Daniel Stenberg [Thu, 27 Feb 2025 10:17:42 +0000 (11:17 +0100)]
GHA: spellcheck curl symbols better
This now makes sure to trim off exact matches for curl symbols and long
curl commanad line options instead of using pattern matching as before.
This should catch typoed names (that still follow the pattern) better.
The cleanspell.pl script is no longer used. cleancmd.pl is used for all
markdown files.
Viktor Szakats [Wed, 26 Feb 2025 21:35:09 +0000 (22:35 +0100)]
appveyor: run VS2008 job with old CMake 3.12.2
Switch VS2008 job the oldest runner machine. It adds the oldest CMake to
the Windows mix, from 2018-11-30. Not a beauty, missing support for `-B`
and Unity, but it's a version curl supports. It's newer than Old Linux.
The previous oldest was 3.16.2. It remains used with VS2010-VS2017.
Also:
- fix VS2008 job to actually build examples.
- switch VS2019 job to OpenSSL 1.1.0 that wasn't tested before.
Migrate OpenSSL 1.0.2 to the VS2008 job.
- measure run time of individual build steps.
Viktor Szakats [Wed, 26 Feb 2025 20:40:59 +0000 (21:40 +0100)]
GHA: tidy up parallel options, improve performance for some jobs
- replace `--parallel <n>` and `-j<n>` for individual commands with
`MAKEFLAGS`, for jobs not yet doing it.
This enables parallel builds in distcheck / maketgz-and-verify-in-tree,
where `-j` option was missing.
- add `--parallel` for iOS Xcode job for improved performance.
- drop redundant `-j5` for Android jobs.
- drop stray `cmake --config` options from single-target jobs (cygwin,
msys/mingw, dl-mingw, non-native). Drop redundant
`CMAKE_RUNTIME_OUTPUT_DIRECTORY_*` settings too.
- GHA/windows: add timeout for package install steps where missing.
- GHA/non-native: specify target type explicitly for iOS cmake jobs.
Xcode default was already Debug, single-target default was generic,
now it's Release, with unity batch to keep it fast.
`MAKEFLAGS` is necessary for autotools jobs and CMake jobs using
the default (GNU Make) generator. It's ignored by Ninja and other tools.
`cmake --parallel` is still necessary for jobs with Visual Studio or
Xcode generators. Parallelism is 5 for GHA Linux and Windows runners,
4 for macOS, 3 for VMs, 2 for AppVeyor.
Daniel Stenberg [Wed, 26 Feb 2025 10:13:36 +0000 (11:13 +0100)]
urlapi: fix redirect from file:// with query, and simplify
- fix redirect from file:// URL with query part
- find_host_sep() simplify
- urlencode_str() simplify
- redirect_url() simplify
- made more const char *
- add more redirect URL test cases to test 1560
Viktor Szakats [Tue, 25 Feb 2025 13:38:41 +0000 (14:38 +0100)]
build: set `-O3` and tune WinCE in CI, fix `getpart`, `vtls_scache` fallouts
- GHA/windows/WinCE:
- set `-O3 -DNDEBUG` C flags manually for the CMake mingw32ce build.
CMake doesn't recognize the platform and fails to add them. To match
autotools (using `-O2`), and hit similar compiler warnings.
- enable parallel builds for cmake.
- tune parallelism for cmake using unity batches.
- tune parallelism for autotools.
- tests: fix potentially uninitialized value in `readline()` in
`getpart.c`. Detected by gcc 4.4.0 `-O2` (Windows CE) jobs:
```
tests/server/getpart.c: In function 'getpart':
tests/server/getpart.c:298: error: 'datalen' may be used uninitialized in this function
```
Ref: https://github.com/curl/curl/actions/runs/13522595237/job/37785147505?pr=16476#step:11:25
Follow-up to 592880a3caf0b6f48b1dda6fbcf6a734237fcd43
- vtls_scache: rework returning pointer to avoid compiler warning seen
with `-O3` gcc 4.4.0 builds (Windows CE/schannel):
```
lib/vtls/schannel.c: In function 'schannel_connect_step1':
lib/vtls/vtls_scache.c:975: error: dereferencing pointer 'old_cred.4474' does break strict-aliasing rules
lib/vtls/vtls_scache.c:985: error: dereferencing pointer 'old_cred.4474' does break strict-aliasing rules
lib/vtls/schannel.c:959: note: initialized from here
```
Ref: https://github.com/curl/curl/actions/runs/13523868335/job/37789610845#step:9:25
Follow-up to fa0ccd9f1fbbbd77bf50b26e3ba231ea6c729474 #15774
Viktor Szakats [Wed, 26 Feb 2025 11:13:43 +0000 (12:13 +0100)]
test1167: catch #defines with extra whitespace
Before this patch, it missed this in `curl/curl.h`:
```c
# define __has_declspec_attribute(x) 0
```
After this patch:
```
test 1167...[Verify curl prefix of public symbols in header files]
/usr/bin/perl -I. -I. returned 1, when expecting 0
1167: exit FAILED
== Contents of files in the log/14/ dir after test 1167
=== Start of file server.cmd
Testnum 1167
=== End of file server.cmd
=== Start of file stdout1167
Bad symbols in public header files:
__has_declspec_attribute(x)
=== End of file stdout1167
FAIL 1167: 'Verify curl prefix of public symbols in header files' source analysis
TESTFAIL: These test cases failed: 1167
```
Public curl headers are best not to define 3rd-party or system macros.
