVER_REPLY;
goto end;
}
@@ -317,7 +318,7 @@ static CURLcode mqtt_connect(struct Curl_easy *data) rc = add_user(username, ulen,
(unsigned char *)packet, start_user, remain_pos);
if(rc) {
- failf(data, "Username is too large: [%lu]", ulen);
+ failf(data, "Username is too large: [%zu]", ulen);
result = CURLE_WEIRD_SERVER_REPLY;
goto end;
}
@@ -327,7 +328,7 @@ static CURLcode mqtt_connect(struct Curl_easy *data) if(plen) {
rc = add_passwd(passwd, plen, packet, start_pwd, remain_pos);
if(rc) {
- failf(data, "Password is too large: [%lu]", plen);
+ failf(data, "Password is too large: [%zu]", plen);
result = CURLE_WEIRD_SERVER_REPLY;
goto end;
}
@@ -350,36 +351,66 @@ static CURLcode mqtt_disconnect(struct Curl_easy *data) struct MQTT *mq = data->req.p.mqtt;
result = mqtt_send(data, (char *)"\xe0\x00", 2);
Curl_safefree(mq->sendleftovers);
+ Curl_dyn_free(&mq->recvbuf);
return result;
}
-static CURLcode mqtt_verify_connack(struct Curl_easy *data)
+static CURLcode mqtt_recv_atleast(struct Curl_easy *data, size_t nbytes)
{
+ struct MQTT *mq = data->req.p.mqtt;
+ size_t rlen = Curl_dyn_len(&mq->recvbuf);
CURLcode result;
- struct connectdata *conn = data->conn;
- curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
- unsigned char readbuf[MQTT_CONNACK_LEN];
- ssize_t nread;
- result = Curl_read(data, sockfd, (char *)readbuf, MQTT_CONNACK_LEN, &nread);
- if(result)
- goto fail;
+ if(rlen < nbytes) {
+ unsigned char readbuf[1024];
+ ssize_t nread;
- Curl_debug(data, CURLINFO_HEADER_IN, (char *)readbuf, (size_t)nread);
+ DEBUGASSERT(nbytes - rlen < sizeof(readbuf));
+ result = Curl_read(data, data->conn->sock[FIRSTSOCKET],
+ (char *)readbuf, nbytes - rlen, &nread);
+ if(result)
+ return result;
+ DEBUGASSERT(nread >= 0);
+ if(Curl_dyn_addn(&mq->recvbuf, readbuf, (size_t)nread))
+ return CURLE_OUT_OF_MEMORY;
+ rlen = Curl_dyn_len(&mq->recvbuf);
+ }
+ return (rlen >= nbytes)? CURLE_OK : CURLE_AGAIN;
+}
- /* fixme */
- if(nread < MQTT_CONNACK_LEN) {
- result = CURLE_WEIRD_SERVER_REPLY;
+static void mqtt_recv_consume(struct Curl_easy *data, size_t nbytes)
+{
+ struct MQTT *mq = data->req.p.mqtt;
+ size_t rlen = Curl_dyn_len(&mq->recvbuf);
+ if(rlen <= nbytes)
+ Curl_dyn_reset(&mq->recvbuf);
+ else
+ Curl_dyn_tail(&mq->recvbuf, rlen - nbytes);
+}
+
+static CURLcode mqtt_verify_connack(struct Curl_easy *data)
+{
+ struct MQTT *mq = data->req.p.mqtt;
+ CURLcode result;
+ char *ptr;
+
+ result = mqtt_recv_atleast(data, MQTT_CONNACK_LEN);
+ if(result)
goto fail;
- }
/* verify CONNACK */
- if(readbuf[0] != 0x00 || readbuf[1] != 0x00) {
+ DEBUGASSERT(Curl_dyn_len(&mq->recvbuf) >= MQTT_CONNACK_LEN);
+ ptr = Curl_dyn_ptr(&mq->recvbuf);
+ Curl_debug(data, CURLINFO_HEADER_IN, ptr, MQTT_CONNACK_LEN);
+
+ if(ptr[0] != 0x00 || ptr[1] != 0x00) {
failf(data, "Expected %02x%02x but got %02x%02x",
- 0x00, 0x00, readbuf[0], readbuf[1]);
+ 0x00, 0x00, ptr[0], ptr[1]);
+ Curl_dyn_reset(&mq->recvbuf);
result = CURLE_WEIRD_SERVER_REPLY;
+ goto fail;
}
-
+ mqtt_recv_consume(data, MQTT_CONNACK_LEN);
fail:
return result;
}
@@ -452,31 +483,29 @@ fail: */
static CURLcode mqtt_verify_suback(struct Curl_easy *data)
{
- CURLcode result;
+ struct MQTT *mq = data->req.p.mqtt;
struct connectdata *conn = data->conn;
- curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
- unsigned char readbuf[MQTT_SUBACK_LEN];
- ssize_t nread;
struct mqtt_conn *mqtt = &conn->proto.mqtt;
+ CURLcode result;
+ char *ptr;
- result = Curl_read(data, sockfd, (char *)readbuf, MQTT_SUBACK_LEN, &nread);
+ result = mqtt_recv_atleast(data, MQTT_SUBACK_LEN);
if(result)
goto fail;
- Curl_debug(data, CURLINFO_HEADER_IN, (char *)readbuf, (size_t)nread);
-
- /* fixme */
- if(nread < MQTT_SUBACK_LEN) {
+ /* verify SUBACK */
+ DEBUGASSERT(Curl_dyn_len(&mq->recvbuf) >= MQTT_SUBACK_LEN);
+ ptr = Curl_dyn_ptr(&mq->recvbuf);
+ Curl_debug(data, CURLINFO_HEADER_IN, ptr, MQTT_SUBACK_LEN);
+
+ if(((unsigned char)ptr[0]) != ((mqtt->packetid >> 8) & 0xff) ||
+ ((unsigned char)ptr[1]) != (mqtt->packetid & 0xff) ||
+ ptr[2] != 0x00) {
+ Curl_dyn_reset(&mq->recvbuf);
result = CURLE_WEIRD_SERVER_REPLY;
goto fail;
}
-
- /* verify SUBACK */
- if(readbuf[0] != ((mqtt->packetid >> 8) & 0xff) ||
- readbuf[1] != (mqtt->packetid & 0xff) ||
- readbuf[2] != 0x00)
- result = CURLE_WEIRD_SERVER_REPLY;
-
+ mqtt_recv_consume(data, MQTT_SUBACK_LEN);
fail:
return result;
}
@@ -668,7 +697,9 @@ MQTT_SUBACK_COMING: mq->npacket -= nread;
k->bytecount += nread;
- Curl_pgrsSetDownloadCounter(data, k->bytecount);
+ result = Curl_pgrsSetDownloadCounter(data, k->bytecount);
+ if(result)
+ goto end;
/* if QoS is set, message contains packet id */
@@ -711,6 +742,7 @@ static CURLcode mqtt_done(struct Curl_easy *data, (void)status;
(void)premature;
Curl_safefree(mq->sendleftovers);
+ Curl_dyn_free(&mq->recvbuf);
return CURLE_OK;
}
diff --git a/libs/libcurl/src/mqtt.h b/libs/libcurl/src/mqtt.h index 69ac424f29..bb768268f1 100644 --- a/libs/libcurl/src/mqtt.h +++ b/libs/libcurl/src/mqtt.h @@ -56,6 +56,7 @@ struct MQTT { size_t npacket; /* byte counter */
unsigned char firstbyte;
size_t remaining_length;
+ struct dynbuf recvbuf;
};
#endif /* HEADER_CURL_MQTT_H */
diff --git a/libs/libcurl/src/multi.c b/libs/libcurl/src/multi.c index 78c4a23ba4..c655e3ae48 100644 --- a/libs/libcurl/src/multi.c +++ b/libs/libcurl/src/multi.c @@ -665,7 +665,6 @@ static CURLcode multi_done(struct Curl_easy *data, {
CURLcode result;
struct connectdata *conn = data->conn;
- unsigned int i;
#if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
DEBUGF(infof(data, "multi_done[%s]: status: %d prem: %d done: %d",
@@ -721,12 +720,7 @@ static CURLcode multi_done(struct Curl_easy *data, Curl_safefree(data->state.ulbuf);
- /* if the transfer was completed in a paused state there can be buffered
- data left to free */
- for(i = 0; i < data->state.tempcount; i++) {
- Curl_dyn_free(&data->state.tempwrite[i].b);
- }
- data->state.tempcount = 0;
+ Curl_client_cleanup(data);
CONNCACHE_LOCK(data);
Curl_detach_connection(data);
@@ -2131,9 +2125,11 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, }
if(!result)
result = protocol_connect(data, &protocol_connected);
- if(!result && !protocol_connected)
+ if(!result && !protocol_connected) {
/* switch to waiting state */
multistate(data, MSTATE_PROTOCONNECTING);
+ rc = CURLM_CALL_MULTI_PERFORM;
+ }
else if(!result) {
/* protocol connect has completed, go WAITDO or DO */
multistate(data, MSTATE_DO);
@@ -2220,6 +2216,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, /* DO was not completed in one function call, we must continue
DOING... */
multistate(data, MSTATE_DOING);
+ rc = CURLM_CALL_MULTI_PERFORM;
}
/* after DO, go DO_DONE... or DO_MORE */
@@ -2227,6 +2224,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, /* we're supposed to do more, but we need to sit down, relax
and wait a little while first */
multistate(data, MSTATE_DOING_MORE);
+ rc = CURLM_CALL_MULTI_PERFORM;
}
else {
/* we're done with the DO, now DID */
@@ -3139,7 +3137,7 @@ static CURLMcode add_next_timeout(struct curltime now, struct Curl_llist_element *n = e->next;
timediff_t diff;
node = (struct time_node *)e->ptr;
- diff = Curl_timediff(node->time, now);
+ diff = Curl_timediff_us(node->time, now);
if(diff <= 0)
/* remove outdated entry */
Curl_llist_remove(list, e, NULL);
@@ -3422,20 +3420,10 @@ static CURLMcode multi_timeout(struct Curl_multi *multi, if(Curl_splaycomparekeys(multi->timetree->key, now) > 0) {
/* some time left before expiration */
- timediff_t diff = Curl_timediff(multi->timetree->key, now);
- if(diff <= 0)
- /*
- * Since we only provide millisecond resolution on the returned value
- * and the diff might be less than one millisecond here, we don't
- * return zero as that may cause short bursts of busyloops on fast
- * processors while the diff is still present but less than one
- * millisecond! instead we return 1 until the time is ripe.
- */
- *timeout_ms = 1;
- else
- /* this should be safe even on 64 bit archs, as we don't use that
- overly long timeouts */
- *timeout_ms = (long)diff;
+ timediff_t diff = Curl_timediff_ceil(multi->timetree->key, now);
+ /* this should be safe even on 32 bit archs, as we don't use that
+ overly long timeouts */
+ *timeout_ms = (long)diff;
}
else
/* 0 means immediately */
@@ -3783,41 +3771,26 @@ bool Curl_is_in_callback(struct Curl_easy *easy) (easy->multi_easy && easy->multi_easy->in_callback));
}
-#ifdef DEBUGBUILD
-void Curl_multi_dump(struct Curl_multi *multi)
-{
- struct Curl_easy *data;
- int i;
- fprintf(stderr, "* Multi status: %d handles, %d alive\n",
- multi->num_easy, multi->num_alive);
- for(data = multi->easyp; data; data = data->next) {
- if(data->mstate < MSTATE_COMPLETED) {
- /* only display handles that are not completed */
- fprintf(stderr, "handle %p, state %s, %d sockets\n",
- (void *)data,
- multi_statename[data->mstate], data->numsocks);
- for(i = 0; i < data->numsocks; i++) {
- curl_socket_t s = data->sockets[i];
- struct Curl_sh_entry *entry = sh_getentry(&multi->sockhash, s);
-
- fprintf(stderr, "%d ", (int)s);
- if(!entry) {
- fprintf(stderr, "INTERNAL CONFUSION\n");
- continue;
- }
- fprintf(stderr, "[%s %s] ",
- (entry->action&CURL_POLL_IN)?"RECVING":"",
- (entry->action&CURL_POLL_OUT)?"SENDING":"");
- }
- if(data->numsocks)
- fprintf(stderr, "\n");
- }
- }
-}
-#endif
-
unsigned int Curl_multi_max_concurrent_streams(struct Curl_multi *multi)
{
DEBUGASSERT(multi);
return multi->max_concurrent_streams;
}
+
+struct Curl_easy **curl_multi_get_handles(struct Curl_multi *multi)
+{
+ struct Curl_easy **a = malloc(sizeof(struct Curl_easy *) *
+ (multi->num_easy + 1));
+ if(a) {
+ int i = 0;
+ struct Curl_easy *e = multi->easyp;
+ while(e) {
+ DEBUGASSERT(i < multi->num_easy);
+ if(!e->internal)
+ a[i++] = e;
+ e = e->next;
+ }
+ a[i] = NULL; /* last entry is a NULL */
+ }
+ return a;
+}
diff --git a/libs/libcurl/src/multiif.h b/libs/libcurl/src/multiif.h index 1bdd6c660b..fac822c863 100644 --- a/libs/libcurl/src/multiif.h +++ b/libs/libcurl/src/multiif.h @@ -62,15 +62,6 @@ struct Curl_multi *Curl_multi_handle(int hashsize, int chashsize, /* mask for checking if read and/or write is set for index x */
#define GETSOCK_MASK_RW(x) (GETSOCK_READSOCK(x)|GETSOCK_WRITESOCK(x))
-#ifdef DEBUGBUILD
- /*
- * Curl_multi_dump is not a stable public function, this is only meant to
- * allow easier tracking of the internal handle's state and what sockets
- * they use. Only for research and development DEBUGBUILD enabled builds.
