From 5b052d4ce3b25c6984af092d4474d5be3d43ec71 Mon Sep 17 00:00:00 2001 From: dartraiden Date: Mon, 20 Feb 2023 21:44:11 +0300 Subject: libcurl: update to 7.88.1 --- libs/libcurl/docs/CHANGES | 604 +++++++++++++++++------------------- libs/libcurl/docs/THANKS | 7 + libs/libcurl/include/curl/curlver.h | 8 +- libs/libcurl/src/config-win32.h | 7 - libs/libcurl/src/connect.c | 18 +- libs/libcurl/src/curl_setup.h | 16 + libs/libcurl/src/http.h | 2 +- libs/libcurl/src/http2.c | 23 +- libs/libcurl/src/krb5.c | 2 +- libs/libcurl/src/libcurl.plist | 6 +- libs/libcurl/src/setopt.c | 42 ++- libs/libcurl/src/setup-os400.h | 2 +- libs/libcurl/src/socketpair.c | 61 +++- libs/libcurl/src/socks.c | 4 +- libs/libcurl/src/transfer.c | 13 +- libs/libcurl/src/url.c | 1 - libs/libcurl/src/urlapi.c | 37 +-- libs/libcurl/src/urldata.h | 1 - 18 files changed, 445 insertions(+), 409 deletions(-) diff --git a/libs/libcurl/docs/CHANGES b/libs/libcurl/docs/CHANGES index b01db08c56..4a84f08c70 100644 --- a/libs/libcurl/docs/CHANGES +++ b/libs/libcurl/docs/CHANGES @@ -6,6 +6,291 @@ Changelog +Version 7.88.1 (20 Feb 2023) + +Daniel Stenberg (20 Feb 2023) + +- RELEASE-NOTES: synced + + 7.88.1 release + +- THANKS: add contributors from 7.88.1 + +- socketpair: allow EWOULDBLOCK when reading the pair check bytes + + Reported-by: Gunamoi Software + Co-authored-by: Jay Satiro + Fixes #10561 + Closes #10562 + +Jay Satiro (18 Feb 2023) + +- tool_operate: fix scanbuild compiler warning + + Prior to this change Azure CI scanbuild warned of a potential NULL + pointer string passed to strtol when CURLDEBUG enabled, even though the + way the code was written it wouldn't have happened. + + Bug: https://github.com/curl/curl/commit/5479d991#r101159711 + Reported-by: Marcel Raad + + Closes https://github.com/curl/curl/pull/10559 + +- curl_setup: Suppress OpenSSL 3 deprecation warnings + + - Define OPENSSL_SUPPRESS_DEPRECATED. + + OpenSSL 3 has deprecated some of the functions libcurl uses such as + those with DES, MD5 and ENGINE prefix. We don't have replacements for + those functions so the warnings were disabled in autotools and cmake + builds, but still showed in other builds. + + Closes https://github.com/curl/curl/pull/10543 + +- build-openssl.bat: keep OpenSSL 3 engine binaries + + Prior to this change copying the OpenSSL 3 engine binaries failed + because 'engines-1_1' (OpenSSL 1.1.x folder name) was erroneously used + instead of 'engines-3'. The OpenSSL 3 builds would complete successfully + but without the engine binaries. + + Closes https://github.com/curl/curl/pull/10542 + +ALittleDruid (18 Feb 2023) + +- cmake: fix Windows check for CryptAcquireContext + + Check for CryptAcquireContext in windows.h and wincrypt.h only, since + otherwise this check may fail due to third party headers not found. + + Closes https://github.com/curl/curl/pull/10353 + +Daniel Stenberg (19 Feb 2023) + +- remote-header-name.d: mention that filename* is not supported + + and that you can use --clobber to allow overwriting. + + Ref: #10533 + Closes #10555 + + Co-authored-by: Jay Satiro + +Pierrick Charron (18 Feb 2023) + +- CURLOPT_WS_OPTIONS.3: fix the availability version + + Closes #10557 + +Jacob Hoffman-Andrews (18 Feb 2023) + +- GHA: update rustls dependency to 0.9.2 + + This allows re-enabling test 312 for the rustls backend. + + Closes #10553 + +Philip Heiduck (18 Feb 2023) + +- HTTP3.md: update git branches + + Closes #10554 + +Stefan Eissing (17 Feb 2023) + +- urldata: remove `now` from struct SingleRequest - not needed + + Closes #10549 + +Daniel Stenberg (17 Feb 2023) + +- lib1560: add IPv6 canonicalization tests + + Closes #10552 + +- RELEASE-NOTES: synced + +- urlapi: do the port number extraction without using sscanf() + + - sscanf() is rather complex and slow, strchr() much simpler + + - the port number function does not need to fully verify the IPv6 address + anyway as it is done later in the hostname_check() function and doing + it twice is unnecessary. + + Closes #10541 + +Stefan Eissing (17 Feb 2023) + +- setopt: allow HTTP3 when HTTP2 is not defined + + Reported-by: Karthikdasari0423 on github + Fixes #10538 + Closes #10544 + +Jon Rumsey (17 Feb 2023) + +- os400: correct Curl_os400_sendto() + + Add const qualifier to 5th argument of Curl_os400_sendto() + + Make OS400 wrapper for sendto match the normal prototype of sendto() + with a const qualifier. + + Fixes #10539 + Closes #10548 + +Stefan Eissing (17 Feb 2023) + +- tests-httpd: add proxy tests + + for direct and tunneling checks on http: and https: + + Closes #10519 + +Daniel Stenberg (17 Feb 2023) + +- curl: make --silent work