Introduce `CURL_HAS_DECLSPEC_ATTRIBUTE` to cover this system macro and
use it.
Detected by test1167 after dropping the indentation:
```
test 1167...[Verify curl prefix of public symbols in header files]
/usr/bin/perl -I. -I. returned 1, when expecting 0
1167: exit FAILED
== Contents of files in the log/10/ dir after test 1167
=== Start of file server.cmd
Testnum 1167
=== End of file server.cmd
=== Start of file stdout1167
Bad symbols in public header files:
__has_declspec_attribute(x)
=== End of file stdout1167
```
Ref: https://github.com/curl/curl/actions/runs/13533200900/job/37819784405?pr=16490#step:42:2087
Viktor Szakats [Wed, 26 Feb 2025 00:33:49 +0000 (01:33 +0100)]
build: silence mingw32ce C99 format warnings, simplify CI
`./configure` mingw32ce builds enable C99 mode automatically, that
triggers compiler warnings in gcc 4.4.0. We initially worked it around
in CI by suppressing the detection of C99 with `ac_cv_prog_cc_c99=no`.
Replace it with automatically silencing the bogus warnings in C99 mode,
for all build systems:
```
lib/ftp.c: In function 'Curl_GetFTPResponse':
lib/ftp.c:726: error: format '%zd' expects type 'signed size_t', but argument 4 has type 'ssize_t'
lib/ws.c: In function 'ws_dec_pass_payload':
lib/ws.c:304: error: format '%zd' expects type 'signed size_t', but argument 3 has type 'ssize_t'
lib/ws.c: In function 'ws_enc_write_head':
lib/ws.c:581: error: format '%zd' expects type 'signed size_t', but argument 3 has type 'long int'
lib/vtls/schannel.c: In function 'schannel_connect_step1':
lib/vtls/schannel.c:1122: error: format '%zd' expects type 'signed size_t', but argument 3 has type 'ssize_t'
lib/vtls/schannel.c: In function 'schannel_connect_step2':
lib/vtls/schannel.c:1311: error: format '%zd' expects type 'signed size_t', but argument 3 has type 'ssize_t'
lib/vtls/schannel.c: In function 'schannel_send':
lib/vtls/schannel.c:1793: error: format '%zd' expects type 'signed size_t', but argument 3 has type 'ssize_t'
lib/vtls/schannel.c:1810: error: format '%zd' expects type 'signed size_t', but argument 3 has type 'ssize_t'
lib/vtls/schannel.c: In function 'schannel_shutdown':
lib/vtls/schannel.c:2286: error: format '%zd' expects type 'signed size_t', but argument 4 has type 'ssize_t'
lib/vtls/vtls.c: In function 'ssl_cf_recv':
lib/vtls/vtls.c:1422: error: format '%zd' expects type 'signed size_t', but argument 5 has type 'ssize_t'
```
Ref: https://github.com/curl/curl/actions/runs/13533841306/job/37821720902?pr=16492#step:9:20
Also: simplify Windows CE job configuration in GHA/windows.
Viktor Szakats [Tue, 25 Feb 2025 23:49:25 +0000 (00:49 +0100)]
cmake: warn for OpenSSL versions missing TLS 1.3 support (revert)
We decided not to show warnings for this issue.
Also this:
```
CMake Warning at CMakeLists.txt:783 (message):
OpenSSL does not support TLS 1.3.
```
as seen in #16483 with CMake 3.12.4, `OPENSSL_VERSION` is empty.
Perhaps detection isn't reliable? I haven't seen this so far with
mainline OpenSSL. An `if(OPENSSL_VERSION AND ...)` can fix it, if we
opt for this warning in the future.
Viktor Szakats [Tue, 25 Feb 2025 16:35:18 +0000 (17:35 +0100)]
GHA/http3-linux: build out-of-tree, make test2502 support it
To sync with the rest of core workflows.