- */
-void Curl_multi_dump(struct Curl_multi *multi);
-#endif
-
/* Return the value of the CURLMOPT_MAX_HOST_CONNECTIONS option */
size_t Curl_multi_max_host_connections(struct Curl_multi *multi);
diff --git a/libs/libcurl/src/openldap.c b/libs/libcurl/src/openldap.c index 7d3b9e85e2..fb612660da 100644 --- a/libs/libcurl/src/openldap.c +++ b/libs/libcurl/src/openldap.c @@ -199,11 +199,11 @@ struct ldapreqinfo { };
/*
- * state()
+ * oldap_state()
*
* This is the ONLY way to change LDAP state!
*/
-static void state(struct Curl_easy *data, ldapstate newstate)
+static void oldap_state(struct Curl_easy *data, ldapstate newstate)
{
struct ldapconninfo *ldapc = data->conn->proto.ldapc;
@@ -444,7 +444,7 @@ static CURLcode oldap_perform_bind(struct Curl_easy *data, ldapstate newstate) rc = ldap_sasl_bind(li->ld, binddn, LDAP_SASL_SIMPLE, &passwd,
NULL, NULL, &li->msgid);
if(rc == LDAP_SUCCESS)
- state(data, newstate);
+ oldap_state(data, newstate);
else
result = oldap_map_error(rc,
data->state.aptr.user?
@@ -467,7 +467,7 @@ static CURLcode oldap_perform_mechs(struct Curl_easy *data) (char **) supportedSASLMechanisms, 0,
NULL, NULL, NULL, 0, &li->msgid);
if(rc == LDAP_SUCCESS)
- state(data, OLDAP_MECHS);
+ oldap_state(data, OLDAP_MECHS);
else
result = oldap_map_error(rc, CURLE_LOGIN_DENIED);
return result;
@@ -480,7 +480,7 @@ static CURLcode oldap_perform_sasl(struct Curl_easy *data) struct ldapconninfo *li = data->conn->proto.ldapc;
CURLcode result = Curl_sasl_start(&li->sasl, data, TRUE, &progress);
- state(data, OLDAP_SASL);
+ oldap_state(data, OLDAP_SASL);
if(!result && progress != SASL_INPROGRESS)
result = CURLE_LOGIN_DENIED;
return result;
@@ -503,7 +503,7 @@ static CURLcode oldap_ssl_connect(struct Curl_easy *data, ldapstate newstate) result = Curl_conn_connect(data, FIRSTSOCKET, FALSE, &ssldone);
if(!result) {
- state(data, newstate);
+ oldap_state(data, newstate);
if(ssldone) {
Sockbuf *sb;
@@ -527,7 +527,7 @@ static CURLcode oldap_perform_starttls(struct Curl_easy *data) int rc = ldap_start_tls(li->ld, NULL, NULL, &li->msgid);
if(rc == LDAP_SUCCESS)
- state(data, OLDAP_STARTTLS);
+ oldap_state(data, OLDAP_STARTTLS);
else
result = oldap_map_error(rc, CURLE_USE_SSL_FAILED);
return result;
@@ -682,7 +682,7 @@ static CURLcode oldap_state_sasl_resp(struct Curl_easy *data, else {
result = Curl_sasl_continue(&li->sasl, data, code, &progress);
if(!result && progress != SASL_INPROGRESS)
- state(data, OLDAP_STOP);
+ oldap_state(data, OLDAP_STOP);
}
if(li->servercred)
@@ -710,7 +710,7 @@ static CURLcode oldap_state_bind_resp(struct Curl_easy *data, LDAPMessage *msg, result = oldap_map_error(rc, CURLE_LDAP_CANNOT_BIND);
}
else
- state(data, OLDAP_STOP);
+ oldap_state(data, OLDAP_STOP);
if(bv)
ber_bvfree(bv);
@@ -804,7 +804,8 @@ static CURLcode oldap_connecting(struct Curl_easy *data, bool *done) else if(data->state.aptr.user)
result = oldap_perform_bind(data, OLDAP_BIND);
else {
- state(data, OLDAP_STOP); /* Version 3 supported: no bind required */
+ /* Version 3 supported: no bind required */
+ oldap_state(data, OLDAP_STOP);
result = CURLE_OK;
}
}
diff --git a/libs/libcurl/src/pingpong.c b/libs/libcurl/src/pingpong.c index bd30f8e5e6..be892a866d 100644 --- a/libs/libcurl/src/pingpong.c +++ b/libs/libcurl/src/pingpong.c @@ -361,7 +361,7 @@ CURLcode Curl_pp_readresp(struct Curl_easy *data, * for "headers". The response lines can be seen as a kind of
* headers.
*/
- result = Curl_client_write(data, CLIENTWRITE_HEADER,
+ result = Curl_client_write(data, CLIENTWRITE_INFO,
pp->linestart_resp, perline);
if(result)
return result;
diff --git a/libs/libcurl/src/progress.c b/libs/libcurl/src/progress.c index 73e384efae..86d8a4dc6e 100644 --- a/libs/libcurl/src/progress.c +++ b/libs/libcurl/src/progress.c @@ -317,9 +317,16 @@ timediff_t Curl_pgrsLimitWaitTime(curl_off_t cursize, /*
* Set the number of downloaded bytes so far.
*/
-void Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size)
+CURLcode Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size)
{
+ if(data->set.max_filesize && (size > data->set.max_filesize)) {
+ failf(data, "Exceeded the maximum allowed file size "
+ "(%" CURL_FORMAT_CURL_OFF_T ")",
+ data->set.max_filesize);
+ return CURLE_FILESIZE_EXCEEDED;
+ }
data->progress.downloaded = size;
+ return CURLE_OK;
}
/*
diff --git a/libs/libcurl/src/progress.h b/libs/libcurl/src/progress.h index 60c25e8d65..686e29c7f2 100644 --- a/libs/libcurl/src/progress.h +++ b/libs/libcurl/src/progress.h @@ -46,7 +46,10 @@ int Curl_pgrsDone(struct Curl_easy *data); void Curl_pgrsStartNow(struct Curl_easy *data);
void Curl_pgrsSetDownloadSize(struct Curl_easy *data, curl_off_t size);
void Curl_pgrsSetUploadSize(struct Curl_easy *data, curl_off_t size);
-void Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size);
+
+/* It is fine to not check the return code if 'size' is set to 0 */
+CURLcode Curl_pgrsSetDownloadCounter(struct Curl_easy *data, curl_off_t size);
+
void Curl_pgrsSetUploadCounter(struct Curl_easy *data, curl_off_t size);
void Curl_ratelimit(struct Curl_easy *data, struct curltime now);
int Curl_pgrsUpdate(struct Curl_easy *data);
diff --git a/libs/libcurl/src/rand.c b/libs/libcurl/src/rand.c index faeecad273..22bb0e6ade 100644 --- a/libs/libcurl/src/rand.c +++ b/libs/libcurl/src/rand.c @@ -24,6 +24,8 @@ #include "curl_setup.h"
+#include <limits.h>
+
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
@@ -41,6 +43,7 @@ uint32_t arc4random(void); #include "sendf.h"
#include "timeval.h"
#include "rand.h"
+#include "escape.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@@ -49,12 +52,7 @@ uint32_t arc4random(void); #ifdef WIN32
-#if defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR)
-# define HAVE_MINGW_ORIGINAL
-#endif
-
-#if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x600 && \
- !defined(HAVE_MINGW_ORIGINAL)
+#if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x600
# define HAVE_WIN_BCRYPTGENRANDOM
# include <bcrypt.h>
# ifdef _MSC_VER
@@ -234,9 +232,7 @@ CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd, size_t num)
{
CURLcode result = CURLE_BAD_FUNCTION_ARGUMENT;
- const char *hex = "0123456789abcdef";
unsigned char buffer[128];
- unsigned char *bufp = buffer;
DEBUGASSERT(num > 1);
#ifdef __clang_analyzer__
@@ -255,13 +251,37 @@ CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd, if(result)
return result;
+ Curl_hexencode(buffer, num/2, rnd, num + 1);
+ return result;
+}
+
+/*
+ * Curl_rand_alnum() fills the 'rnd' buffer with a given 'num' size with random
+ * alphanumerical chars PLUS a null-terminating byte.
+ */
+
+static const char alnum[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+
+CURLcode Curl_rand_alnum(struct Curl_easy *data, unsigned char *rnd,
+ size_t num)
+{
+ CURLcode result = CURLE_OK;
+ const int alnumspace = sizeof(alnum) - 1;
+ unsigned int r;
+ DEBUGASSERT(num > 1);
+
+ num--; /* save one for null-termination */
+
while(num) {
- /* clang-tidy warns on this line without this comment: */
- /* NOLINTNEXTLINE(clang-analyzer-core.UndefinedBinaryOperatorResult) */
- *rnd++ = hex[(*bufp & 0xF0)>>4];
- *rnd++ = hex[*bufp & 0x0F];
- bufp++;
- num -= 2;
+ do {
+ result = randit(data, &r);
+ if(result)
+ return result;
+ } while(r >= (UINT_MAX - UINT_MAX % alnumspace));
+
+ *rnd++ = alnum[r % alnumspace];
+ num--;
}
*rnd = 0;
diff --git a/libs/libcurl/src/rand.h b/libs/libcurl/src/rand.h index 9acc235aa1..bb3d0addd7 100644 --- a/libs/libcurl/src/rand.h +++ b/libs/libcurl/src/rand.h @@ -34,6 +34,13 @@ CURLcode Curl_rand(struct Curl_easy *data, unsigned char *rnd, size_t num); CURLcode Curl_rand_hex(struct Curl_easy *data, unsigned char *rnd,
size_t num);
+/*
+ * Curl_rand_alnum() fills the 'rnd' buffer with a given 'num' size with random
+ * alphanumerical chars PLUS a null-terminating byte.