stand-alone + + - renamed the struct field to 'silent' to match the cmdline option + - make --show-error toggle independently of --silent + - make --silent independent of ->noprogress as well + + By doing this, the three options --silent, --no-progress-meter and + --show-error should work independently of each other and also work with + and without '--no-' prefix as documented. + + Reported-by: u20221022 on github + Fixes #10535 + Closes #10536 + +- socks: allow using DoH to resolve host names + + For SOCKS modes where a local host resolve is done. + + It was previously disabled in 12d655d4561, but a few local tests seem to + indicate that it works fine. Works now because of the SOCKS refactor of + 4a4b63daaa01ef59 that made it non-blocking. + + Reported-by: roughtex on github + Fixes #10537 + Closes #10540 + +Stefan Eissing (17 Feb 2023) + +- test: add test for HTTP/2 corruption as reported in #10525 + + - adding test_02_20 for reproducing the situation + - using recently released mod_h2 Apache module + - skipping test if an older version is installed + - adding installation of current mod_h2 to github pytest workflow + + This reproduces the error reliable (for me) on the lib/http2.c version + of curl 7.88.0. And passes with the recent curl master. + + Closes #10534 + +Daniel Stenberg (16 Feb 2023) + +- tool_operate: allow debug builds to set buffersize + + Using the CURL_BUFFERSIZE environment variable. + + Closes #10532 + +Stefan Eissing (16 Feb 2023) + +- connnect: fix timeout handling to use full duration + + - connect timeout was used at half the configured value, if the + destination had 1 ip version 4 and other version 6 addresses + (or the other way around) + - extended test2600 to reproduce these cases + + Reported-by: Michael Kaufmann + Fixes #10514 + Closes #10517 + +Daniel Stenberg (16 Feb 2023) + +- tool_getparam: make --get a true boolean + + To match how it is documented in the man page. + + Fixes #10527 + Reported-by: u20221022 on github + Closes #10531 + +Harry Sintonen (16 Feb 2023) + +- http:: include stdint.h more readily + + Closes #10516 + +Stefan Eissing (16 Feb 2023) + +- tests: make the telnet server shut down a socket gracefully + + - test 1452 failed occasionally with ECONNRESET errnos in curl when the + server closed the connection in an unclean state. + + Closes #10509 + +Harry Sintonen (16 Feb 2023) + +- http2: set drain on stream end + + Ensure that on_frame_recv() stream end will trigger a read if there is + pending data. Without this it could happen that the pending data is + never consumed. + + This combined with https://github.com/curl/curl/pull/10529 should fix + https://github.com/curl/curl/issues/10525 + + Ref: https://github.com/curl/curl/issues/10525 + Closes #10530 + +Stefan Eissing (16 Feb 2023) + +- http2: buffer/pausedata and output flush fix. + + * do not process pending input data when copying pausedata to the + caller + * return CURLE_AGAIN if the output buffer could not be completely + written out. + + Ref: #10525 + Closes #10529 + +Marcel Raad (16 Feb 2023) + +- krb5: silence cast-align warning + + Add an intermediate cast to `void *`, as done everywhere else when + casting from `sockaddr *` to `sockaddr_in *`. + + Closes https://github.com/curl/curl/pull/10528 + +Daniel Stenberg (15 Feb 2023) + +- RELEASE-NOTES: synced + + bumped to 7.88.1 + +- tests: make sure gnuserv-tls has SRP support before using it + + Reported-by: fundawang on github + Fixes #10522 + Closes #10524 + +- runtests: fix "uninitialized value $port" + + by using a more appropriate variable + + Reported-by: fundawang on github + Fixes #10518 + Closes #10520 + Version 7.88.0 (15 Feb 2023) Daniel Stenberg (15 Feb 2023) @@ -9908,322 +10193,3 @@ Daniel Stenberg (17 Jul 2022) Fixes #9149 Closes #9151 Reported-by: yiyuaner on github - -Viktor Szakats (17 Jul 2022) - -- trace: 0x7F character is non-printable - - `0x7F` is `DEL`, a non-printable symbol, so print it as - `UNPRINTABLE_CHAR`. - - Reported-by: MasterInQuestion on github - Fixes #9162 - Closes #9166 - -- doh: use https protocol by default - - The only allowed protocol is https, so it makes sense to use that - by default if not passed explicitly by the user. - - Reported-by: MasterInQuestion on github - Reviewed-by: Jay Satiro - Fixes #9163 - Closes #9165 - -- openssl: fix BoringSSL symbol conflicts with LDAP and Schannel - - Same issue as here [1], but this time when building curl with BoringSSL - for Windows with LDAP(S) or Schannel support enabled. - - Apply the same fix [2] for these source files as well. - - This can also be fixed by moving `#include "urldata.h"` _before_ - including `winldap.h` and `schnlsp.h` respectively. This seems like - a cleaner fix, though I'm not sure why it works and if it has any - downside. - - [1] https://github.com/curl/curl/issues/5669 - [2] https://github.com/curl/curl/commit/fbe07c6829ba8c5793c84c2856526e19e9029 - ab9 - - Co-authored-by: Jay Satiro - Closes #9110 - -Daniel Stenberg (13 Jul 2022) - -- asyn-thread: make getaddrinfo_complete return CURLcode - - ... as the only caller that cares about what it returns assumes that - anyway. This caused icc to warn: - - asyn-thread.c(505): error #188: enumerated type mixed with another type - result = getaddrinfo_complete(data); - - Repoorted-by: Matthew Thompson - Bug: https://github.com/curl/curl/issues/9081#issuecomment-1182143076 - Closes #9146 - -- easy_lock: fix build with icc - - The Intel compiler tries to look like GCC *and* clang *and* it lies in - its __has_builtin() function (returns true when it should return false), - so override it. - - Reported-by: Matthew Thompson - Fixes #9081 - Closes #9144 - -- configure: fix --disable-headers-api - - Reported-by: Michał Antoniak - Fixes #9134 - Closes #9143 - -- test3026: require 'threadsafe' - - Reported-by: Sukanya Hanumanthu - Fixes #9141 - Closes #9142 - -Even Rouault (12 Jul 2022) - -- CMake: link curl to its dependencies with PRIVATE - - The current PUBLIC visibility causes issues for downstream users. - Cf https://github.com/OSGeo/PROJ/pull/3172#issuecomment-1157942986 - - Reviewed-by: Jakub Zakrzewski - Closes #9125 - -- CMake: remove APPEND in export(TARGETS) - - When running cmake several times, new content was appended to already - existing generated files, which is not appropriate - - Reviewed-by: Jakub Zakrzewski - Closes #9124 - -Tatsuhiro Tsujikawa (12 Jul 2022) - -- ngtcp2: implement cb_h3_stop_sending and cb_h3_reset_stream callbacks - - Closes #9135 - -Daniel Stenberg (11 Jul 2022) - -- RELEASE-NOTES: synced - -Viktor Szakats (11 Jul 2022) - -- build: improve OS string in CMake and `config-win32.h` - - This patch makes CMake fill the "OS string" with the value of - `CMAKE_C_COMPILER_TARGET`, if passed. This typically contains a triplet, - the same we can pass to `./configure` via `--host=`. - - For non-CMake, non-autotools, Windows builds, this patch adds the ability - to override the default `OS` value in `lib/config-win32.h`. - - With these its possible to get the same OS string across the three build - systems. - - This patch supersedes the earlier, partial, CMake-only solution: - 435f395f3f8c11eebfcc243ca55ebcc11a19b8b8, thus retiring the - `CURL_OS_SUFFIX` CMake option. - - Reviewed-by: Jay Satiro - Closes #9117 - -- Makefile.m32: add `CURL_RC` and `CURL_STRIP` variables [ci skip] - - They allow to override the hardcoded values for the `windres` and `strip` - tools, complementing the existing set of `CURL_{CC,AR,RANLIB}` variables. - - `CURL_RC` comes handy when using LLVM tools with `CROSSPREFIX=llvm-` and - `CURL_CC=clang` set on current latest debian:unstable or earlier, where - `llvm-windres` is missing, and a `CURL_RC=-windres` fixes it. - Hopefully this will be fixed in the llvm package. FWIW `llvm-windres` - does exist in Homebrew llvm, MSYS2 llvm and llvm-mingw. - - Reviewed-by: Daniel Stenberg - Closes #9132 - -Tatsuhiro Tsujikawa (10 Jul 2022) - -- ngtcp2: fix stall or busy loop on STOP_SENDING with upload data - - Fixes #9122 - Closes #9123 - -Xiaoke Wang (10 Jul 2022) - -- tool_operate: better cleanup of easy handle in exit path - - Closes #9114 - -- getinfo: return better error on NULL as first argument - - Closes #9114 - -Daniel Stenberg (10 Jul 2022) - -- tool_getparam: repair cleanarg - - Regression since 9e5669f. - - Make sure the "cleaning" of command line arguments is done on the - original argv[] pointers. As a bonus, it also exits better on out of - memory error. - - Reported-by: Litter White - Fixes #9128 - Closes #9130 - -Jay Satiro (10 Jul 2022) - -- docs: explain curl_easy_escape/unescape curl handle is ignored - - 26101421 (precedes 7.82.0) removed character conversion support used by - very old legacy operating systems and since then the curl handle passed - to curl_easy_escape/unescape is always ignored. - - Bug: https://github.com/curl/curl/discussions/9115 - Reported-by: Ted Lyngmo - - Closes https://github.com/curl/curl/pull/9121 - -Viktor Szakats (8 Jul 2022) - -- openssl: add `CURL_BORINGSSL_VERSION` to identify BoringSSL - - BoringSSL doesn't keep a version number, and doesn't self-identify itself - via any other revision number via its own headers. We can identify - BoringSSL revisions by their commit hash. This