Also fixup test2502 failing for out-of-tree builds due to:
```
== Info: error reading ca cert file ./certs/EdelCurlRoot-ca.cacert (Error while reading file.)
```
Ref: https://github.com/curl/curl/actions/runs/13525575035/job/37795171282?pr=16480#step:23:3608
Daniel Stenberg [Tue, 25 Feb 2025 16:33:17 +0000 (17:33 +0100)]
curl.h: change some enums to defines with L suffix
To help applications do the right thing easier, change some enum values
into defines with L suffixes so that they get the corect type (long)
easier when used with curl_easy_setopt(). This also fixes a few of our
own libtests.
To reduce the risk that this change breaks the compile for any existing
users, the previously provided enums are still provided, but the values
to use are not defined by the enums.
This change "magically" fixes a few RTSP test failures we have had on
64-bit platforms because those options were not see using longs
properly.
Viktor Szakats [Mon, 24 Feb 2025 23:01:35 +0000 (00:01 +0100)]
cmake: pre-fill known type sizes for Windows OSes
To save configuration time.
After this patch, for mingw-w64 and MSVC curl's CMake builds pre-fill
almost all type sizes without auto-detection. In most cases this leaves
3 type size auto-detections. Those depend on 64/32-bitness, and `time_t`
also depends on CRT and custom options. Old mingw-w64 versions require
some extra detections. We recommend v3.0 or newer to avoid them.
For Windows CE, this patch pre-fills all type sizes.
If this is causing any issue, please report it and disable pre-filling
with `-D_CURL_PREFILL=OFF` in the meantime.
Derek Huang [Fri, 14 Feb 2025 07:28:27 +0000 (02:28 -0500)]
INSTALL-CMAKE.md: CMake usage updates
This PR updates the CMake build/install docs in `docs/INSTALL-CMAKE.md`,
in particular focusing on the use of libcurl from CMake using
`find_package` as well as the newly added features/protocols support via
using `COMPONENTS` or `OPTIONAL_COMPONENTS` with `find_package`.
See #15854 for initial discussion and the corresponding PR #15858 that
was merged.
Some additional best-practices notes are added, for example:
* Encouraging building out-of-source
* Using `--config` with `cmake --build` for multi-config CMake
generators, not `CMAKE_BUILD_TYPE`
We also add a CURL CMake-specific tip on using `CMAKE_INSTALL_PREFIX`
during configure time to set the install prefix, not using `--prefix`
when running `cmake --install` so `curl-config` output is consistent.
Yedaya Katsman [Mon, 24 Feb 2025 19:40:19 +0000 (21:40 +0200)]
rustls: add support for CERTINFO
This allows you to use the `certs` and `num_certs` writeout variables in
the curl tool, and getting information about the server certificates
using CURLINFO_CERTINFO.
Viktor Szakats [Mon, 24 Feb 2025 18:59:23 +0000 (19:59 +0100)]
CI: misc improvements, restore VS2008 job
- appveyor: restore VS2008 job, after fixing its issues.
Enable OpenSSL in it. It takes 1 minute.
Follow-up to 9b0467b169e08b70077f09313975d4eac14a9930 #16453
Follow-up to edfa537100d6b5d2ac1b829c66757880afe59407 #16456
- appveyor: make a copy of OpenSSL DLLs to have them picked up as an
artifact (disabled by default) to aid local tests.
- appveyor: dump CMake configuration logs on failure.
- appveyor: tidy up job parameter defaults.
- GHA/windows: add pre-fill check option for dl-mingw jobs.
- GHA/windows: fix pre-fill check option for MSYS jobs by installing
`diffutils`.
Follow-up to e7adf3e83747c2915c671f2e560cde6f3d4a4905 #15841
- GHA/windows: de-duplicate to `PATH` commands for Cygwin.
- GHA/windows: drop `$SYSTEMROOT/System32` from `PATH` for Cygwin
configure. It's not needed.
Follow-up to 36fd2dd6ee874726c628e67fcf6415a2e52bfe29 #13599
- list `.pdb` files in curl version step for MSVC.
Ref: #16439
Viktor Szakats [Mon, 24 Feb 2025 16:27:57 +0000 (17:27 +0100)]
cmake: restrict static CRT builds to static curl exe, test in CI
Static CRT crashes MSVCR* MSVC builds (in VS2008, VS2010, VS2012,
VS2013) according to CI and local tests. The reproducible crash happens
in `curl_mfprintf() -> fputc(s, stderr)` when trying to display the
warning message in `curl -V`. `stderr` is non-NULL and resolves to `2`.