+ */
+CURLcode Curl_rand_alnum(struct Curl_easy *data, unsigned char *rnd,
+ size_t num);
+
#ifdef WIN32
/* Random generator shared between the Schannel vtls and Curl_rand*()
functions */
diff --git a/libs/libcurl/src/sendf.c b/libs/libcurl/src/sendf.c index da82a92a19..90f7e86e16 100644 --- a/libs/libcurl/src/sendf.c +++ b/libs/libcurl/src/sendf.c @@ -40,6 +40,7 @@ #include "sendf.h"
#include "cfilters.h"
#include "connect.h"
+#include "content_encoding.h"
#include "vtls/vtls.h"
#include "vssh/ssh.h"
#include "easyif.h"
@@ -213,6 +214,7 @@ CURLcode Curl_write(struct Curl_easy *data, static CURLcode pausewrite(struct Curl_easy *data,
int type, /* what type of data */
+ bool paused_body,
const char *ptr,
size_t len)
{
@@ -228,7 +230,8 @@ static CURLcode pausewrite(struct Curl_easy *data, if(s->tempcount) {
for(i = 0; i< s->tempcount; i++) {
- if(s->tempwrite[i].type == type) {
+ if(s->tempwrite[i].type == type &&
+ !!s->tempwrite[i].paused_body == !!paused_body) {
/* data for this type exists */
newtype = FALSE;
break;
@@ -246,6 +249,7 @@ static CURLcode pausewrite(struct Curl_easy *data, /* store this information in the state struct for later use */
Curl_dyn_init(&s->tempwrite[i].b, DYN_PAUSE_BUFFER);
s->tempwrite[i].type = type;
+ s->tempwrite[i].paused_body = paused_body;
s->tempcount++;
}
@@ -265,6 +269,7 @@ static CURLcode pausewrite(struct Curl_easy *data, */
static CURLcode chop_write(struct Curl_easy *data,
int type,
+ bool skip_body_write,
char *optr,
size_t olen)
{
@@ -281,10 +286,12 @@ static CURLcode chop_write(struct Curl_easy *data, /* If reading is paused, append this data to the already held data for this
type. */
if(data->req.keepon & KEEP_RECV_PAUSE)
- return pausewrite(data, type, ptr, len);
+ return pausewrite(data, type, !skip_body_write, ptr, len);
/* Determine the callback(s) to use. */
- if(type & CLIENTWRITE_BODY) {
+ if(!skip_body_write &&
+ ((type & CLIENTWRITE_BODY) ||
+ ((type & CLIENTWRITE_HEADER) && data->set.include_header))) {
#ifdef USE_WEBSOCKETS
if(conn->handler->protocol & (CURLPROTO_WS|CURLPROTO_WSS)) {
writebody = Curl_ws_writecb;
@@ -294,7 +301,7 @@ static CURLcode chop_write(struct Curl_easy *data, #endif
writebody = data->set.fwrite_func;
}
- if((type & CLIENTWRITE_HEADER) &&
+ if((type & (CLIENTWRITE_HEADER|CLIENTWRITE_INFO)) &&
(data->set.fwrite_header || data->set.writeheader)) {
/*
* Write headers to the same callback or to the especially setup
@@ -322,7 +329,7 @@ static CURLcode chop_write(struct Curl_easy *data, failf(data, "Write callback asked for PAUSE when not supported");
return CURLE_WRITE_ERROR;
}
- return pausewrite(data, type, ptr, len);
+ return pausewrite(data, type, TRUE, ptr, len);
}
if(wrote != chunklen) {
failf(data, "Failure writing output to destination");
@@ -357,13 +364,7 @@ static CURLcode chop_write(struct Curl_easy *data, Curl_set_in_callback(data, false);
if(CURL_WRITEFUNC_PAUSE == wrote)
- /* here we pass in the HEADER bit only since if this was body as well
- then it was passed already and clearly that didn't trigger the
- pause, so this is saved for later with the HEADER bit only */
- return pausewrite(data, CLIENTWRITE_HEADER |
- (type & (CLIENTWRITE_STATUS|CLIENTWRITE_CONNECT|
- CLIENTWRITE_1XX|CLIENTWRITE_TRAILER)),
- optr, olen);
+ return pausewrite(data, type, FALSE, optr, olen);
if(wrote != olen) {
failf(data, "Failed writing header");
return CURLE_WRITE_ERROR;
@@ -397,9 +398,187 @@ CURLcode Curl_client_write(struct Curl_easy *data, len = convert_lineends(data, ptr, len);
}
#endif
- return chop_write(data, type, ptr, len);
+ /* it is one of those, at least */
+ DEBUGASSERT(type & (CLIENTWRITE_BODY|CLIENTWRITE_HEADER|CLIENTWRITE_INFO));
+ /* BODY is only BODY */
+ DEBUGASSERT(!(type & CLIENTWRITE_BODY) || (type == CLIENTWRITE_BODY));
+ /* INFO is only INFO */
+ DEBUGASSERT(!(type & CLIENTWRITE_INFO) || (type == CLIENTWRITE_INFO));
+
+ if(type == CLIENTWRITE_BODY) {
+ if(data->req.ignorebody)
+ return CURLE_OK;
+
+ if(data->req.writer_stack && !data->set.http_ce_skip)
+ return Curl_unencode_write(data, data->req.writer_stack, ptr, len);
+ }
+ return chop_write(data, type, FALSE, ptr, len);
+}
+
+CURLcode Curl_client_unpause(struct Curl_easy *data)
+{
+ CURLcode result = CURLE_OK;
+
+ if(data->state.tempcount) {
+ /* there are buffers for sending that can be delivered as the receive
+ pausing is lifted! */
+ unsigned int i;
+ unsigned int count = data->state.tempcount;
+ struct tempbuf writebuf[3]; /* there can only be three */
+
+ /* copy the structs to allow for immediate re-pausing */
+ for(i = 0; i < data->state.tempcount; i++) {
+ writebuf[i] = data->state.tempwrite[i];
+ Curl_dyn_init(&data->state.tempwrite[i].b, DYN_PAUSE_BUFFER);
+ }
+ data->state.tempcount = 0;
+
+ for(i = 0; i < count; i++) {
+ /* even if one function returns error, this loops through and frees
+ all buffers */
+ if(!result)
+ result = chop_write(data, writebuf[i].type,
+ !writebuf[i].paused_body,
+ Curl_dyn_ptr(&writebuf[i].b),
+ Curl_dyn_len(&writebuf[i].b));
+ Curl_dyn_free(&writebuf[i].b);
+ }
+ }
+ return result;
}
+void Curl_client_cleanup(struct Curl_easy *data)
+{
+ struct contenc_writer *writer = data->req.writer_stack;
+ size_t i;
+
+ while(writer) {
+ data->req.writer_stack = writer->downstream;
+ writer->handler->close_writer(data, writer);
+ free(writer);
+ writer = data->req.writer_stack;
+ }
+
+ for(i = 0; i < data->state.tempcount; i++) {
+ Curl_dyn_free(&data->state.tempwrite[i].b);
+ }
+ data->state.tempcount = 0;
+
+}
+
+/* Real client writer: no downstream. */
+static CURLcode client_cew_init(struct Curl_easy *data,
+ struct contenc_writer *writer)
+{
+ (void) data;
+ (void)writer;
+ return CURLE_OK;
+}
+
+static CURLcode client_cew_write(struct Curl_easy *data,
+ struct contenc_writer *writer,
+ const char *buf, size_t nbytes)
+{
+ (void)writer;
+ if(!nbytes || data->req.ignorebody)
+ return CURLE_OK;
+ return chop_write(data, CLIENTWRITE_BODY, FALSE, (char *)buf, nbytes);
+}
+
+static void client_cew_close(struct Curl_easy *data,
+ struct contenc_writer *writer)
+{
+ (void) data;
+ (void) writer;
+}
+
+static const struct content_encoding client_cew = {
+ NULL,
+ NULL,
+ client_cew_init,
+ client_cew_write,
+ client_cew_close,
+ sizeof(struct contenc_writer)
+};
+
+/* Create an unencoding writer stage using the given handler. */
+CURLcode Curl_client_create_writer(struct contenc_writer **pwriter,
+ struct Curl_easy *data,
+ const struct content_encoding *ce_handler,
+ int order)
+{
+ struct contenc_writer *writer;
+ CURLcode result = CURLE_OUT_OF_MEMORY;
+
+ DEBUGASSERT(ce_handler->writersize >= sizeof(struct contenc_writer));
+ writer = (struct contenc_writer *) calloc(1, ce_handler->writersize);
+ if(!writer)
+ goto out;
+
+ writer->handler = ce_handler;
+ writer->order = order;
+ result = ce_handler->init_writer(data, writer);
+
+out:
+ *pwriter = result? NULL : writer;
+ if(result)
+ free(writer);
+ return result;
+}
+
+void Curl_client_free_writer(struct Curl_easy *data,
+ struct contenc_writer *writer)
+{
+ if(writer) {
+ writer->handler->close_writer(data, writer);
+ free(writer);
+ }
+}
+
+/* allow no more than 5 "chained" compression steps */
+#define MAX_ENCODE_STACK 5
+
+
+static CURLcode init_writer_stack(struct Curl_easy *data)
+{
+ DEBUGASSERT(!data->req.writer_stack);
+ return Curl_client_create_writer(&data->req.writer_stack,
+ data, &client_cew, 0);
+}
+
+CURLcode Curl_client_add_writer(struct Curl_easy *data,
+ struct contenc_writer *writer)
+{
+ CURLcode result;
+
+ if(!data->req.writer_stack) {
+ result = init_writer_stack(data);
+ if(result)
+ return result;
+ }
+
+ if(data->req.writer_stack_depth++ >= MAX_ENCODE_STACK) {
+ failf(data, "Reject response due to more than %u content encodings",
+ MAX_ENCODE_STACK);
+ return CURLE_BAD_CONTENT_ENCODING;
+ }
+
+ /* Stack the unencoding stage. */
+ if(writer->order >= data->req.writer_stack->order) {
+ writer->downstream = data->req.writer_stack;
+ data->req.writer_stack = writer;
+ }
+ else {
+ struct contenc_writer *w = data->req.writer_stack;
+ while(w->downstream && writer->order < w->downstream->order)
+ w = w->downstream;
+ writer->downstream = w->downstream;
+ w->downstream = writer;
+ }
+ return CURLE_OK;
+}
+
+
/*
* Internal read-from-socket function. This is meant to deal with plain
* sockets, SSL sockets and kerberos sockets.
diff --git a/libs/libcurl/src/sendf.h b/libs/libcurl/src/sendf.h index 341c72f1c2..90efb61ace 100644 --- a/libs/libcurl/src/sendf.h +++ b/libs/libcurl/src/sendf.h @@ -28,18 +28,67 @@ #include "curl_trc.h"
-
-#define CLIENTWRITE_BODY (1<<0)
-#define CLIENTWRITE_HEADER (1<<1)
-#define CLIENTWRITE_STATUS (1<<2) /* the first "header" is the status line */
-#define CLIENTWRITE_CONNECT (1<<3) /* a CONNECT response */
-#define CLIENTWRITE_1XX (1<<4) /* a 1xx response */
-#define CLIENTWRITE_TRAILER (1<<5) /* a trailer header */
-#define CLIENTWRITE_BOTH (CLIENTWRITE_BODY|CLIENTWRITE_HEADER)
+/**
+ * Type of data that is being written to the client (application)
+ * - data written can be either BODY or META data
+ * - META data is either INFO or HEADER
+ * - INFO is meta information, e.g. not BODY, that cannot be interpreted
+ * as headers of a response. Example FTP/IMAP pingpong answers.
+ * - HEADER can have additional bits set (more than one)
+ * - STATUS special "header", e.g. response status line in HTTP
+ * - CONNECT header was received during proxying the connection
+ * - 1XX header is part of an intermediate response, e.g. HTTP 1xx code
+ * - TRAILER header is trailing response data, e.g. HTTP trailers
+ * BODY, INFO and HEADER should not be mixed, as this would lead to
+ * confusion on how to interpret/format/convert the data.
+ */
+#define CLIENTWRITE_BODY (1<<0) /* non-meta information, BODY */
+#define CLIENTWRITE_INFO (1<<1) /* meta information, not a HEADER */
+#define CLIENTWRITE_HEADER (1<<2) /* meta information, HEADER */
+#define CLIENTWRITE_STATUS (1<<3) /* a special status HEADER */
+#define CLIENTWRITE_CONNECT (1<<4) /* a CONNECT related HEADER */
+#define CLIENTWRITE_1XX (1<<5) /* a 1xx response related HEADER */
+#define CLIENTWRITE_TRAILER (1<<6) /* a trailer HEADER */
CURLcode Curl_client_write(struct Curl_easy *data, int type, char *ptr,
size_t len) WARN_UNUSED_RESULT;
+CURLcode Curl_client_unpause(struct Curl_easy *data);
+void Curl_client_cleanup(struct Curl_easy *data);
+
+struct contenc_writer {
+ const struct content_encoding *handler; /* Encoding handler. */
+ struct contenc_writer *downstream; /* Downstream writer. */
+ unsigned int order; /* Ordering within writer stack. */
+};
+
+/* Content encoding writer. */
+struct content_encoding {
+ const char *name; /* Encoding name. */
+ const char *alias; /* Encoding name alias. */
+ CURLcode (*init_writer)(struct Curl_easy *data,
+ struct contenc_writer *writer);
+ CURLcode (*unencode_write)(struct Curl_easy *data,
+ struct contenc_writer *writer,
+ const char *buf, size_t nbytes);
+ void (*close_writer)(struct Curl_easy *data,
+ struct contenc_writer *writer);
+ size_t writersize;
+};
+
+
+CURLcode Curl_client_create_writer(struct contenc_writer **pwriter,
+ struct Curl_easy *data,
+ const struct content_encoding *ce_handler,
+ int order);
+
+void Curl_client_free_writer(struct Curl_easy *data,
+ struct contenc_writer *writer);
+
+CURLcode Curl_client_add_writer(struct Curl_easy *data,
+ struct contenc_writer *writer);
+
+
/* internal read-function, does plain socket, SSL and krb4 */
CURLcode Curl_read(struct Curl_easy *data, curl_socket_t sockfd,
char *buf, size_t buffersize,
diff --git a/libs/libcurl/src/setopt.c b/libs/libcurl/src/setopt.c index a91c8d3589..01219c7c39 100644 --- a/libs/libcurl/src/setopt.c +++ b/libs/libcurl/src/setopt.c @@ -2076,7 +2076,7 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) else
#endif
result = CURLE_NOT_BUILT_IN;
- break;
+ break;
case CURLOPT_PINNEDPUBLICKEY:
/*
* Set pinned public key for SSL connection.