hash is typically known by - the builder. This patch adds a way to pass this hash to libcurl, so that - it can display in the curl version string: - - For example: - - `CFLAGS=-DCURL_BORINGSSL_VERSION="c239ffd0"` - - ``` - curl 7.84.0 (x86_64-w64-mingw32) libcurl/7.84.0 BoringSSL/c239ffd0 (Schannel) - zlib/1.2.12 [...] - Release-Date: 2022-06-27 - Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps - mqtt pop3 [...] - Features: alt-svc AsynchDNS brotli gsasl HSTS HTTP2 HTTP3 HTTPS-proxy IDN IPv - 6 Kerberos [...] - ``` - - The setting is optional, and if not passed, BoringSSL will appear without - a version number, like before this patch. - - Closes #9113 - -Jay Satiro (8 Jul 2022) - -- escape: remove outdated comment - - Bug: https://github.com/curl/curl/discussions/9115 - Reported-by: Ted Lyngmo - -Tatsuhiro Tsujikawa (8 Jul 2022) - -- ngtcp2: Fix missing initialization of nghttp3_nv.flags - - Closes https://github.com/curl/curl/pull/9118 - -Brad Forschinger (6 Jul 2022) - -- netrc.d: remove spurious quote - - Closes #9111 - -Viktor Szakats (6 Jul 2022) - -- Makefile.m32: add `NGTCP2_LIBS` option [ci skip] - - Makefile.m32's ngtcp2 has its two libs hardwired for OpenSSL. - Add `NGTCP2_LIBS` envvar to override them with a custom list, - making it possible to use BoringSSL, or any other backend. - - Closes #9109 - -Evgeny Grin (Karlson2k) (6 Jul 2022) - -- digest: fix missing increment of 'nc' value for auth-int - - - Increment nc regardless of qop type. - - Prior to this change nc was only incremented for qop type auth even - though libcurl sends nc with any qop. - - Closes https://github.com/curl/curl/pull/9090 - -Daniel Stenberg (5 Jul 2022) - -- RELEASE-NOTES: synced - - Bumped to 7.85.0 - -- urldata: reduce size of four ftp related members - - ftp_filemethod, ftpsslauth and ftp_ccc are now uchars - - accepttimeout is now unsigned int - almost 50 days ought to be enough - for this value. - - Closes #9106 - -- urldata: reduce three type-members from int to uchar - - - timecondition - - proxytype - - method - - ... previously used their enum type in the struct, which made them - unnecesarily large. - - Closes #9105 - -- CURLOPT_SERVER_RESPONSE_TIMEOUT: the new name - - Starting now, CURLOPT_FTP_RESPONSE_TIMEOUT is the alias instead of the - other way around. - - Since 7.20.0, CURLOPT_SERVER_RESPONSE_TIMEOUT has existed as an alias - but since the option is for more protocols than FTP the more "correct" - version of the option is the "server" one so now we switch. - - Closes #9104 - -- urldata: make 'ftp_create_missing_dirs' a uchar - - It only ever holds the values 0-2. - - Closes #9103 - -Don J Olmstead (5 Jul 2022) - -- cmake: support ngtcp2 boringssl backend - - Update the ngtcp2 find module to detect the boringssl backend. Determine - if the underlying OpenSSL implementation is BoringSSL and if so use that - as the ngtcp2 backend. - - Reviewed-by: Jakub Zakrzewski - Closes #9065 - -Daniel Stenberg (5 Jul 2022) - -- urldata: change 4 timeouts to unsigned int from long - - They're not used for that long times anyway, 32 bit milliseconds is long - enough. - - Closes #9101 - -- urldata: make 'use_netrc' a uchar - - Closes #9102 diff --git a/libs/libcurl/docs/THANKS b/libs/libcurl/docs/THANKS index ff8888abaa..5f2b7f729e 100644 --- a/libs/libcurl/docs/THANKS +++ b/libs/libcurl/docs/THANKS @@ -120,6 +120,7 @@ Alexis Vachette Alfonso Martone Alfred Gebert Ali Utku Selen +ALittleDruid on github Allen Pulsifer Alona Rossen Amaury Denoyelle @@ -438,6 +439,7 @@ Chris Young Christian Fillion Christian Grothoff Christian Heimes +Christian Hesse Christian Hägele Christian Krause Christian Kurz @@ -879,6 +881,7 @@ Fredrik Thulin FuccDucc on github Fujii Hironori fullincome on github +fundawang on github Gabriel Kuri Gabriel Simmer Gabriel Sjoberg @@ -958,6 +961,7 @@ Guenole Bescon Guido Berhoerster Guillaume Arluison guitared on github +Gunamoi Software Gunter Knauf Gustaf Hui Gustavo Grieco @@ -1414,6 +1418,7 @@ Kevin Lussier Kevin R. Bulgrien Kevin Reed Kevin Roth +Kevin Ryan Kevin Smith Kevin Ushey Kim Minjoong @@ -2266,6 +2271,7 @@ Ronnie Mose Rosen Penev Rosimildo da Silva Ross Burton +roughtex on github Roy Bellingan Roy Li Roy Shan @@ -2816,3 +2822,4 @@ zzq1015 on github 不确定 加藤郁之 梦终无痕 + diff --git a/libs/libcurl/include/curl/curlver.h b/libs/libcurl/include/curl/curlver.h index 4c8d38c59c..d2f6d8e293 100644 --- a/libs/libcurl/include/curl/curlver.h +++ b/libs/libcurl/include/curl/curlver.h @@ -32,13 +32,13 @@ /* This is the version number of the libcurl package from which this header file origins: */ -#define LIBCURL_VERSION "7.88.0" +#define