This reproducer needs a debug-enabled build, but it's unrelated to debug
features or curl's memory tracker. It happens regardless of unity build,
CPU architecture or `DllMain()` use. Example from VS2013:
Another crash happened in an UCRT build (VS2017) with a couple of
`printf()`s added to curl's `main()` function:
```
Microsoft Visual C++ Runtime Library
Debug Assertion Failed!
Program: C:/projects/curl/bld/src/Debug/curl.exe
File: minkernel/crts/ucrt/src/appcrt/heap/debug_heap.cpp
Line: 996
Expression: _act_first_block == header
```
(it hangs the job in CI due to the GUI popup)
Ref: https://github.com/curl/curl/pull/16394#issuecomment-2677181716
To avoid actual and potential issues, this patch issues a warning on
the shared-libcurl + static-CRT combination and falls back to the
default, shared CRT. IOW a static CRT build now requires a static curl
exe when using the `CURL_STATIC_CRT=ON` option.
Viktor Szakats [Mon, 24 Feb 2025 15:25:38 +0000 (16:25 +0100)]
windows: drop code and curl manifest targeting W2K and older
curl requires Windows XP since 2023. Drop version detection code using
`GetVersionEx()` aimed to support earlier Windows versions. With that
call deleted, the embedded manifest in `curl.rc` becomes unnecessary.
Delete it too, along with the enabler logic in build systems.
This allows to stop forcing `/MANIFEST:NO` for MSVC builds. Dropping it
fixes VS2008 shared builds, that require an auto-generated SxS
(side-by-side assembly) manifest to find their CRT DLLs. This was the
issue that prevented VS2008 `curl.exe` launching on AppVeyor CI:
```
src/curl.exe: error while loading shared libraries: ?: cannot open shared object file: No such file or directory
```
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/51577006/job/eitypvwlb1rxr11d#L261
FWIW the `curl.rc` embedded manifest wasn't ever enabled for VS2008 CI
builds either, because CMake did not pass our custom macro via
`CMAKE_RC_FLAGS` to `rc.exe`. For reasons I could not figure out.
After this patch the curl build no longer inject its own manifest, and
lets the default be applied by linkers and toolchains. It fixes VS2008
shared builds. curl continues to detect the real Windows version via
`RtlVerifyVersionInfo()` from `ntdll`.
Viktor Szakats [Mon, 24 Feb 2025 14:27:35 +0000 (15:27 +0100)]
runtests: support multi-target cmake, drop workarounds from CI
Support multi-target cmake builds via `CURL_DIRSUFFIX` env. For example:
`export CURL_DIRSUFFIX=Debug/`.
Multi-target generators place their output to `src/<subdir>/`,
`lib/<subdir>/`, `tests/server/<subdir>`, `tests/libtest/<subdir>` and
`tests/unit/<subdir>/` by default. Before this patch, `runtests.pl`
couldn't run on such builds because it expected the binaries under the
their `<subdir>`-less directories. This patch allows to set such subdir
and make `runtests.pl` find the binaries. In CI we use multi-target
builds with tests for MSVC. It also helps Xcode-generator builds, though
in CI we don't have such job running tests.
There may be better solutions to configure this, but passing a custom
value to `runtests.pl` including its subprocesses is somewhat tricky.
The reason the configuration value expects the slash at the end is
because MSYS is automagically expanding the env to a (wrong) absolute
path if the slash is in the front.
Also:
- drop the `-DCMAKE_RUNTIME_OUTPUT_DIRECTORY_*=` workaround from CI.
- replace `resolve` references in tests with a new `%RESOLVE` variable.
It didn't use a filename extension before. After this patch it uses
`exe_ext('TOOL')`. I'm not sure if this is the correct choice vs.
`exe_ext('SRV')`.
- fix `-c` option format in manual.
- fix some whitespace.
Note, in CI we still tweak `CMAKE_RUNTIME_OUTPUT_DIRECTORY_*` in jobs
which share steps between `./configure` and cmake. It's easier that way.
Daniel Stenberg [Mon, 24 Feb 2025 10:04:30 +0000 (11:04 +0100)]
contrithanks.sh: update docs/THANKS in place
Now using 'sort' for sorting the names. This has the small side-effect
that it sorts slightly different than the previously used sort function
(emacs).
I think this is a better sort and over all it makes it more convenient
to use the script as it removes a manual step.
Stefan Eissing [Tue, 4 Feb 2025 14:24:00 +0000 (15:24 +0100)]
wolfssl: tls early data support
Enable TLS Early Data for wolfSSL:
- merge WOLFSSL_CTX and WOLFSSL setup from ngtcp2 with the general
implemenation in wolfssl.c
- enable for QUIC via ngtcp2
- give Curl_vquic_tls_init() a `struct alpn_spec` like used for the TCP
case. Adapt gnutls and other users.