diff --git a/libs/libcurl/src/sigpipe.h b/libs/libcurl/src/sigpipe.h index 3f325f1a3c..4bfff9744b 100644 --- a/libs/libcurl/src/sigpipe.h +++ b/libs/libcurl/src/sigpipe.h @@ -25,7 +25,7 @@ ***************************************************************************/
#include "curl_setup.h"
-#if defined(HAVE_SIGNAL_H) && defined(HAVE_SIGACTION) && \
+#if defined(HAVE_SIGACTION) && \
(defined(USE_OPENSSL) || defined(USE_MBEDTLS) || defined(USE_WOLFSSL))
#include <signal.h>
diff --git a/libs/libcurl/src/smb.c b/libs/libcurl/src/smb.c index 75fa4614d4..f708ded3ca 100644 --- a/libs/libcurl/src/smb.c +++ b/libs/libcurl/src/smb.c @@ -1049,7 +1049,12 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done) }
data->req.bytecount += len;
data->req.offset += len;
- Curl_pgrsSetDownloadCounter(data, data->req.bytecount);
+ result = Curl_pgrsSetDownloadCounter(data, data->req.bytecount);
+ if(result) {
+ req->result = result;
+ next_state = SMB_CLOSE;
+ break;
+ }
next_state = (len < MAX_PAYLOAD_SIZE) ? SMB_CLOSE : SMB_DOWNLOAD;
break;
diff --git a/libs/libcurl/src/socks.c b/libs/libcurl/src/socks.c index c214a1746d..487f26d2c4 100644 --- a/libs/libcurl/src/socks.c +++ b/libs/libcurl/src/socks.c @@ -587,9 +587,9 @@ static CURLproxycode do_SOCKS5(struct Curl_cfilter *cf, /* RFC1928 chapter 5 specifies max 255 chars for domain name in packet */
if(!socks5_resolve_local && hostname_len > 255) {
- infof(data, "SOCKS5: server resolving disabled for hostnames of "
- "length > 255 [actual len=%zu]", hostname_len);
- socks5_resolve_local = TRUE;
+ failf(data, "SOCKS5: the destination hostname is too long to be "
+ "resolved remotely by the proxy.");
+ return CURLPX_LONG_HOSTNAME;
}
if(auth & ~(CURLAUTH_BASIC | CURLAUTH_GSSAPI))
@@ -903,7 +903,7 @@ CONNECT_RESOLVE_REMOTE: }
else {
socksreq[len++] = 3;
- socksreq[len++] = (char) hostname_len; /* one byte address length */
+ socksreq[len++] = (unsigned char) hostname_len; /* one byte length */
memcpy(&socksreq[len], sx->hostname, hostname_len); /* w/o NULL */
len += hostname_len;
}
diff --git a/libs/libcurl/src/telnet.c b/libs/libcurl/src/telnet.c index 1166f79459..9f2cc0f2fb 100644 --- a/libs/libcurl/src/telnet.c +++ b/libs/libcurl/src/telnet.c @@ -1570,8 +1570,9 @@ static CURLcode telnet_do(struct Curl_easy *data, bool *done) }
total_dl += nread;
- Curl_pgrsSetDownloadCounter(data, total_dl);
- result = telrcv(data, (unsigned char *)buf, nread);
+ result = Curl_pgrsSetDownloadCounter(data, total_dl);
+ if(!result)
+ result = telrcv(data, (unsigned char *)buf, nread);
if(result) {
keepon = FALSE;
break;
diff --git a/libs/libcurl/src/tftp.c b/libs/libcurl/src/tftp.c index 0464369182..028fc2af6d 100644 --- a/libs/libcurl/src/tftp.c +++ b/libs/libcurl/src/tftp.c @@ -1141,12 +1141,15 @@ static CURLcode tftp_receive_packet(struct Curl_easy *data) result = Curl_client_write(data, CLIENTWRITE_BODY,
(char *)state->rpacket.data + 4,
state->rbytes-4);
+ if(!result) {
+ k->bytecount += state->rbytes-4;
+ result = Curl_pgrsSetDownloadCounter(data,
+ (curl_off_t) k->bytecount);
+ }
if(result) {
tftp_state_machine(state, TFTP_EVENT_ERROR);
return result;
}
- k->bytecount += state->rbytes-4;
- Curl_pgrsSetDownloadCounter(data, (curl_off_t) k->bytecount);
}
break;
case TFTP_EVENT_ERROR:
diff --git a/libs/libcurl/src/timeval.c b/libs/libcurl/src/timeval.c index 8f081be9c2..8989c5b8b9 100644 --- a/libs/libcurl/src/timeval.c +++ b/libs/libcurl/src/timeval.c @@ -210,6 +210,20 @@ timediff_t Curl_timediff(struct curltime newer, struct curltime older) }
/*
+ * Returns: time difference in number of milliseconds, rounded up.
+ * For too large diffs it returns max value.
+ */
+timediff_t Curl_timediff_ceil(struct curltime newer, struct curltime older)
+{
+ timediff_t diff = (timediff_t)newer.tv_sec-older.tv_sec;
+ if(diff >= (TIMEDIFF_T_MAX/1000))
+ return TIMEDIFF_T_MAX;
+ else if(diff <= (TIMEDIFF_T_MIN/1000))
+ return TIMEDIFF_T_MIN;
+ return diff * 1000 + (newer.tv_usec - older.tv_usec + 999)/1000;
+}
+
+/*
* Returns: time difference in number of microseconds. For too large diffs it
* returns max value.
*/
diff --git a/libs/libcurl/src/timeval.h b/libs/libcurl/src/timeval.h index e00b651ef9..510688944a 100644 --- a/libs/libcurl/src/timeval.h +++ b/libs/libcurl/src/timeval.h @@ -36,16 +36,24 @@ struct curltime { struct curltime Curl_now(void);
/*
- * Make sure that the first argument (t1) is the more recent time and t2 is
- * the older time, as otherwise you get a weird negative time-diff back...
+ * Make sure that the first argument (newer) is the more recent time and older
+ * is the older time, as otherwise you get a weird negative time-diff back...
*
* Returns: the time difference in number of milliseconds.
*/
-timediff_t Curl_timediff(struct curltime t1, struct curltime t2);
+timediff_t Curl_timediff(struct curltime newer, struct curltime older);
/*
- * Make sure that the first argument (t1) is the more recent time and t2 is
- * the older time, as otherwise you get a weird negative time-diff back...
+ * Make sure that the first argument (newer) is the more recent time and older
+ * is the older time, as otherwise you get a weird negative time-diff back...
+ *
+ * Returns: the time difference in number of milliseconds, rounded up.
+ */
+timediff_t Curl_timediff_ceil(struct curltime newer, struct curltime older);
+
+/*
+ * Make sure that the first argument (newer) is the more recent time and older
+ * is the older time, as otherwise you get a weird negative time-diff back...
*
* Returns: the time difference in number of microseconds.
*/
diff --git a/libs/libcurl/src/transfer.c b/libs/libcurl/src/transfer.c index 8fe343e0bd..44e5f03cea 100644 --- a/libs/libcurl/src/transfer.c +++ b/libs/libcurl/src/transfer.c @@ -40,9 +40,7 @@ #ifdef HAVE_SYS_IOCTL_H
#include <sys/ioctl.h>
#endif
-#ifdef HAVE_SIGNAL_H
#include <signal.h>
-#endif
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h>
@@ -671,7 +669,9 @@ static CURLcode readwrite_data(struct Curl_easy *data, k->bytecount += nread;
max_recv -= nread;
- Curl_pgrsSetDownloadCounter(data, k->bytecount);
+ result = Curl_pgrsSetDownloadCounter(data, k->bytecount);
+ if(result)
+ goto out;
if(!k->chunk && (nread || k->badheader || is_empty_data)) {
/* If this is chunky transfer, it was already written */
@@ -700,19 +700,15 @@ static CURLcode readwrite_data(struct Curl_easy *data, in http_chunks.c.
Make sure that ALL_CONTENT_ENCODINGS contains all the
encodings handled here. */
- if(data->set.http_ce_skip || !k->writer_stack) {
- if(!k->ignorebody && nread) {
+ if(!k->ignorebody && nread) {
#ifndef CURL_DISABLE_POP3
- if(conn->handler->protocol & PROTO_FAMILY_POP3)
- result = Curl_pop3_write(data, k->str, nread);
- else
+ if(conn->handler->protocol & PROTO_FAMILY_POP3)
+ result = Curl_pop3_write(data, k->str, nread);
+ else
#endif /* CURL_DISABLE_POP3 */
- result = Curl_client_write(data, CLIENTWRITE_BODY, k->str,
- nread);
- }
+ result = Curl_client_write(data, CLIENTWRITE_BODY, k->str,
+ nread);
}
- else if(!k->ignorebody && nread)
- result = Curl_unencode_write(data, k->writer_stack, k->str, nread);
}
k->badheader = HEADER_NORMAL; /* taken care of now */
@@ -1050,6 +1046,19 @@ static CURLcode readwrite_upload(struct Curl_easy *data, return CURLE_OK;
}
+static int select_bits_paused(struct Curl_easy *data, int select_bits)
+{
+ /* See issue #11982: we really need to be careful not to progress
+ * a transfer direction when that direction is paused. Not all parts
+ * of our state machine are handling PAUSED transfers correctly. So, we
+ * do not want to go there.
+ * NOTE: we are only interested in PAUSE, not HOLD. */
+ return (((select_bits & CURL_CSELECT_IN) &&
+ (data->req.keepon & KEEP_RECV_PAUSE)) ||
+ ((select_bits & CURL_CSELECT_OUT) &&
+ (data->req.keepon & KEEP_SEND_PAUSE)));
+}
+
/*
* Curl_readwrite() is the low-level function to be called when data is to
* be read and written to/from the connection.
@@ -1068,12 +1077,20 @@ CURLcode Curl_readwrite(struct connectdata *conn, int didwhat = 0;
int select_bits;
-
if(data->state.dselect_bits) {
+ if(select_bits_paused(data, data->state.dselect_bits)) {
+ /* leave the bits unchanged, so they'll tell us what to do when
+ * this transfer gets unpaused. */
+ DEBUGF(infof(data, "readwrite, dselect_bits, early return on PAUSED"));
+ result = CURLE_OK;
+ goto out;
+ }
select_bits = data->state.dselect_bits;
data->state.dselect_bits = 0;
}
else if(conn->cselect_bits) {
+ /* CAVEAT: adding `select_bits_paused()` check here makes test640 hang
+ * (among others). Which hints at strange state handling in FTP land... */
select_bits = conn->cselect_bits;
conn->cselect_bits = 0;
}
diff --git a/libs/libcurl/src/url.c b/libs/libcurl/src/url.c index 5951e6a066..1746a51ca9 100644 --- a/libs/libcurl/src/url.c +++ b/libs/libcurl/src/url.c @@ -888,8 +888,8 @@ static bool conn_maxage(struct Curl_easy *data, idletime /= 1000; /* integer seconds is fine */
if(idletime > data->set.maxage_conn) {
- infof(data, "Too old connection (%ld seconds idle), disconnect it",
- idletime);
+ infof(data, "Too old connection (%" CURL_FORMAT_TIMEDIFF_T
+ " seconds idle), disconnect it", idletime);
return TRUE;
}
@@ -898,8 +898,8 @@ static bool conn_maxage(struct Curl_easy *data, if(data->set.maxlifetime_conn && lifetime > data->set.maxlifetime_conn) {
infof(data,
- "Too old connection (%ld seconds since creation), disconnect it",
- lifetime);
+ "Too old connection (%" CURL_FORMAT_TIMEDIFF_T
+ " seconds since creation), disconnect it", lifetime);
return TRUE;
}
@@ -1169,7 +1169,7 @@ ConnectionExists(struct Curl_easy *data, foundPendingCandidate = TRUE;
/* Don't pick a connection that hasn't connected yet */
infof(data, "Connection #%" CURL_FORMAT_CURL_OFF_T
- "isn't open enough, can't reuse", check->connection_id);
+ " isn't open enough, can't reuse", check->connection_id);
continue;
}
@@ -2033,13 +2033,13 @@ void Curl_free_request_state(struct Curl_easy *data) {
Curl_safefree(data->req.p.http);
Curl_safefree(data->req.newurl);
-
#ifndef CURL_DISABLE_DOH
if(data->req.doh) {
Curl_close(&data->req.doh->probe[0].easy);
Curl_close(&data->req.doh->probe[1].easy);
}
#endif
+ Curl_client_cleanup(data);
}
@@ -2076,7 +2076,6 @@ static char *detect_proxy(struct Curl_easy *data, char proxy_env[128];
const char *protop = conn->handler->scheme;
char *envp = proxy_env;
- char *prox;
#ifdef CURL_DISABLE_VERBOSE_STRINGS
(void)data;
#endif
@@ -2089,7 +2088,7 @@ static char *detect_proxy(struct Curl_easy *data, strcpy(envp, "_proxy");
/* read the protocol proxy: */
- prox = curl_getenv(proxy_env);
+ proxy = curl_getenv(proxy_env);
/*
* We don't try the uppercase version of HTTP_PROXY because of
@@ -2103,23 +2102,35 @@ static char *detect_proxy(struct Curl_easy *data, * This can cause 'internal' http/ftp requests to be
* arbitrarily redirected by any external attacker.