LIBCURL_VERSION "7.88.1" /* The numeric version number is also available "in parts" by using these defines: */ #define LIBCURL_VERSION_MAJOR 7 #define LIBCURL_VERSION_MINOR 88 -#define LIBCURL_VERSION_PATCH 0 +#define LIBCURL_VERSION_PATCH 1 /* This is the numeric version of the libcurl version number, meant for easier parsing and comparisons by programs. The LIBCURL_VERSION_NUM define will @@ -59,7 +59,7 @@ CURL_VERSION_BITS() macro since curl's own configure script greps for it and needs it to contain the full number. */ -#define LIBCURL_VERSION_NUM 0x075800 +#define LIBCURL_VERSION_NUM 0x075801 /* * This is the date and time when the full source package was created. The @@ -70,7 +70,7 @@ * * "2007-11-23" */ -#define LIBCURL_TIMESTAMP "2023-02-15" +#define LIBCURL_TIMESTAMP "2023-02-20" #define CURL_VERSION_BITS(x,y,z) ((x)<<16|(y)<<8|(z)) #define CURL_AT_LEAST_VERSION(x,y,z) \ diff --git a/libs/libcurl/src/config-win32.h b/libs/libcurl/src/config-win32.h index f014d4746c..17a9a1d048 100644 --- a/libs/libcurl/src/config-win32.h +++ b/libs/libcurl/src/config-win32.h @@ -197,10 +197,6 @@ /* Define if you have the socket function. */ #define HAVE_SOCKET 1 -/* Define if libSSH2 is in use */ -#define USE_LIBSSH2 1 -#define HAVE_LIBSSH2_H 1 - /* Define if you have the strcasecmp function. */ #ifdef __MINGW32__ #define HAVE_STRCASECMP 1 @@ -619,9 +615,6 @@ Vista # define CURL_DISABLE_LDAP 1 #endif -/* if SSL is enabled */ -#define USE_OPENSSL 1 - /* Define to use the Windows crypto library. */ #if !defined(CURL_WINDOWS_APP) #define USE_WIN32_CRYPTO diff --git a/libs/libcurl/src/connect.c b/libs/libcurl/src/connect.c index aa854d9492..e17bf235be 100644 --- a/libs/libcurl/src/connect.c +++ b/libs/libcurl/src/connect.c @@ -186,7 +186,7 @@ addr_first_match(const struct Curl_addrinfo *addr, int family) static const struct Curl_addrinfo * addr_next_match(const struct Curl_addrinfo *addr, int family) { - while(addr->ai_next) { + while(addr && addr->ai_next) { addr = addr->ai_next; if(addr->ai_family == family) return addr; @@ -406,7 +406,8 @@ static CURLcode eyeballer_new(struct eyeballer **pballer, baller->ai_family = ai_family; baller->primary = primary; baller->delay_ms = delay_ms; - baller->timeoutms = (addr && addr->ai_next)? timeout_ms / 2 : timeout_ms; + baller->timeoutms = addr_next_match(baller->addr, baller->ai_family)? + timeout_ms / 2 : timeout_ms; baller->timeout_id = timeout_id; baller->result = CURLE_COULDNT_CONNECT; @@ -467,7 +468,7 @@ static void baller_initiate(struct Curl_cfilter *cf, wcf->sockindex = cf->sockindex; } - if(baller->addr && baller->addr->ai_next) { + if(addr_next_match(baller->addr, baller->ai_family)) { Curl_expire(data, baller->timeoutms, baller->timeout_id); } @@ -498,8 +499,8 @@ static CURLcode baller_start(struct Curl_cfilter *cf, while(baller->addr) { baller->started = Curl_now(); - baller->timeoutms = (baller->addr->ai_next == NULL) ? - timeoutms : timeoutms / 2; + baller->timeoutms = addr_next_match(baller->addr, baller->ai_family) ? + timeoutms / 2 : timeoutms; baller_initiate(cf, data, baller); if(!baller->result) break; @@ -662,7 +663,8 @@ evaluate: DEBUGF(LOG_CF(data, cf, "%s done", baller->name)); } else { - DEBUGF(LOG_CF(data, cf, "%s starting", baller->name)); + DEBUGF(LOG_CF(data, cf, "%s starting (timeout=%ldms)", + baller->name, baller->timeoutms)); ++ongoing; ++added; } @@ -799,6 +801,8 @@ static CURLcode start_connect(struct Curl_cfilter *cf, timeout_ms, EXPIRE_DNS_PER_NAME); if(result) return result; + DEBUGF(LOG_CF(data, cf, "created %s (timeout %ldms)", + ctx->baller[0]->name, ctx->baller[0]->timeoutms)); if(addr1) { /* second one gets a delayed start */ result = eyeballer_new(&ctx->baller[1], ctx->cf_create, addr1, ai_family1, @@ -808,6 +812,8 @@ static CURLcode start_connect(struct Curl_cfilter *cf, timeout_ms, EXPIRE_DNS_PER_NAME2); if(result) return result; + DEBUGF(LOG_CF(data, cf, "created %s (timeout %ldms)", + ctx->baller[1]->name, ctx->baller[1]->timeoutms)); } Curl_expire(data, data->set.happy_eyeballs_timeout, diff --git a/libs/libcurl/src/curl_setup.h b/libs/libcurl/src/curl_setup.h index f0633ddfff..968c8ccbc8 100644 --- a/libs/libcurl/src/curl_setup.h +++ b/libs/libcurl/src/curl_setup.h @@ -61,6 +61,16 @@ # ifndef NOGDI # define NOGDI # endif +/* Detect Windows App environment which has a restricted access + * to the Win32 APIs. */ +# if (defined(_WIN32_WINNT) && (_WIN32_WINNT >= 0x0602)) || \ + defined(WINAPI_FAMILY) +# include +# if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_APP) && \ + !WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) +# define CURL_WINDOWS_APP +# endif +# endif #endif /* @@ -852,4 +862,10 @@ int getpwuid_r(uid_t uid, struct passwd *pwd, char *buf, # endif #endif +/* OpenSSLv3 marks DES, MD5 and ENGINE functions deprecated but we have no + replacements (yet) so tell the compiler to not warn for them. */ +#ifdef USE_OPENSSL +#define OPENSSL_SUPPRESS_DEPRECATED +#endif + #endif /* HEADER_CURL_SETUP_H */ diff --git a/libs/libcurl/src/http.h b/libs/libcurl/src/http.h index 115db9b79b..a74844cc01 100644 --- a/libs/libcurl/src/http.h +++ b/libs/libcurl/src/http.h @@ -42,7 +42,7 @@ typedef enum { #ifndef CURL_DISABLE_HTTP -#if defined(_WIN32) && (defined(ENABLE_QUIC) || defined(USE_NGHTTP2)) +#if defined(ENABLE_QUIC) || defined(USE_NGHTTP2) #include #endif diff --git a/libs/libcurl/src/http2.c b/libs/libcurl/src/http2.c index c2da6b2af9..8d72977e59 100644 --- a/libs/libcurl/src/http2.c +++ b/libs/libcurl/src/http2.c @@ -467,6 +467,7 @@ static CURLcode flush_output(struct Curl_cfilter *cf, } if((size_t)written < buflen) { Curl_dyn_tail(&ctx->outbuf, buflen - (size_t)written); + return CURLE_AGAIN; } else { Curl_dyn_reset(&ctx->outbuf); @@ -867,6 +868,14 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame, return NGHTTP2_ERR_CALLBACK_FAILURE; } } + if(frame->hd.flags & NGHTTP2_FLAG_END_STREAM) { + /* Stream has ended. If there is pending data, ensure that read + will occur to consume it. */ + if(!data->state.drain && stream->memlen) { + drain_this(cf, data_s); + Curl_expire(data, 0, EXPIRE_RUN_NOW); + } + } break; case NGHTTP2_HEADERS: DEBUGF(LOG_CF(data_s, cf, "[h2sid=%u] recv frame HEADERS", stream_id)); @@ -1790,6 +1799,7 @@ static ssize_t cf_h2_recv(struct Curl_cfilter *cf, struct Curl_easy *data, stream->pausedata += nread; stream->pauselen -= nread; + drain_this(cf, data); if(stream->pauselen == 0) { DEBUGF(LOG_CF(data, cf, "[h2sid=%u] Unpaused", stream->stream_id)); @@ -1798,18 +1808,6 @@ static ssize_t cf_h2_recv(struct Curl_cfilter *cf, struct Curl_easy *data, stream->pausedata = NULL; stream->pauselen = 0; - - /* When NGHTTP2_ERR_PAUSE is returned from - data_source_read_callback, we might not process DATA frame - fully. Calling nghttp2_session_mem_recv() again will - continue to process DATA frame, but if there is no incoming - frames, then we have to call it again with 0-length data. - Without this, on_stream_close callback will not be called, - and stream could be hanged. */ - if(h2_process_pending_input(cf, data, err) != 0) { - nread = -1; - goto out; - } } DEBUGF(LOG_CF(data, cf, "[h2sid=%u] recv: returns unpaused %zd bytes", stream->stream_id, nread)); @@ -1933,6 +1931,7 @@ static ssize_t cf_h2_recv(struct Curl_cfilter *cf, struct Curl_easy *data, drained_transfer(cf, data); } + *err = CURLE_OK; nread = retlen; DEBUGF(LOG_CF(data, cf, "[h2sid=%u] cf_h2_recv -> %zd", stream->stream_id, nread)); diff --git a/libs/libcurl/src/krb5.c b/libs/libcurl/src/krb5.c index da3e3577d9..6aed067feb 100644 --- a/libs/libcurl/src/krb5.c +++ b/libs/libcurl/src/krb5.c @@ -210,7 +210,7 @@ krb5_auth(void *app_data, struct Curl_easy *data, struct connectdata *conn) struct gss_channel_bindings_struct chan; size_t base64_sz = 0; struct sockaddr_in *remote_addr = - (struct sockaddr_in *)&conn->remote_addr->sa_addr; + (struct sockaddr_in *)(void *)&conn->remote_addr->sa_addr; char *stringp; if(getsockname(conn->sock[FIRSTSOCKET], diff --git a/libs/libcurl/src/libcurl.plist b/libs/libcurl/src/libcurl.plist index 5b669cf5a6..29888b765f 100644 --- a/libs/libcurl/src/libcurl.plist +++ b/libs/libcurl/src/libcurl.plist @@ -15,7 +15,7 @@ se.curl.libcurl CFBundleVersion - 7.88.0 + 7.88.1 CFBundleName libcurl @@ -27,9 +27,9 @@ ???? CFBundleShortVersionString - libcurl 7.88.0 + libcurl 7.88.1 CFBundleGetInfoString - libcurl.plist 7.88.0 + libcurl.plist 7.88.1 diff --git a/libs/libcurl/src/setopt.c b/libs/libcurl/src/setopt.c index d1a9499c7b..53e53ad6f5 100644 --- a/libs/libcurl/src/setopt.c +++ b/libs/libcurl/src/setopt.c @@ -895,22 +895,38 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) * the listed enums in curl/curl.h. */ arg = va_arg(param, long); - if(arg < CURL_HTTP_VERSION_NONE) - return CURLE_BAD_FUNCTION_ARGUMENT; + switch(arg) { + case CURL_HTTP_VERSION_NONE: +#ifdef USE_HTTP2 + /* TODO: this seems an undesirable quirk to force a behaviour on + * lower implementations that they should recognize independantly? */ + arg = CURL_HTTP_VERSION_2TLS; +#endif + /* accepted */ + break; + case CURL_HTTP_VERSION_1_0: + case CURL_HTTP_VERSION_1_1: + /* accepted */ + break; +#ifdef USE_HTTP2 + case CURL_HTTP_VERSION_2_0: + case CURL_HTTP_VERSION_2TLS: + case CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE: + /* accepted */ + break; +#endif #ifdef ENABLE_QUIC - if(arg == CURL_HTTP_VERSION_3) - ; - else + case CURL_HTTP_VERSION_3: + case CURL_HTTP_VERSION_3ONLY: + /* accepted */ + break; #endif -#ifndef USE_HTTP2 - if(arg >= CURL_HTTP_VERSION_2) - return CURLE_UNSUPPORTED_PROTOCOL; -#else - if(arg >= CURL_HTTP_VERSION_LAST) + default: + /* not accepted */ + if(arg < CURL_HTTP_VERSION_NONE) + return CURLE_BAD_FUNCTION_ARGUMENT; return CURLE_UNSUPPORTED_PROTOCOL; - if(arg == CURL_HTTP_VERSION_NONE) - arg = CURL_HTTP_VERSION_2TLS; -#endif + } data->set.httpwant = (unsigned char)arg; break; diff --git a/libs/libcurl/src/setup-os400.h b/libs/libcurl/src/setup-os400.h index 7a6f6e1023..fbae57a44d 100644 --- a/libs/libcurl/src/setup-os400.h +++ b/libs/libcurl/src/setup-os400.h @@ -205,7 +205,7 @@ extern OM_uint32 Curl_gss_delete_sec_context_a(OM_uint32 * minor_status, extern int Curl_os400_connect(int sd, struct sockaddr *destaddr, int addrlen); extern int Curl_os400_bind(int sd, struct sockaddr *localaddr, int addrlen); extern int Curl_os400_sendto(int sd, char *buffer, int buflen, int flags, - struct sockaddr *dstaddr, int addrlen); + const struct sockaddr *dstaddr, int addrlen); extern int Curl_os400_recvfrom(int sd, char *buffer, int buflen, int flags, struct sockaddr *fromaddr, int *addrlen); extern int Curl_os400_getpeername(int sd, struct sockaddr *addr, int *addrlen); diff --git a/libs/libcurl/src/socketpair.c b/libs/libcurl/src/socketpair.c index 5d0593e09b..5bba59ed90 100644 --- a/libs/libcurl/src/socketpair.c +++ b/libs/libcurl/src/socketpair.c @@ -85,9 +85,22 @@ int Curl_socketpair(int domain, int type, int protocol, socks[0] = socks[1] = CURL_SOCKET_BAD; +#if defined(WIN32) || defined(__CYGWIN__) + /* don't set SO_REUSEADDR on Windows */ + (void)reuse; +#ifdef SO_EXCLUSIVEADDRUSE + { + int exclusive = 1; + if(setsockopt(listener, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, + (char *)&exclusive, (curl_socklen_t)sizeof(exclusive)) == -1) + goto error; + } +#endif +#else if(setsockopt(listener, SOL_SOCKET, SO_REUSEADDR, (char *)&reuse, (curl_socklen_t)sizeof(reuse)) == -1) goto error; +#endif if(bind(listener, &a.addr, sizeof(a.inaddr)) == -1) goto error; if(getsockname(listener, &a.addr, &addrlen) == -1 || @@ -113,14 +126,52 @@ int Curl_socketpair(int domain, int type, int protocol, goto error; else { struct curltime check; - struct curltime now = Curl_now(); + struct curltime start = Curl_now(); + char *p = (char *)✓ + size_t s = sizeof(check); /* write data to the socket */ - swrite(socks[0], &now, sizeof(now)); + swrite(socks[0], &start, sizeof(start)); /* verify that we read the correct data */ - if((sizeof(now) != sread(socks[1], &check, sizeof(check)) || - memcmp(&now, &check, sizeof(check)))) - goto error; + do { + ssize_t nread; + + pfd[0].fd = socks[1]; + pfd[0].events = POLLIN; + pfd[0].revents = 0; + (void)Curl_poll(pfd, 1, 1000); /* one second */ + + nread = sread(socks[1], p, s); + if(nread == -1) { + int sockerr = SOCKERRNO; + /* Don't block forever */ + if(Curl_timediff(Curl_now(), start) > (60 * 1000)) + goto error; + if( +#ifdef WSAEWOULDBLOCK + /* This is how Windows does it */ + (WSAEWOULDBLOCK == sockerr) +#else + /* errno may be EWOULDBLOCK or on some systems EAGAIN when it + returned due to its inability to send off data without + blocking. We therefore treat both error codes the same here */ + (EWOULDBLOCK == sockerr) || (EAGAIN == sockerr) || + (EINTR == sockerr) || (EINPROGRESS == sockerr) +#endif + ) { + continue; + } + goto error; + } + s -= nread; + if(s) { + p += nread; + continue; + } + if(memcmp(&start, &check, sizeof(check))) + goto error; + break; + } while(1); } sclose(listener); diff --git a/libs/libcurl/src/socks.c b/libs/libcurl/src/socks.c index e78e383896..e09df3df4b 100644 --- a/libs/libcurl/src/socks.c +++ b/libs/libcurl/src/socks.c @@ -316,7 +316,7 @@ static CURLproxycode do_SOCKS4(struct Curl_cfilter *cf, /* DNS resolve only for SOCKS4, not SOCKS4a */ if(!protocol4a) { enum resolve_t rc = - Curl_resolv(data, sx->hostname, sx->remote_port, FALSE, &dns); + Curl_resolv(data, sx->hostname, sx->remote_port, TRUE, &dns); if(rc == CURLRESOLV_ERROR) return CURLPX_RESOLVE_HOST; @@ -783,7 +783,7 @@ static CURLproxycode do_SOCKS5(struct Curl_cfilter *cf, case CONNECT_REQ_INIT: if(socks5_resolve_local) { enum resolve_t rc = Curl_resolv(data, sx->hostname, sx->remote_port, - FALSE, &dns); + TRUE, &dns); if(rc == CURLRESOLV_ERROR) return CURLPX_RESOLVE_HOST; diff --git a/libs/libcurl/src/transfer.c b/libs/libcurl/src/transfer.c index 8c32bb8404..6d0ed31e52 100644 --- a/libs/libcurl/src/transfer.c +++ b/libs/libcurl/src/transfer.c @@ -1055,6 +1055,7 @@ CURLcode Curl_readwrite(struct connectdata *conn, { struct SingleRequest *k = &data->req; CURLcode result; + struct curltime now; int didwhat = 0; curl_socket_t fd_read; @@ -1124,7 +1125,7 @@ CURLcode Curl_readwrite(struct connectdata *conn, } #endif - k->now = Curl_now(); + now = Curl_now(); if(!didwhat) { /* no read no write, this is a timeout? */ if(k->exp100 == EXP100_AWAITING_CONTINUE) { @@ -1141,7 +1142,7 @@ CURLcode Curl_readwrite(struct connectdata *conn, */ - timediff_t ms = Curl_timediff(k->now, k->start100); + timediff_t ms = Curl_timediff(now, k->start100); if(ms >= data->set.expect_100_timeout) { /* we've waited long enough, continue anyway */ k->exp100 = EXP100_SEND_DATA; @@ -1159,23 +1160,23 @@ CURLcode Curl_readwrite(struct connectdata *conn, if(Curl_pgrsUpdate(data)) result = CURLE_ABORTED_BY_CALLBACK; else - result = Curl_speedcheck(data, k->now); + result = Curl_speedcheck(data, now); if(result) goto out; if(k->keepon) { - if(0 > Curl_timeleft(data, &k->now, FALSE)) { + if(0 > Curl_timeleft(data, &now, FALSE)) { if(k->size != -1) { failf(data, "Operation timed out after %" CURL_FORMAT_TIMEDIFF_T " milliseconds with %" CURL_FORMAT_CURL_OFF_T " out of %" CURL_FORMAT_CURL_OFF_T " bytes received", - Curl_timediff(k->now, data->progress.t_startsingle), + Curl_timediff(now, data->progress.t_startsingle), k->bytecount, k->size); } else { failf(data, "Operation timed out after %" CURL_FORMAT_TIMEDIFF_T " milliseconds with %" CURL_FORMAT_CURL_OFF_T " bytes received", - Curl_timediff(k->now, data->progress.t_startsingle), + Curl_timediff(now, data->progress.t_startsingle), k->bytecount); } result = CURLE_OPERATION_TIMEDOUT; diff --git a/libs/libcurl/src/url.c b/libs/libcurl/src/url.c index 484c4eec25..3a81266424 100644 --- a/libs/libcurl/src/url.c +++ b/libs/libcurl/src/url.c @@ -3962,7 +3962,6 @@ CURLcode Curl_init_do(struct Curl_easy *data, struct connectdata *conn) data->state.httpreq = HTTPREQ_HEAD; k->start = Curl_now(); /* start time */ - k->now = k->start; /* current time is now */ k->header = TRUE; /* assume header */ k->bytecount = 0; k->ignorebody = FALSE; diff --git a/libs/libcurl/src/urlapi.c b/libs/libcurl/src/urlapi.c index 24cfcf1acf..94266c1f4f 100644 --- a/libs/libcurl/src/urlapi.c +++ b/libs/libcurl/src/urlapi.c @@ -493,35 +493,21 @@ static CURLUcode parse_hostname_login(struct Curl_URL *u, UNITTEST CURLUcode Curl_parse_port(struct Curl_URL *u, struct dynbuf *host, bool has_scheme) { - char *portptr = NULL; - char endbracket; - int len; + char *portptr; char *hostname = Curl_dyn_ptr(host); /* * Find the end of an IPv6 address, either on the ']' ending bracket or * a percent-encoded zone index. */ - if(1 == sscanf(hostname, "[%*45[0123456789abcdefABCDEF:.]%c%n", - &endbracket, &len)) { - if(']' == endbracket) - portptr = &hostname[len]; - else if('%' == endbracket) { - int zonelen = len; - if(1 == sscanf(hostname + zonelen, "%*[^]]%c%n", &endbracket, &len)) { - if(']' != endbracket) - return CURLUE_BAD_IPV6; - portptr = &hostname[--zonelen + len + 1]; - } - else - return CURLUE_BAD_IPV6; - } - else + if(hostname[0] == '[') { + portptr = strchr(hostname, ']'); + if(!portptr) return CURLUE_BAD_IPV6; - + portptr++; /* this is a RFC2732-style specified IP-address */ - if(portptr && *portptr) { + if(*portptr) { if(*portptr != ':') - return CURLUE_BAD_IPV6; + return CURLUE_BAD_PORT_NUMBER; } else portptr = NULL; @@ -585,11 +571,9 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname, hostname++; hlen -= 2; - if(hostname[hlen] != ']') - return CURLUE_BAD_IPV6; - - /* only valid letters are ok */ + /* only valid IPv6 letters are ok */ len = strspn(hostname, l); + if(hlen != len) { hlen = len; if(hostname[len] == '%') { @@ -603,8 +587,7 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname, while(*h && (*h != ']') && (i < 15)) zoneid[i++] = *h++; if(!i || (']' != *h)) - /* impossible to reach? */ - return CURLUE_MALFORMED_INPUT; + return CURLUE_BAD_IPV6; zoneid[i] = 0; u->zoneid = strdup(zoneid); if(!u->zoneid) diff --git a/libs/libcurl/src/urldata.h b/libs/libcurl/src/urldata.h index 12e9441e11..c1efd65a8b 100644 --- a/libs/libcurl/src/urldata.h +++ b/libs/libcurl/src/urldata.h @@ -630,7 +630,6 @@ struct SingleRequest { curl_off_t pendingheader; /* this many bytes left to send is actually header and not body */ struct curltime start; /* transfer started at this time */ - struct curltime now; /* current time */ enum { HEADER_NORMAL, /* no bad header at all */ HEADER_PARTHEADER, /* part of the chunk is a bad header, the rest -- cgit v1.2.3