- enable pytest test cases for early data with wolfSSL
and while this messes up wolfssl.c anyway, do
- rename all struct/functions with prefix 'wolfssl_' to 'wssl_' to not
pollute that name prefix
- rename `ctx/handle` to `ssl_ctx/ssl`, as used in openssl case
Daniel Stenberg [Sat, 22 Feb 2025 12:05:17 +0000 (13:05 +0100)]
tool_operate: fail SSH transfers without server auth
This now insists on using a server auth option unless --insecure is
provided. As an added bonus, it now also only checks for the knownhosts
file once (if found).
Daniel Stenberg [Fri, 21 Feb 2025 22:48:51 +0000 (23:48 +0100)]
http: make the RTSP version check stricter
- make it only accept version 1.0, as that is the version curl supports
- convert the parser to use strparse
- the status code max is now 999, but it does allow != 3 digits
Stefan Eissing [Sat, 22 Feb 2025 11:46:42 +0000 (12:46 +0100)]
multi: event based rework
Rework the event based handling of transfers and connections to
be "localized" into a single source file with clearer dependencies.
- add multi_ev.c and multi_ev.h
- add docs/internal/MULTI-EV.md to explain the overall workings
- only do event handling book keeping when the socket callback
is set
- add handling for "connection only" event tracking, when internal
easy handles are used that are not really tied to a connection.
Used in connection pool.
- remove transfer member "last_poll" and connections "shutdown_poll"
and keep all that internal to multi_ev.c
- add CURL_TRC_M() for tracing of "multi" related things, including
event handling and connection pool operations. Add new trace
feature "multi" for trace config.
multi traces will show exactly what is going on in regard to
event handling.
- multi: trace transfers "mstate" in every CURL_TRC_M() call
- make internal trace buffer 2048 bytes and end the silliness
with +n here -m there. Adjust test 1652 expectations of resulting
length and input edge cases.
- add trace feature "lib-ids" to perfix libcurl traces with transfer
and connection ids. Useful for debugging libcurl applications.
Viktor Szakats [Fri, 21 Feb 2025 16:30:46 +0000 (17:30 +0100)]
cmake: avoid `-Wnonnull` warning in `HAVE_FSETXATTR_5` detection
Seen in Android 21/35 CI jobs:
```
curl/CMake/CurlTests.c:315:16: warning: null passed to a callee that requires a non-null argument [-Wnonnull]
315 | fsetxattr(0, 0, 0, 0, 0);
| ^
1 warning generated.
```
Ref: https://github.com/curl/curl/actions/runs/13460225795/job/37613494183#step:9:5978
Viktor Szakats [Fri, 21 Feb 2025 15:15:49 +0000 (16:15 +0100)]
GHA/windows: replace GfW with MSYS2 runtime downgrade
We recently switched to a known good version of Git for Windows to avoid
the MSYS2/Cygwin runtime performance regression.
MSYS2 is closer to the source of the MSYS2/Cygwin projects. Its known
good version is newer. Installing the downgrade is faster and safer. It
also allows to restore the scripts to their original iteration, making
the workaround easier to drop once the perf issue is fixed upstream.
Therefore, switch back to using MSYS2, and install the runtime downgrade
before running curl tests.
Also disable `pacman`'s `CheckSpace` for best performance.
Jeremy identified to the root cause of the perf regression in this
Cygwin commit (from 2024-09-17):
https://cygwin.com/git/?p=newlib-cygwin.git;a=commit;h=c7fe29f5cb85242ae2607945762f7e0b9af02513
Co-authored-by: Jeremy Drake
Patch: https://github.com/jeremyd2019/curl/commit/95a404e19ae03ba8d35089e66d9690e3a4f11b7c
Ref: https://github.com/curl/curl/pull/16217#issuecomment-2673158597
Ref: https://github.com/curl/curl/pull/16217#issuecomment-2673461330
Daniel Stenberg [Fri, 21 Feb 2025 13:56:21 +0000 (14:56 +0100)]
asyn-ares: renamed define
It has the same name as the one used in asyn-thread, but for a slightly
different purpose. This not only caused unity build problems, but would
also be confusing and error-prone.