*/
- if(!prox && !strcasecompare("http_proxy", proxy_env)) {
+ if(!proxy && !strcasecompare("http_proxy", proxy_env)) {
/* There was no lowercase variable, try the uppercase version: */
Curl_strntoupper(proxy_env, proxy_env, sizeof(proxy_env));
- prox = curl_getenv(proxy_env);
+ proxy = curl_getenv(proxy_env);
}
envp = proxy_env;
- if(prox) {
- proxy = prox; /* use this */
- }
- else {
- envp = (char *)"all_proxy";
- proxy = curl_getenv(envp); /* default proxy to use */
+ if(!proxy) {
+#ifdef USE_WEBSOCKETS
+ /* websocket proxy fallbacks */
+ if(strcasecompare("ws_proxy", proxy_env)) {
+ proxy = curl_getenv("http_proxy");
+ }
+ else if(strcasecompare("wss_proxy", proxy_env)) {
+ proxy = curl_getenv("https_proxy");
+ if(!proxy)
+ proxy = curl_getenv("HTTPS_PROXY");
+ }
if(!proxy) {
- envp = (char *)"ALL_PROXY";
- proxy = curl_getenv(envp);
+#endif
+ envp = (char *)"all_proxy";
+ proxy = curl_getenv(envp); /* default proxy to use */
+ if(!proxy) {
+ envp = (char *)"ALL_PROXY";
+ proxy = curl_getenv(envp);
+ }
+#ifdef USE_WEBSOCKETS
}
+#endif
}
if(proxy)
infof(data, "Uses proxy env variable %s == '%s'", envp, proxy);
@@ -2719,7 +2730,9 @@ static CURLcode override_login(struct Curl_easy *data, data->set.str[STRING_NETRC_FILE]);
if(ret > 0) {
infof(data, "Couldn't find host %s in the %s file; using defaults",
- conn->host.name, data->set.str[STRING_NETRC_FILE]);
+ conn->host.name,
+ (data->set.str[STRING_NETRC_FILE] ?
+ data->set.str[STRING_NETRC_FILE] : ".netrc"));
}
else if(ret < 0) {
failf(data, ".netrc parser error");
@@ -3214,8 +3227,8 @@ static CURLcode resolve_host(struct Curl_easy *data, if(rc == CURLRESOLV_PENDING)
*async = TRUE;
else if(rc == CURLRESOLV_TIMEDOUT) {
- failf(data, "Failed to resolve host '%s' with timeout after %ld ms",
- connhost->dispname,
+ failf(data, "Failed to resolve host '%s' with timeout after %"
+ CURL_FORMAT_TIMEDIFF_T " ms", connhost->dispname,
Curl_timediff(Curl_now(), data->progress.t_startsingle));
return CURLE_OPERATION_TIMEDOUT;
}
diff --git a/libs/libcurl/src/urlapi.c b/libs/libcurl/src/urlapi.c index 2e4138306f..37dabba3e0 100644 --- a/libs/libcurl/src/urlapi.c +++ b/libs/libcurl/src/urlapi.c @@ -100,7 +100,7 @@ static void free_urlhandle(struct Curl_URL *u) /*
* Find the separator at the end of the host name, or the '?' in cases like
- * http://www.url.com?id=2380
+ * http://www.example.com?id=2380
*/
static const char *find_host_sep(const char *url)
{
@@ -338,7 +338,7 @@ static char *concat_url(char *base, const char *relurl) pathsep = strchr(protsep, '/');
if(pathsep) {
/* When people use badly formatted URLs, such as
- "http://www.url.com?dir=/home/daniel" we must not use the first
+ "http://www.example.com?dir=/home/daniel" we must not use the first
slash, if there's a ?-letter before it! */
char *sep = strchr(protsep, '?');
if(sep && (sep < pathsep))
@@ -347,9 +347,9 @@ static char *concat_url(char *base, const char *relurl) }
else {
/* There was no slash. Now, since we might be operating on a badly
- formatted URL, such as "http://www.url.com?id=2380" which doesn't
- use a slash separator as it is supposed to, we need to check for a
- ?-letter as well! */
+ formatted URL, such as "http://www.example.com?id=2380" which
+ doesn't use a slash separator as it is supposed to, we need to check
+ for a ?-letter as well! */
pathsep = strchr(protsep, '?');
if(pathsep)
*pathsep = 0;
@@ -1865,7 +1865,7 @@ CURLUcode curl_url_set(CURLU *u, CURLUPart what, if(result)
return CURLUE_OUT_OF_MEMORY;
}
- else if(Curl_isunreserved(*i) ||
+ else if(ISUNRESERVED(*i) ||
((*i == '/') && urlskipslash) ||
((*i == '=') && equalsencode)) {
if((*i == '=') && equalsencode)
diff --git a/libs/libcurl/src/urldata.h b/libs/libcurl/src/urldata.h index 76f621f3e6..6710314c55 100644 --- a/libs/libcurl/src/urldata.h +++ b/libs/libcurl/src/urldata.h @@ -640,7 +640,9 @@ struct SingleRequest { curl_off_t pendingheader; /* this many bytes left to send is actually
header and not body */
struct curltime start; /* transfer started at this time */
- unsigned int headerbytecount; /* only count received headers */
+ unsigned int headerbytecount; /* received server headers (not CONNECT
+ headers) */
+ unsigned int allheadercount; /* all received headers (server + CONNECT) */
unsigned int deductheadercount; /* this amount of bytes doesn't count when
we check if anything has been transferred
at the end of a connection. We use this
@@ -1260,6 +1262,7 @@ struct tempbuf { struct dynbuf b;
int type; /* type of the 'tempwrite' buffer as a bitmask that is used with
Curl_client_write() */
+ BIT(paused_body); /* if PAUSE happened before/during BODY write */
};
/* Timers */
@@ -1947,7 +1950,7 @@ struct Curl_easy { other using the same cache. For easier tracking
in log output.
This may wrap around after LONG_MAX to 0 again, so it
- has no uniqueness guarantuee for very large processings. */
+ has no uniqueness guarantee for very large processings. */
curl_off_t id;
/* first, two fields for the linked list of these */
@@ -2010,6 +2013,10 @@ struct Curl_easy { #ifdef USE_HYPER
struct hyptransfer hyp;
#endif
+
+ /* internal: true if this easy handle was created for internal use and the
+ user does not have ownership of the handle. */
+ bool internal;
};
#define LIBCURL_NAME "libcurl"
diff --git a/libs/libcurl/src/vauth/cleartext.c b/libs/libcurl/src/vauth/cleartext.c index 099f8ab10a..8234dced08 100644 --- a/libs/libcurl/src/vauth/cleartext.c +++ b/libs/libcurl/src/vauth/cleartext.c @@ -35,7 +35,6 @@ #include "urldata.h"
#include "vauth/vauth.h"
-#include "curl_md5.h"
#include "warnless.h"
#include "strtok.h"
#include "sendf.h"
diff --git a/libs/libcurl/src/vquic/curl_ngtcp2.c b/libs/libcurl/src/vquic/curl_ngtcp2.c index 7fd7085304..1be49f389b 100644 --- a/libs/libcurl/src/vquic/curl_ngtcp2.c +++ b/libs/libcurl/src/vquic/curl_ngtcp2.c @@ -30,7 +30,7 @@ #ifdef USE_OPENSSL
#include <openssl/err.h>
-#ifdef OPENSSL_IS_BORINGSSL
+#if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
#include <ngtcp2/ngtcp2_crypto_boringssl.h>
#else
#include <ngtcp2/ngtcp2_crypto_quictls.h>
@@ -407,7 +407,7 @@ static CURLcode quic_ssl_ctx(SSL_CTX **pssl_ctx, goto out;
}
-#ifdef OPENSSL_IS_BORINGSSL
+#if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
if(ngtcp2_crypto_boringssl_configure_client_context(ssl_ctx) != 0) {
failf(data, "ngtcp2_crypto_boringssl_configure_client_context failed");
goto out;
@@ -421,22 +421,24 @@ static CURLcode quic_ssl_ctx(SSL_CTX **pssl_ctx, SSL_CTX_set_default_verify_paths(ssl_ctx);
-#ifdef OPENSSL_IS_BORINGSSL
- if(SSL_CTX_set1_curves_list(ssl_ctx, QUIC_GROUPS) != 1) {
- failf(data, "SSL_CTX_set1_curves_list failed");
- goto out;
- }
-#else
- if(SSL_CTX_set_ciphersuites(ssl_ctx, QUIC_CIPHERS) != 1) {
- char error_buffer[256];
- ERR_error_string_n(ERR_get_error(), error_buffer, sizeof(error_buffer));
- failf(data, "SSL_CTX_set_ciphersuites: %s", error_buffer);
- goto out;
+ {
+ const char *curves = conn->ssl_config.curves ?
+ conn->ssl_config.curves : QUIC_GROUPS;
+ if(!SSL_CTX_set1_curves_list(ssl_ctx, curves)) {
+ failf(data, "failed setting curves list for QUIC: '%s'", curves);
+ return CURLE_SSL_CIPHER;
+ }
}
- if(SSL_CTX_set1_groups_list(ssl_ctx, QUIC_GROUPS) != 1) {
- failf(data, "SSL_CTX_set1_groups_list failed");
- goto out;
+#ifndef OPENSSL_IS_BORINGSSL
+ {
+ const char *ciphers13 = conn->ssl_config.cipher_list13 ?
+ conn->ssl_config.cipher_list13 : QUIC_CIPHERS;
+ if(SSL_CTX_set_ciphersuites(ssl_ctx, ciphers13) != 1) {
+ failf(data, "failed setting QUIC cipher suite: %s", ciphers13);
+ return CURLE_SSL_CIPHER;
+ }
+ infof(data, "QUIC cipher selection: %s", ciphers13);
}
#endif
@@ -616,15 +618,19 @@ static CURLcode quic_ssl_ctx(WOLFSSL_CTX **pssl_ctx, wolfSSL_CTX_set_default_verify_paths(ssl_ctx);
- if(wolfSSL_CTX_set_cipher_list(ssl_ctx, QUIC_CIPHERS) != 1) {
+ if(wolfSSL_CTX_set_cipher_list(ssl_ctx, conn->ssl_config.cipher_list13 ?
+ conn->ssl_config.cipher_list13 :
+ QUIC_CIPHERS) != 1) {
char error_buffer[256];
ERR_error_string_n(ERR_get_error(), error_buffer, sizeof(error_buffer));
- failf(data, "wolfSSL_CTX_set_cipher_list: %s", error_buffer);
+ failf(data, "wolfSSL failed to set ciphers: %s", error_buffer);
goto out;
}
- if(wolfSSL_CTX_set1_groups_list(ssl_ctx, (char *)QUIC_GROUPS) != 1) {
- failf(data, "SSL_CTX_set1_groups_list failed");
+ if(wolfSSL_CTX_set1_groups_list(ssl_ctx, conn->ssl_config.curves ?