Viktor Szakats [Tue, 18 Feb 2025 01:49:31 +0000 (02:49 +0100)]
configure: silence compiler warnings in feature checks, drop duplicates
Silence compiler warnings (200 of them across the main CI workflows):
```
warning #2193: null argument provided for parameter marked with attribute "nonnull"
warning: Null pointer passed to 1st parameter expecting 'nonnull' [core.NonNullParamChecker]
warning: Null pointer passed to 2nd parameter expecting 'nonnull' [core.NonNullParamChecker]
warning: argument 1 null where non-null expected [-Wnonnull]
warning: argument 2 null where non-null expected [-Wnonnull]
warning: comparison of unsigned expression in '< 0' is always false [-Wtype-limits]
warning: null argument where non-null required (argument 1) [-Wnonnull]
```
Also drop `if ... can be linked` feature checks that were identical to
`if ... is compilable` checks, for:
`closesocket`, `ioctlsocket`, `socket`, `freeaddrinfo`, `getaddrinfo`,
`gethostname`, `getpeername`, `getsockname`,
`CloseSocket` (AmigaOS), `IoctlSocket` (AmigaOS).
Another option is to really do the link checks. But, if they weren't
missed so far, it seems safer to drop than risk a detection failure,
as was the case with AmigaOS functions while working on this PR.
There remain 22 `-Wnonnull` warnings in `gethostbyname_r()`,
`getpeername()` `getsockname()`. Most of the rest is necessary for
detection, or originate from autotools and CMake detection code
templates. Some still fixable, like duplicate libs.
Viktor Szakats [Fri, 10 Jan 2025 10:04:02 +0000 (11:04 +0100)]
build: add Windows CE / CeGCC support, with CI jobs
Make it possible to build curl for Windows CE using the CeGCC toolchain.
With both CMake and autotools, including tests and examples, also in CI.
The build configuration is the default one with Schannel enabled. No
3rd-party dependencies have been tested.
Also revive old code to make Schannel build with Windows CE, including
certificate verification.
Builds have been throughougly tested. But, I've made no functional tests
for this PR. Some parts (esp. file operations, like truncate and seek)
are stubbed out and likely broken as a result. Test servers build, but
they do not work on Windows CE. This patch substitutes `fstat()` calls
with `stat()`, which operate on filenames, not file handles. This may or
may not work and/or may not be secure.
About CeGCC: I used the latest available macOS binary build v0.59.1
r1397 from 2009, in native `mingw32ce` build mode. CeGCC is in effect
MinGW + GCC 4.4.0 + old/classic-mingw Windows headers. It targets
Windows CE v3.0 according to its `_WIN32_WCE` value. It means this PR
restores portions of old/classic-mingw support. It makes the Windows CE
codepath compatible with GCC 4.4.0. It also adds workaround for CMake,
which cannot identify and configure this toolchain out of the box.
Notes:
- CMake doesn't recognize CeGCC/mingw32ce, necessitating tricks as seen
with Amiga and MS-DOS.
- CMake doesn't set `MINGW` for mingw32ce. Set it and `MINGW32CE`
manually as a helper variable, in addition to `WINCE` which CMake sets
based on `CMAKE_SYSTEM_NAME`.
- CMake fails to create an implib for `libcurl.dll`, due to not
recognizing the platform as a Windowsy one. This patch adds the
necessary workaround to make it work.
- headers shipping with CeGCC miss some things curl needs for Schannel
support. Fixed by restoring and renovating code previously deleted
old-mingw code.
- it's sometime non-trivial to figure out if a fallout is WinCE,
mingw32ce, old-mingw, or GCC version-specific.
- WinCE is always Unicode. With exceptions: no `wmain`,
`GetProcAddress()`.
- `_fileno()` is said to convert from `FILE *` to `void *` which is
a Win32 file `HANDLE`. (This patch doesn't use this, but with further
effort it probably could be.)
https://stackoverflow.com/questions/3989545/how-do-i-get-the-file-handle-from-the-fopen-file-structure
- WinCE has no signals, current directory, stdio/CRT file handles, no
`_get_osfhandle()`, no `errno`, no `errno.h`. Some of this stuff is
standard C89, yet missing from this platform. Microsoft expects
Windows CE apps to use Win32 file API and `FILE *` exclusively.
- revived CeGCC here (not tested for this PR):
https://building.enlyze.com/posts/a-new-windows-ce-x86-compiler-in-2024/
On `UNDER_CE` vs. `_WIN32_WCE`: (This patch settled on `UNDER_CE`)
- A custom VS2008 WinCE toolchain does not set any of these.
The compiler binaries don't contain these strings, and has no compiler
option for targeting WinCE, hinting that a vanilla toolchain isn't
setting any of them either.
- `UNDER_CE` is automatically defined by the CeGCC compiler.
https://cegcc.sourceforge.net/docs/details.html
- `UNDER_CE` is similar to `_WIN32`, except it's not set automatically
by all compilers. It's not supposed to have any value, like a version.
(Though e.g. OpenSSL sets it to a version)
- `_WIN32_WCE` is the CE counterpart of the non-CE `_WIN32_WINNT` macro.
That does return the targeted Windows CE version.
- `_WIN32_WCE` is not defined by compilers, and relies on a header
setting it to a default, or the build to set it to the desired target
version. This is also how `_WIN32_WINNT` works.
- `_WIN32_WCE` default is set by `windef.h` in CeGCC.
- `_WIN32_WCE` isn't set to a default by MSVC Windows CE headers (the
ones I checked at least).
- CMake sets `_WIN32_WCE=<ver>`, `UNDER_CE`, `WINCE` for MSVC WinCE.
- `_WIN32_WCE` seems more popular in other projects, including CeGCC
itself. `zlib` is a notable exception amongst curl dependencies,
which uses `UNDER_CE`.
- Since `_WIN32_WCE` needs "certain" headers to have it defined, it's
undefined depending on headers included beforehand.
- `curl/curl.h` re-uses `_WIN32_WCE`'s as a self-guard, relying on
its not-(necessarily)-defined-by-default property:
https://github.com/curl/curl/blob/25b445e4796bcbf9f842de686a8c384b30f6c2a2/include/curl/curl.h#L77
Viktor Szakats [Wed, 19 Feb 2025 11:26:47 +0000 (12:26 +0100)]
schannel: enable ALPN support under WINE 6.0+
ALPN support was announced in 5.6 (2020-04-10). It likely needs a WINE
built against GnuTLS 3.2.0 (2013-05-10) or upper (for macOS, GnuTLS was
made default in WINE 6.0.2). I could confirm ALPN working under 6.0.2
(2021-10-26).
Viktor Szakats [Thu, 30 Jan 2025 15:38:18 +0000 (16:38 +0100)]
cmake: drop `CURL_DISABLE_TESTS` option
curl builds tests with CMake when explicitly building the `testdeps`
target. It's not built by default. It seems overkill to have
a curl-specific variant of this (over CMake's `BUILD_TESTING`)
to disable generating this target.
Its history also doesn't make it obvious why this was necessary,
and there was a long debate how to do it, by the time the original
submitter abandoned CMake. The option also remained uninitialized
and thus undocumented.
MSYS/MSYS2 and Cygwin are the same platform. Adjust code where they were
treated differently.
- drop separate `MSYS` from buildinfo flags. Our code is using the
`CYGWIN` variable and CMake (since v3.21) sets it also for `MSYS`.
- fix test1158 and test1186 to exclude them for all Win32 targets,
instead of just MSYS test envs. To align behavior between MSYS and
Cygwin envs. Required for recent MSYS2 releases which reports itself
as Cygwin, and no longer MSYS, which broke the previous exclusion
logic.
- follow Cygwin bumping its `MAX_PID` value, to avoid PID collisions.
https://cygwin.com/git/?p=newlib-cygwin.git;a=commit;h=363357c023ce01e936bdaedf0f479292a8fa4e0f
Reported-by: Jeremy Drake
Bug: https://github.com/curl/curl/pull/16217#issuecomment-2672768233
Ref: https://www.msys2.org/news/#2025-02-14-moving-msys2-closer-to-cygwin
Closes #16411
Daniel Stenberg [Thu, 20 Feb 2025 15:14:58 +0000 (16:14 +0100)]
http: simplify the check for auth methods
Avoids having to use the correct index into the line. Avoids repeated
use of is_valid_auth_separator.
Require that the following letter is not an alnum instead of checking
explicitly for ch == '\0' || ch == ',' || ISSPACE(ch). After all, the
point is to not erroneously match another auth string using the same
prefix.
Stefan Eissing [Wed, 19 Feb 2025 09:52:34 +0000 (10:52 +0100)]
conn: fix connection reuse when SSL is optional
In curl 8.12 I tried to improve the logic on how we handle connections
that "upgrade" to TLS later, e.g. with a STARTTLS. I found the existing
code hard to read in this regard. But of course, the "improvements" blew
up in my face.
We fixed issues with imap, opo3, smtp in 8.12.1, but ftp was no longer
reusing existing, upgraded control connections as before. This PR adds
checks in our pytest FTP tests that verify reuse is happening as
intended.
I rewrote the logic in url.c again, so that the new test checks now pass.
Reported-by: Zenju on github
Fixes #16384
Closes #16392
Stefan Eissing [Mon, 10 Feb 2025 16:40:11 +0000 (17:40 +0100)]
client writer: handle pause before deocding
Adds a "cw-pause" client writer in the PROTOCOL phase that buffers
output when the client paused the transfer. This prevents content
decoding from blowing the buffer in the "cw-out" writer.
Added test_02_35 that downloads 2 100MB gzip bombs in parallel and
pauses after 1MB of decoded 0's.