+ conn->ssl_config.curves :
+ (char *)QUIC_GROUPS) != 1) {
+ failf(data, "wolfSSL failed to set curves");
goto out;
}
@@ -644,10 +650,13 @@ static CURLcode quic_ssl_ctx(WOLFSSL_CTX **pssl_ctx, const char * const ssl_capath = conn->ssl_config.CApath;
wolfSSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
- if(conn->ssl_config.CAfile || conn->ssl_config.CApath) {
+ if(ssl_cafile || ssl_capath) {
/* tell wolfSSL where to find CA certificates that are used to verify
the server's certificate. */
- if(!wolfSSL_CTX_load_verify_locations(ssl_ctx, ssl_cafile, ssl_capath)) {
+ int rc =
+ wolfSSL_CTX_load_verify_locations_ex(ssl_ctx, ssl_cafile, ssl_capath,
+ WOLFSSL_LOAD_FLAG_IGNORE_ERR);
+ if(SSL_SUCCESS != rc) {
/* Fail if we insist on successfully verifying the server. */
failf(data, "error setting certificate verify locations:"
" CAfile: %s CApath: %s",
diff --git a/libs/libcurl/src/vquic/curl_quiche.c b/libs/libcurl/src/vquic/curl_quiche.c index cec899f161..d15b3983e9 100644 --- a/libs/libcurl/src/vquic/curl_quiche.c +++ b/libs/libcurl/src/vquic/curl_quiche.c @@ -149,8 +149,8 @@ static CURLcode quic_x509_store_setup(struct Curl_cfilter *cf, SSL_CTX_set_verify(ctx->sslctx, SSL_VERIFY_PEER, NULL);
/* tell OpenSSL where to find CA certificates that are used to verify
the server's certificate. */
- if(!SSL_CTX_load_verify_locations(
- ctx->sslctx, ssl_cafile, ssl_capath)) {
+ if(!SSL_CTX_load_verify_locations(ctx->sslctx, ssl_cafile,
+ ssl_capath)) {
/* Fail if we insist on successfully verifying the server. */
failf(data, "error setting certificate verify locations:"
" CAfile: %s CApath: %s",
@@ -165,7 +165,7 @@ static CURLcode quic_x509_store_setup(struct Curl_cfilter *cf, else {
/* verifying the peer without any CA certificates won't work so
use openssl's built-in default as fallback */
- SSL_CTX_set_default_verify_paths(ssl_ctx);
+ SSL_CTX_set_default_verify_paths(ctx->sslctx);
}
#endif
}
@@ -178,6 +178,8 @@ static CURLcode quic_ssl_setup(struct Curl_cfilter *cf, struct Curl_easy *data) {
struct cf_quiche_ctx *ctx = cf->ctx;
unsigned char checkip[16];
+ struct connectdata *conn = data->conn;
+ const char *curves = conn->ssl_config.curves;
DEBUGASSERT(!ctx->sslctx);
ctx->sslctx = SSL_CTX_new(TLS_method());
@@ -196,6 +198,11 @@ static CURLcode quic_ssl_setup(struct Curl_cfilter *cf, struct Curl_easy *data) SSL_CTX_set_keylog_callback(ctx->sslctx, keylog_callback);
}
+ if(curves && !SSL_CTX_set1_curves_list(ctx->sslctx, curves)) {
+ failf(data, "failed setting curves list for QUIC: '%s'", curves);
+ return CURLE_SSL_CIPHER;
+ }
+
ctx->ssl = SSL_new(ctx->sslctx);
if(!ctx->ssl)
return CURLE_QUIC_CONNECT_ERROR;
diff --git a/libs/libcurl/src/vssh/libssh.c b/libs/libcurl/src/vssh/libssh.c index 94a5659055..93e87e9c63 100644 --- a/libs/libcurl/src/vssh/libssh.c +++ b/libs/libcurl/src/vssh/libssh.c @@ -2567,6 +2567,12 @@ static ssize_t sftp_send(struct Curl_easy *data, int sockindex, struct connectdata *conn = data->conn;
(void)sockindex;
+ /* limit the writes to the maximum specified in Section 3 of
+ * https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02
+ */
+ if(len > 32768)
+ len = 32768;
+
nwrite = sftp_write(conn->proto.sshc.sftp_file, mem, len);
myssh_block2waitfor(conn, FALSE);
@@ -2654,7 +2660,7 @@ static void sftp_quote(struct Curl_easy *data) /* if a command starts with an asterisk, which a legal SFTP command never
can, the command will be allowed to fail without it causing any
aborts or cancels etc. It will cause libcurl to act as if the command
- is successful, whatever the server reponds. */
+ is successful, whatever the server responds. */
if(cmd[0] == '*') {
cmd++;
@@ -2828,7 +2834,7 @@ static void sftp_quote_stat(struct Curl_easy *data) /* if a command starts with an asterisk, which a legal SFTP command never
can, the command will be allowed to fail without it causing any
aborts or cancels etc. It will cause libcurl to act as if the command
- is successful, whatever the server reponds. */
+ is successful, whatever the server responds. */
if(cmd[0] == '*') {
cmd++;
diff --git a/libs/libcurl/src/vssh/libssh2.c b/libs/libcurl/src/vssh/libssh2.c index 6894b78307..056041db38 100644 --- a/libs/libcurl/src/vssh/libssh2.c +++ b/libs/libcurl/src/vssh/libssh2.c @@ -1178,8 +1178,16 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block) }
else {
char *err_msg = NULL;
- (void)libssh2_session_last_error(sshc->ssh_session,
- &err_msg, NULL, 0);
+ char unknown[] = "Reason unknown (-1)";
+ if(rc == -1) {
+ /* No error message has been set and the last set error message, if
+ any, is from a previous error so ignore it. #11837 */
+ err_msg = unknown;
+ }
+ else {
+ (void)libssh2_session_last_error(sshc->ssh_session,
+ &err_msg, NULL, 0);
+ }
infof(data, "SSH public key authentication failed: %s", err_msg);
state(data, SSH_AUTH_PASS_INIT);
rc = 0; /* clear rc and continue */
@@ -1495,7 +1503,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block) /* if a command starts with an asterisk, which a legal SFTP command never
can, the command will be allowed to fail without it causing any
aborts or cancels etc. It will cause libcurl to act as if the command
- is successful, whatever the server reponds. */
+ is successful, whatever the server responds. */
if(cmd[0] == '*') {
cmd++;
@@ -1691,7 +1699,7 @@ static CURLcode ssh_statemach_act(struct Curl_easy *data, bool *block) /* if a command starts with an asterisk, which a legal SFTP command never
can, the command will be allowed to fail without it causing any
aborts or cancels etc. It will cause libcurl to act as if the command
- is successful, whatever the server reponds. */
+ is successful, whatever the server responds. */
if(cmd[0] == '*') {
cmd++;
diff --git a/libs/libcurl/src/vssh/wolfssh.c b/libs/libcurl/src/vssh/wolfssh.c index 78582e7849..b806845cb0 100644 --- a/libs/libcurl/src/vssh/wolfssh.c +++ b/libs/libcurl/src/vssh/wolfssh.c @@ -1168,6 +1168,7 @@ CURLcode Curl_ssh_init(void) }
void Curl_ssh_cleanup(void)
{
+ (void)wolfSSH_Cleanup();
}
#endif /* USE_WOLFSSH */
diff --git a/libs/libcurl/src/vtls/gtls.c b/libs/libcurl/src/vtls/gtls.c index c806a08cc4..cc30cb0f55 100644 --- a/libs/libcurl/src/vtls/gtls.c +++ b/libs/libcurl/src/vtls/gtls.c @@ -1473,7 +1473,6 @@ static int gtls_shutdown(struct Curl_cfilter *cf, struct Curl_easy *data)
{
struct ssl_connect_data *connssl = cf->ctx;
- struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data);
struct gtls_ssl_backend_data *backend =
(struct gtls_ssl_backend_data *)connssl->backend;
int retval = 0;
@@ -1536,8 +1535,11 @@ static int gtls_shutdown(struct Curl_cfilter *cf, gnutls_certificate_free_credentials(backend->gtls.cred);
#ifdef USE_GNUTLS_SRP
- if(ssl_config->primary.username)
- gnutls_srp_free_client_credentials(backend->gtls.srp_client_cred);
+ {
+ struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data);
+ if(ssl_config->primary.username)
+ gnutls_srp_free_client_credentials(backend->gtls.srp_client_cred);
+ }
#endif
backend->gtls.cred = NULL;
diff --git a/libs/libcurl/src/vtls/mbedtls.c b/libs/libcurl/src/vtls/mbedtls.c index 5f9414b881..496cac0ab4 100644 --- a/libs/libcurl/src/vtls/mbedtls.c +++ b/libs/libcurl/src/vtls/mbedtls.c @@ -156,7 +156,8 @@ static void mbed_debug(void *context, int level, const char *f_name, #else
#endif
-static int bio_cf_write(void *bio, const unsigned char *buf, size_t blen)
+static int mbedtls_bio_cf_write(void *bio,
+ const unsigned char *buf, size_t blen)
{
struct Curl_cfilter *cf = bio;
struct Curl_easy *data = CF_DATA_CURRENT(cf);
@@ -165,7 +166,7 @@ static int bio_cf_write(void *bio, const unsigned char *buf, size_t blen) DEBUGASSERT(data);
nwritten = Curl_conn_cf_send(cf->next, data, (char *)buf, blen, &result);
- CURL_TRC_CF(data, cf, "bio_cf_out_write(len=%zu) -> %zd, err=%d",
+ CURL_TRC_CF(data, cf, "mbedtls_bio_cf_out_write(len=%zu) -> %zd, err=%d",
blen, nwritten, result);
if(nwritten < 0 && CURLE_AGAIN == result) {
nwritten = MBEDTLS_ERR_SSL_WANT_WRITE;
@@ -173,7 +174,7 @@ static int bio_cf_write(void *bio, const unsigned char *buf, size_t blen) return (int)nwritten;
}
-static int bio_cf_read(void *bio, unsigned char *buf, size_t blen)
+static int mbedtls_bio_cf_read(void *bio, unsigned char *buf, size_t blen)
{
struct Curl_cfilter *cf = bio;
struct Curl_easy *data = CF_DATA_CURRENT(cf);
@@ -186,7 +187,7 @@ static int bio_cf_read(void *bio, unsigned char *buf, size_t blen) return 0;
nread = Curl_conn_cf_recv(cf->next, data, (char *)buf, blen, &result);
- CURL_TRC_CF(data, cf, "bio_cf_in_read(len=%zu) -> %zd, err=%d",
+ CURL_TRC_CF(data, cf, "mbedtls_bio_cf_in_read(len=%zu) -> %zd, err=%d",
blen, nread, result);
if(nread < 0 && CURLE_AGAIN == result) {
nread = MBEDTLS_ERR_SSL_WANT_READ;
@@ -591,7 +592,9 @@ mbed_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) mbedtls_ssl_conf_rng(&backend->config, mbedtls_ctr_drbg_random,
&backend->ctr_drbg);
- mbedtls_ssl_set_bio(&backend->ssl, cf, bio_cf_write, bio_cf_read,
+ mbedtls_ssl_set_bio(&backend->ssl, cf,
+ mbedtls_bio_cf_write,
+ mbedtls_bio_cf_read,
NULL /* rev_timeout() */);
mbedtls_ssl_conf_ciphersuites(&backend->config,
diff --git a/libs/libcurl/src/vtls/openssl.c b/libs/libcurl/src/vtls/openssl.c index 577069f040..b2f201ef13 100644 --- a/libs/libcurl/src/vtls/openssl.c +++ b/libs/libcurl/src/vtls/openssl.c @@ -466,7 +466,9 @@ CURLcode Curl_ossl_certchain(struct Curl_easy *data, SSL *ssl) X509_get0_signature(&psig, &sigalg, x);
if(sigalg) {
- i2a_ASN1_OBJECT(mem, sigalg->algorithm);
+ const ASN1_OBJECT *sigalgoid = NULL;
+ X509_ALGOR_get0(&sigalgoid, NULL, NULL, sigalg);
+ i2a_ASN1_OBJECT(mem, sigalgoid);
push_certinfo("Signature Algorithm", i);
}
@@ -661,7 +663,7 @@ CURLcode Curl_ossl_certchain(struct Curl_easy *data, SSL *ssl) #define BIO_set_shutdown(x,v) ((x)->shutdown=(v))
#endif /* USE_PRE_1_1_API */
-static int bio_cf_create(BIO *bio)
+static int ossl_bio_cf_create(BIO *bio)
{
BIO_set_shutdown(bio, 1);
BIO_set_init(bio, 1);
@@ -672,14 +674,14 @@ static int bio_cf_create(BIO *bio) return 1;
}
-static int bio_cf_destroy(BIO *bio)
+static int ossl_bio_cf_destroy(BIO *bio)
{
if(!bio)
return 0;
return 1;
}
-static long bio_cf_ctrl(BIO *bio, int cmd, long num, void *ptr)
+static long ossl_bio_cf_ctrl(BIO *bio, int cmd, long num, void *ptr)
{
struct Curl_cfilter *cf = BIO_get_data(bio);
long ret = 1;
@@ -713,7 +715,7 @@ static long bio_cf_ctrl(BIO *bio, int cmd, long num, void *ptr) return ret;
}
-static int bio_cf_out_write(BIO *bio, const char *buf, int blen)
+static int ossl_bio_cf_out_write(BIO *bio, const char *buf, int blen)
{
struct Curl_cfilter *cf = BIO_get_data(bio);
struct ssl_connect_data *connssl = cf->ctx;
@@ -725,7 +727,7 @@ static int bio_cf_out_write(BIO *bio, const char *buf, int blen) DEBUGASSERT(data);
nwritten = Curl_conn_cf_send(cf->next, data, buf, blen, &result);
- CURL_TRC_CF(data, cf, "bio_cf_out_write(len=%d) -> %d, err=%d",
+ CURL_TRC_CF(data, cf, "ossl_bio_cf_out_write(len=%d) -> %d, err=%d",
blen, (int)nwritten, result);
BIO_clear_retry_flags(bio);
backend->io_result = result;
@@ -736,7 +738,7 @@ static int bio_cf_out_write(BIO *bio, const char *buf, int blen) return (int)nwritten;
}
-static int bio_cf_in_read(BIO *bio, char *buf, int blen)
+static int ossl_bio_cf_in_read(BIO *bio, char *buf, int blen)
{
struct Curl_cfilter *cf = BIO_get_data(bio);
struct ssl_connect_data *connssl = cf->ctx;
@@ -752,7 +754,7 @@ static int bio_cf_in_read(BIO *bio, char *buf, int blen) return 0;
nread = Curl_conn_cf_recv(cf->next, data, buf, blen, &result);
- CURL_TRC_CF(data, cf, "bio_cf_in_read(len=%d) -> %d, err=%d",
+ CURL_TRC_CF(data, cf, "ossl_bio_cf_in_read(len=%d) -> %d, err=%d",
blen, (int)nread, result);
BIO_clear_retry_flags(bio);
backend->io_result = result;
@@ -777,42 +779,42 @@ static int bio_cf_in_read(BIO *bio, char *buf, int blen) #if USE_PRE_1_1_API
-static BIO_METHOD bio_cf_meth_1_0 = {
+static BIO_METHOD ossl_bio_cf_meth_1_0 = {
BIO_TYPE_MEM,
"OpenSSL CF BIO",
- bio_cf_out_write,
- bio_cf_in_read,
+ ossl_bio_cf_out_write,
+ ossl_bio_cf_in_read,
NULL, /* puts is never called */
NULL, /* gets is never called */
- bio_cf_ctrl,
- bio_cf_create,
- bio_cf_destroy,
+ ossl_bio_cf_ctrl,
+ ossl_bio_cf_create,
+ ossl_bio_cf_destroy,
NULL
};
-static BIO_METHOD *bio_cf_method_create(void)
+static BIO_METHOD *ossl_bio_cf_method_create(void)
{
- return &bio_cf_meth_1_0;
+ return &ossl_bio_cf_meth_1_0;
}
-#define bio_cf_method_free(m) Curl_nop_stmt
+#define ossl_bio_cf_method_free(m) Curl_nop_stmt
#else
-static BIO_METHOD *bio_cf_method_create(void)
+static BIO_METHOD *ossl_bio_cf_method_create(void)
{
BIO_METHOD *m = BIO_meth_new(BIO_TYPE_MEM, "OpenSSL CF BIO");
if(m) {
- BIO_meth_set_write(m, &bio_cf_out_write);
- BIO_meth_set_read(m, &bio_cf_in_read);
- BIO_meth_set_ctrl(m, &bio_cf_ctrl);
- BIO_meth_set_create(m, &bio_cf_create);
- BIO_meth_set_destroy(m, &bio_cf_destroy);
+ BIO_meth_set_write(m, &ossl_bio_cf_out_write);
+ BIO_meth_set_read(m, &ossl_bio_cf_in_read);
+ BIO_meth_set_ctrl(m, &ossl_bio_cf_ctrl);
+ BIO_meth_set_create(m, &ossl_bio_cf_create);
+ BIO_meth_set_destroy(m, &ossl_bio_cf_destroy);
}
return m;
}
-static void bio_cf_method_free(BIO_METHOD *m)
+static void ossl_bio_cf_method_free(BIO_METHOD *m)
{
if(m)
BIO_meth_free(m);
@@ -1551,11 +1553,9 @@ fail: UI_method_set_closer(ui_method, UI_method_get_closer(UI_OpenSSL()));
UI_method_set_reader(ui_method, ssl_ui_reader);
UI_method_set_writer(ui_method, ssl_ui_writer);
- /* the typecast below was added to please mingw32 */
- priv_key = (EVP_PKEY *)
- ENGINE_load_private_key(data->state.engine, key_file,
- ui_method,
- key_passwd);
+ priv_key = ENGINE_load_private_key(data->state.engine, key_file,
+ ui_method,
+ key_passwd);
UI_destroy_method(ui_method);
if(!priv_key) {
failf(data, "failed to load private key from crypto engine");
@@ -1878,15 +1878,45 @@ static void ossl_close(struct Curl_cfilter *cf, struct Curl_easy *data) if(backend->handle) {
if(cf->next && cf->next->connected) {
- char buf[32];
+ char buf[1024];
+ int nread, err;
+ long sslerr;
+
/* Maybe the server has already sent a close notify alert.
Read it to avoid an RST on the TCP connection. */
(void)SSL_read(backend->handle, buf, (int)sizeof(buf));
-
- (void)SSL_shutdown(backend->handle);
-
ERR_clear_error();
+ if(SSL_shutdown(backend->handle) == 1) {
+ CURL_TRC_CF(data, cf, "SSL shutdown finished");
+ }
+ else {
+ nread = SSL_read(backend->handle, buf, (int)sizeof(buf));
+ err = SSL_get_error(backend->handle, nread);
+ switch(err) {
+ case SSL_ERROR_NONE: /* this is not an error */
+ case SSL_ERROR_ZERO_RETURN: /* no more data */
+ CURL_TRC_CF(data, cf, "SSL shutdown, EOF from server");
+ break;
+ case SSL_ERROR_WANT_READ:
+ /* SSL has send its notify and now wants to read the reply
+ * from the server. We are not really interested in that. */
+ CURL_TRC_CF(data, cf, "SSL shutdown sent");
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ CURL_TRC_CF(data, cf, "SSL shutdown send blocked");
+ break;
+ default:
+ sslerr = ERR_get_error();
+ CURL_TRC_CF(data, cf, "SSL shutdown, error: '%s', errno %d",
+ (sslerr ?
+ ossl_strerror(sslerr, buf, sizeof(buf)) :
+ SSL_ERROR_to_str(err)),
+ SOCKERRNO);
+ break;
+ }
+ }
+ ERR_clear_error();
SSL_set_connect_state(backend->handle);
}
@@ -1899,7 +1929,7 @@ static void ossl_close(struct Curl_cfilter *cf, struct Curl_easy *data) backend->x509_store_setup = FALSE;
}
if(backend->bio_method) {
- bio_cf_method_free(backend->bio_method);
+ ossl_bio_cf_method_free(backend->bio_method);
backend->bio_method = NULL;
}
}
@@ -3789,7 +3819,7 @@ static CURLcode ossl_connect_step1(struct Curl_cfilter *cf, Curl_ssl_sessionid_unlock(data);
}
- backend->bio_method = bio_cf_method_create();
+ backend->bio_method = ossl_bio_cf_method_create();
if(!backend->bio_method)
return CURLE_OUT_OF_MEMORY;
bio = BIO_new(backend->bio_method);
diff --git a/libs/libcurl/src/vtls/schannel.c b/libs/libcurl/src/vtls/schannel.c index 843319e4ac..77ab43a9bf 100644 --- a/libs/libcurl/src/vtls/schannel.c +++ b/libs/libcurl/src/vtls/schannel.c @@ -68,22 +68,6 @@ # define HAS_ALPN 1
#endif
-#ifndef UNISP_NAME_A
-#define UNISP_NAME_A "Microsoft Unified Security Protocol Provider"
-#endif
-
-#ifndef UNISP_NAME_W
-#define UNISP_NAME_W L"Microsoft Unified Security Protocol Provider"
-#endif
-
-#ifndef UNISP_NAME
-#ifdef UNICODE
-#define UNISP_NAME UNISP_NAME_W
-#else
-#define UNISP_NAME UNISP_NAME_A
-#endif
-#endif
-
#ifndef BCRYPT_CHACHA20_POLY1305_ALGORITHM
#define BCRYPT_CHACHA20_POLY1305_ALGORITHM L"CHACHA20_POLY1305"
#endif
@@ -108,13 +92,6 @@ #define BCRYPT_SHA384_ALGORITHM L"SHA384"
#endif
-/* Workaround broken compilers like MinGW.
- Return the number of elements in a statically sized array.
-*/
-#ifndef ARRAYSIZE
-#define ARRAYSIZE(A) (sizeof(A)/sizeof((A)[0]))
-#endif
-
#ifdef HAS_CLIENT_CERT_PATH
#ifdef UNICODE
#define CURL_CERT_STORE_PROV_SYSTEM CERT_STORE_PROV_SYSTEM_W
@@ -123,18 +100,6 @@ #endif
#endif
-#ifndef SP_PROT_SSL2_CLIENT
-#define SP_PROT_SSL2_CLIENT 0x00000008
-#endif
-
-#ifndef SP_PROT_SSL3_CLIENT
-#define SP_PROT_SSL3_CLIENT 0x00000008
-#endif
-
-#ifndef SP_PROT_TLS1_CLIENT
-#define SP_PROT_TLS1_CLIENT 0x00000080
-#endif
-
#ifndef SP_PROT_TLS1_0_CLIENT
#define SP_PROT_TLS1_0_CLIENT SP_PROT_TLS1_CLIENT
#endif
@@ -175,12 +140,6 @@ # define CALG_SHA_256 0x0000800c
#endif
-/* Work around typo in classic MinGW's w32api up to version 5.0,
- see https://osdn.net/projects/mingw/ticket/38391 */
-#if !defined(ALG_CLASS_DHASH) && defined(ALG_CLASS_HASH)
-#define ALG_CLASS_DHASH ALG_CLASS_HASH
-#endif
-
#ifndef PKCS12_NO_PERSIST_KEY
#define PKCS12_NO_PERSIST_KEY 0x00008000
#endif
@@ -769,7 +728,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf, }
#endif
- /* allocate memory for the re-usable credential handle */
+ /* allocate memory for the reusable credential handle */
backend->cred = (struct Curl_schannel_cred *)
calloc(1, sizeof(struct Curl_schannel_cred));
if(!backend->cred) {
@@ -1169,7 +1128,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) backend->cred = NULL;
- /* check for an existing re-usable credential handle */
+ /* check for an existing reusable credential handle */
if(ssl_config->primary.sessionid) {
Curl_ssl_sessionid_lock(data);
if(!Curl_ssl_getsessionid(cf, data, (void **)&old_cred, NULL)) {
@@ -2752,8 +2711,7 @@ static void schannel_checksum(const unsigned char *input, if(!CryptCreateHash(hProv, algId, 0, 0, &hHash))
break; /* failed */
- /* workaround for original MinGW, should be (const BYTE*) */
- if(!CryptHashData(hHash, (BYTE*)input, (DWORD)inputlen, 0))
+ if(!CryptHashData(hHash, input, (DWORD)inputlen, 0))
break; /* failed */
/* get hash size */
diff --git a/libs/libcurl/src/vtls/schannel.h b/libs/libcurl/src/vtls/schannel.h index 4066e9ca1b..438012d434 100644 --- a/libs/libcurl/src/vtls/schannel.h +++ b/libs/libcurl/src/vtls/schannel.h @@ -68,7 +68,7 @@ * BoringSSL's <openssl/x509.h>: So just undefine those defines here
* (and only here).
*/
-#if defined(HAVE_BORINGSSL) || defined(OPENSSL_IS_BORINGSSL)
+#if defined(OPENSSL_IS_BORINGSSL)
# undef X509_NAME
# undef X509_CERT_PAIR
# undef X509_EXTENSIONS
diff --git a/libs/libcurl/src/vtls/schannel_int.h b/libs/libcurl/src/vtls/schannel_int.h index 97fed9e660..17a94d6e85 100644 --- a/libs/libcurl/src/vtls/schannel_int.h +++ b/libs/libcurl/src/vtls/schannel_int.h @@ -28,15 +28,9 @@ #ifdef USE_SCHANNEL
-#ifdef __MINGW32__
-#ifdef __MINGW64_VERSION_MAJOR
+#if defined(__MINGW32__) || defined(CERT_CHAIN_REVOCATION_CHECK_CHAIN)
#define HAS_MANUAL_VERIFY_API
#endif
-#else
-#ifdef CERT_CHAIN_REVOCATION_CHECK_CHAIN
-#define HAS_MANUAL_VERIFY_API
-#endif
-#endif
#if defined(CryptStringToBinary) && defined(CRYPT_STRING_HEX) \
&& !defined(DISABLE_SCHANNEL_CLIENT_CERT)
@@ -60,41 +54,6 @@ #endif
-#if defined(__MINGW32__) && !defined(__MINGW64_VERSION_MAJOR)
-/* Original mingw is missing CERT structs or they're disabled.