This is a solution to issue #16280, with some limitations:
- cw-out still needs buffering of its own, since it can be paused
"in the middle" of a write that started with some KB of gzipped
zeros and exploded into several MB of calls to cw-out.
- cw-pause will then start buffering on its own *after* the write
that caused the pause. cw-pause has no buffer limits, but the
data it buffers is still content-encoded.
Protocols like http/1.1 stop receiving, h2/h3 have window sizes,
so the cw-pause buffer should not grow out of control, at least
for these protocols.
- the current limit on cw-out's buffer is ~75MB (for whatever
historical reason). A potential content-encoding that blows 16KB
(the common h2 chunk size) into > 75MB would still blow the buffer,
making the transfer fail. A gzip of 0's makes 16KB into ~16MB, so
that still works.
A better solution would be to allow CURLE_AGAIN handling in the client
writer chain and make all content encoders handle that. This would stop
explosion of encoding on a pause right away. But this is a large change
of the deocoder operations.
Reported-by: lf- on github
Fixes #16280
Closes #16296
Stefan Eissing [Tue, 28 Jan 2025 13:11:59 +0000 (14:11 +0100)]
http: negotiation and room for alt-svc/https rr to navigate
Add a 'wanted' major HTTP version bitmask next to the 'allowed' bitmask
in HTTP version negotiation. This will try connections as specified in
'wanted', but enabled Alt-Svc and HTTPS-RR to redirect to other major
HTTP versions, if those are 'allowed'.
Changes libcurl internal default to `CURL_HTTP_VERSION_NONE` and removes
the code in curl that sets `CURL_HTTP_VERSION_2TLS` if the command line
does not say anything else.
Stefan Eissing [Wed, 19 Feb 2025 15:49:31 +0000 (16:49 +0100)]
cfilter: remove 'blocking' connect handling
Remove `blocking` argument from cfilter's connect method.
Implement blocking behaviour in Curl_conn_connect() instead for all
filter chains.
Update filters implementations. Several of which did never use the
paramter (QUIC for example). Simplifies connect handling in TLS filters
that no longer need to loop
Fixed a blocking connect call in FTP when waiting on a socket accept()
which only worked because the filter did not implement it.
Daniel Stenberg [Wed, 19 Feb 2025 22:55:31 +0000 (23:55 +0100)]
tool_getparam: clear sensitive arguments better
curl attempts to clear some flags to hide them from snooping neighbors
(on platforms where it works). For example the credentials provided with
-u. Previously it would only do that if there was a space between the
option and the credentials as in "-u joe:s3cr3t" but not when done
without a separating space as in "-ujoe:s3cr3t".
This addresses that previous shortcoming.
Reported-by: kayrus on github
Fixes #16396
Closes #16401
Viktor Szakats [Wed, 19 Feb 2025 16:26:58 +0000 (17:26 +0100)]
build: silence bogus `-Wconversion` warnings with gcc 5.1-5.4
It's fixed in gcc 5.5.0.
Example: https://godbolt.org/z/x6Th8q844
Seen in gcc 5.1.0, 5.4.0 (both 32/64-bit) with dl-mingw:
```
lib/rtsp.c: In function 'rtsp_parse_transport':
lib/rtsp.c:1025:36: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
rtp_channel_mask[idx] |= (unsigned char)(1 << off);
^
lib/mprintf.c: In function 'parsefmt':
lib/mprintf.c:526:31: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
usedinput[width/8] |= (unsigned char)(1 << (width&7));
^
lib/mprintf.c:544:35: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
usedinput[precision/8] |= (unsigned char)(1 << (precision&7));
^
lib/mprintf.c:559:29: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
usedinput[param/8] |= (unsigned char)(1 << (param&7));
^
lib/cfilters.c: In function 'Curl_pollset_change':
lib/cfilters.c:935:25: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
ps->actions[i] |= (unsigned char)add_flags;
^
```
gcc 5.1.0: https://github.com/curl/curl/actions/runs/13413103492/job/37467698381#step:9:21
gcc 5.4.0: https://github.com/curl/curl/actions/runs/13413103492/job/37467694479#step:9:19
Daniel Stenberg [Wed, 19 Feb 2025 07:49:54 +0000 (08:49 +0100)]
strparse: provide access functions
To access the string and the length without having to directly use the
struct field names. Gives more freedom, flexbility and keeps
implementation specifics out of users' code.
Daniel Stenberg [Tue, 18 Feb 2025 22:03:09 +0000 (23:03 +0100)]
cookie: convert to using strparse
- using strparse cleans up the code and makes it easier to read and follow
- remove ? handling never used - since the path is provided without queries nowadays
- simplify sanitize_cookie_path
- avoid the strdup in pathmatch()
projects / thirdparty / curl.git / log