- Refer to w32api-5.0.2-mingw32-dev\include\wincrypt.h. */
-
-/* !checksrc! disable TYPEDEFSTRUCT 4 */
-typedef struct _CERT_OTHER_NAME {
- LPSTR pszObjId;
- CRYPT_OBJID_BLOB Value;
-} CERT_OTHER_NAME, *PCERT_OTHER_NAME;
-
-typedef struct _CERT_ALT_NAME_ENTRY {
- DWORD dwAltNameChoice;
- union {
- PCERT_OTHER_NAME pOtherName;
- LPWSTR pwszRfc822Name;
- LPWSTR pwszDNSName;
- CERT_NAME_BLOB DirectoryName;
- LPWSTR pwszURL;
- CRYPT_DATA_BLOB IPAddress;
- LPSTR pszRegisteredID;
- };
-} CERT_ALT_NAME_ENTRY, *PCERT_ALT_NAME_ENTRY;
-
-typedef struct _CERT_ALT_NAME_INFO {
- DWORD cAltEntry;
- PCERT_ALT_NAME_ENTRY rgAltEntry;
-} CERT_ALT_NAME_INFO, *PCERT_ALT_NAME_INFO;
-
-typedef struct _CRYPT_DECODE_PARA {
- DWORD cbSize;
- PFN_CRYPT_ALLOC pfnAlloc;
- PFN_CRYPT_FREE pfnFree;
-} CRYPT_DECODE_PARA, *PCRYPT_DECODE_PARA;
-#endif
-
#ifndef SCH_CREDENTIALS_VERSION
#define SCH_CREDENTIALS_VERSION 0x00000005
diff --git a/libs/libcurl/src/vtls/sectransp.c b/libs/libcurl/src/vtls/sectransp.c index 3a3ae009c8..d941119de9 100644 --- a/libs/libcurl/src/vtls/sectransp.c +++ b/libs/libcurl/src/vtls/sectransp.c @@ -830,9 +830,9 @@ static const unsigned char ecDsaSecp384r1SpkiHeader[] = { #endif /* SECTRANSP_PINNEDPUBKEY_V1 */
#endif /* SECTRANSP_PINNEDPUBKEY */
-static OSStatus bio_cf_in_read(SSLConnectionRef connection,
- void *buf,
- size_t *dataLength) /* IN/OUT */
+static OSStatus sectransp_bio_cf_in_read(SSLConnectionRef connection,
+ void *buf,
+ size_t *dataLength) /* IN/OUT */
{
struct Curl_cfilter *cf = (struct Curl_cfilter *)connection;
struct ssl_connect_data *connssl = cf->ctx;
@@ -870,9 +870,9 @@ static OSStatus bio_cf_in_read(SSLConnectionRef connection, return rtn;
}
-static OSStatus bio_cf_out_write(SSLConnectionRef connection,
- const void *buf,
- size_t *dataLength) /* IN/OUT */
+static OSStatus sectransp_bio_cf_out_write(SSLConnectionRef connection,
+ const void *buf,
+ size_t *dataLength) /* IN/OUT */
{
struct Curl_cfilter *cf = (struct Curl_cfilter *)connection;
struct ssl_connect_data *connssl = cf->ctx;
@@ -2100,7 +2100,9 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf, }
}
- err = SSLSetIOFuncs(backend->ssl_ctx, bio_cf_in_read, bio_cf_out_write);
+ err = SSLSetIOFuncs(backend->ssl_ctx,
+ sectransp_bio_cf_in_read,
+ sectransp_bio_cf_out_write);
if(err != noErr) {
failf(data, "SSL: SSLSetIOFuncs() failed: OSStatus %d", err);
return CURLE_SSL_CONNECT_ERROR;
diff --git a/libs/libcurl/src/vtls/vtls.c b/libs/libcurl/src/vtls/vtls.c index 3e33c16042..6a45ccb6d8 100644 --- a/libs/libcurl/src/vtls/vtls.c +++ b/libs/libcurl/src/vtls/vtls.c @@ -1494,7 +1494,8 @@ static void ssl_cf_close(struct Curl_cfilter *cf, CF_DATA_SAVE(save, cf, data);
cf_close(cf, data);
- cf->next->cft->do_close(cf->next, data);
+ if(cf->next)
+ cf->next->cft->do_close(cf->next, data);
CF_DATA_RESTORE(cf, save);
}
diff --git a/libs/libcurl/src/vtls/wolfssl.c b/libs/libcurl/src/vtls/wolfssl.c index 231ff35b71..fad1f7a88e 100644 --- a/libs/libcurl/src/vtls/wolfssl.c +++ b/libs/libcurl/src/vtls/wolfssl.c @@ -229,7 +229,7 @@ static const struct group_name_map gnm[] = { #ifdef USE_BIO_CHAIN
-static int bio_cf_create(WOLFSSL_BIO *bio)
+static int wolfssl_bio_cf_create(WOLFSSL_BIO *bio)
{
wolfSSL_BIO_set_shutdown(bio, 1);
wolfSSL_BIO_set_init(bio, 1);
@@ -237,14 +237,14 @@ static int bio_cf_create(WOLFSSL_BIO *bio) return 1;
}
-static int bio_cf_destroy(WOLFSSL_BIO *bio)
+static int wolfssl_bio_cf_destroy(WOLFSSL_BIO *bio)
{
if(!bio)
return 0;
return 1;
}
-static long bio_cf_ctrl(WOLFSSL_BIO *bio, int cmd, long num, void *ptr)
+static long wolfssl_bio_cf_ctrl(WOLFSSL_BIO *bio, int cmd, long num, void *ptr)
{
struct Curl_cfilter *cf = BIO_get_data(bio);
long ret = 1;
@@ -278,7 +278,8 @@ static long bio_cf_ctrl(WOLFSSL_BIO *bio, int cmd, long num, void *ptr) return ret;
}
-static int bio_cf_out_write(WOLFSSL_BIO *bio, const char *buf, int blen)
+static int wolfssl_bio_cf_out_write(WOLFSSL_BIO *bio,
+ const char *buf, int blen)
{
struct Curl_cfilter *cf = wolfSSL_BIO_get_data(bio);
struct ssl_connect_data *connssl = cf->ctx;
@@ -299,7 +300,7 @@ static int bio_cf_out_write(WOLFSSL_BIO *bio, const char *buf, int blen) return (int)nwritten;
}
-static int bio_cf_in_read(WOLFSSL_BIO *bio, char *buf, int blen)
+static int wolfssl_bio_cf_in_read(WOLFSSL_BIO *bio, char *buf, int blen)
{
struct Curl_cfilter *cf = wolfSSL_BIO_get_data(bio);
struct ssl_connect_data *connssl = cf->ctx;
@@ -323,27 +324,27 @@ static int bio_cf_in_read(WOLFSSL_BIO *bio, char *buf, int blen) return (int)nread;
}
-static WOLFSSL_BIO_METHOD *bio_cf_method = NULL;
+static WOLFSSL_BIO_METHOD *wolfssl_bio_cf_method = NULL;
-static void bio_cf_init_methods(void)
+static void wolfssl_bio_cf_init_methods(void)
{
- bio_cf_method = wolfSSL_BIO_meth_new(BIO_TYPE_MEM, "wolfSSL CF BIO");
- wolfSSL_BIO_meth_set_write(bio_cf_method, &bio_cf_out_write);
- wolfSSL_BIO_meth_set_read(bio_cf_method, &bio_cf_in_read);
- wolfSSL_BIO_meth_set_ctrl(bio_cf_method, &bio_cf_ctrl);
- wolfSSL_BIO_meth_set_create(bio_cf_method, &bio_cf_create);
- wolfSSL_BIO_meth_set_destroy(bio_cf_method, &bio_cf_destroy);
+ wolfssl_bio_cf_method = wolfSSL_BIO_meth_new(BIO_TYPE_MEM, "wolfSSL CF BIO");
+ wolfSSL_BIO_meth_set_write(wolfssl_bio_cf_method, &wolfssl_bio_cf_out_write);
+ wolfSSL_BIO_meth_set_read(wolfssl_bio_cf_method, &wolfssl_bio_cf_in_read);
+ wolfSSL_BIO_meth_set_ctrl(wolfssl_bio_cf_method, &wolfssl_bio_cf_ctrl);
+ wolfSSL_BIO_meth_set_create(wolfssl_bio_cf_method, &wolfssl_bio_cf_create);
+ wolfSSL_BIO_meth_set_destroy(wolfssl_bio_cf_method, &wolfssl_bio_cf_destroy);
}
-static void bio_cf_free_methods(void)
+static void wolfssl_bio_cf_free_methods(void)
{
- wolfSSL_BIO_meth_free(bio_cf_method);
+ wolfSSL_BIO_meth_free(wolfssl_bio_cf_method);
}
#else /* USE_BIO_CHAIN */
-#define bio_cf_init_methods() Curl_nop_stmt
-#define bio_cf_free_methods() Curl_nop_stmt
+#define wolfssl_bio_cf_init_methods() Curl_nop_stmt
+#define wolfssl_bio_cf_free_methods() Curl_nop_stmt
#endif /* !USE_BIO_CHAIN */
@@ -361,6 +362,10 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf);
const struct curl_blob *ca_info_blob = conn_config->ca_info_blob;
const struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data);
+ const char * const ssl_cafile =
+ /* CURLOPT_CAINFO_BLOB overrides CURLOPT_CAINFO */
+ (ca_info_blob ? NULL : conn_config->CAfile);
+ const char * const ssl_capath = conn_config->CApath;
WOLFSSL_METHOD* req_method = NULL;
#ifdef HAVE_LIBOQS
word16 oqsAlg = 0;
@@ -541,20 +546,21 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) }
#ifndef NO_FILESYSTEM
- /* load trusted cacert */
- if(conn_config->CAfile) {
- if(1 != wolfSSL_CTX_load_verify_locations(backend->ctx,
- conn_config->CAfile,
- conn_config->CApath)) {
+ /* load trusted cacert from file if not blob */
+ if(ssl_cafile || ssl_capath) {
+ int rc =
+ wolfSSL_CTX_load_verify_locations_ex(backend->ctx,
+ ssl_cafile,
+ ssl_capath,
+ WOLFSSL_LOAD_FLAG_IGNORE_ERR);
+ if(SSL_SUCCESS != rc) {
if(conn_config->verifypeer && !imported_ca_info_blob &&
!imported_native_ca) {
/* Fail if we insist on successfully verifying the server. */
failf(data, "error setting certificate verify locations:"
" CAfile: %s CApath: %s",
- conn_config->CAfile?
- conn_config->CAfile: "none",
- conn_config->CApath?
- conn_config->CApath : "none");
+ ssl_cafile ? ssl_cafile : "none",
+ ssl_capath ? ssl_capath : "none");
return CURLE_SSL_CACERT_BADFILE;
}
else {
@@ -568,10 +574,8 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) /* Everything is fine. */
infof(data, "successfully set certificate verify locations:");
}
- infof(data, " CAfile: %s",
- conn_config->CAfile ? conn_config->CAfile : "none");
- infof(data, " CApath: %s",
- conn_config->CApath ? conn_config->CApath : "none");
+ infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none");
+ infof(data, " CApath: %s", ssl_capath ? ssl_capath : "none");
}
/* Load the client certificate, and private key */
@@ -720,7 +724,7 @@ wolfssl_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) {
WOLFSSL_BIO *bio;
- bio = BIO_new(bio_cf_method);
+ bio = BIO_new(wolfssl_bio_cf_method);
if(!bio)
return CURLE_OUT_OF_MEMORY;
@@ -1140,14 +1144,14 @@ static int wolfssl_init(void) Curl_tls_keylog_open();
#endif
ret = (wolfSSL_Init() == SSL_SUCCESS);
- bio_cf_init_methods();
+ wolfssl_bio_cf_init_methods();
return ret;
}
static void wolfssl_cleanup(void)
{
- bio_cf_free_methods();
+ wolfssl_bio_cf_free_methods();
wolfSSL_Cleanup();
#ifdef OPENSSL_EXTRA
Curl_tls_keylog_close();
@@ -1378,6 +1382,7 @@ const struct Curl_ssl Curl_ssl_wolfssl = { #ifdef USE_BIO_CHAIN
SSLSUPP_HTTPS_PROXY |
#endif
+ SSLSUPP_CA_PATH |
SSLSUPP_CAINFO_BLOB |
SSLSUPP_SSL_CTX,
diff --git a/libs/libcurl/src/warnless.c b/libs/libcurl/src/warnless.c index 1424745edd..b28197d6cf 100644 --- a/libs/libcurl/src/warnless.c +++ b/libs/libcurl/src/warnless.c @@ -384,54 +384,3 @@ ssize_t curlx_write(int fd, const void *buf, size_t count) #endif /* WIN32 */
-#if defined(__INTEL_COMPILER) && defined(__unix__)
-
-int curlx_FD_ISSET(int fd, fd_set *fdset)
-{
- #pragma warning(push)
- #pragma warning(disable:1469) /* clobber ignored */
- return FD_ISSET(fd, fdset);
- #pragma warning(pop)
-}
-
-void curlx_FD_SET(int fd, fd_set *fdset)
-{
- #pragma warning(push)
- #pragma warning(disable:1469) /* clobber ignored */
- FD_SET(fd, fdset);
- #pragma warning(pop)
-}
-
-void curlx_FD_ZERO(fd_set *fdset)
-{
- #pragma warning(push)
- #pragma warning(disable:593) /* variable was set but never used */
- FD_ZERO(fdset);
- #pragma warning(pop)
-}
-
-unsigned short curlx_htons(unsigned short usnum)
-{
-#if (__INTEL_COMPILER == 910) && defined(__i386__)
- return (unsigned short)(((usnum << 8) & 0xFF00) | ((usnum >> 8) & 0x00FF));
-#else
- #pragma warning(push)
- #pragma warning(disable:810) /* conversion may lose significant bits */
- return htons(usnum);
- #pragma warning(pop)
-#endif
-}
-
-unsigned short curlx_ntohs(unsigned short usnum)
-{
-#if (__INTEL_COMPILER == 910) && defined(__i386__)
- return (unsigned short)(((usnum << 8) & 0xFF00) | ((usnum >> 8) & 0x00FF));
-#else
- #pragma warning(push)
- #pragma warning(disable:810) /* conversion may lose significant bits */
- return ntohs(usnum);
- #pragma warning(pop)
-#endif
-}
-
-#endif /* __INTEL_COMPILER && __unix__ */
|