Viktor Szakats [Thu, 24 Jul 2025 00:57:49 +0000 (02:57 +0200)]
build: bump minimum required mingw-w64 to v3.0 (from v1.0)
mingw-w64 3.0 was released on 2013-09-20. Offered by Debian jessie.
1.0 and 2.0 were released in 2011. It seems unlikely that many people
use them. The oldest downloadable toolchain (that I know of) comes with
3.0. Due to this, older versions weren't CI tested, and probably seldom
tested elsewhere. The last bugfix update for both 1.0 and 2.0 was
released in 2015.
curl can now assume availability of these 3.0 features/fixes:
- 64-bit file offsets.
- `ADDRESS_FAMILY` type.
- `__MINGW_PRINTF_FORMAT` macro. (in public curl headers)
Public curl headers keep supporting older mingw-w64 versions.
Viktor Szakats [Fri, 27 Jun 2025 22:01:49 +0000 (00:01 +0200)]
build: tidy up compiler definition for tests
- tests: merge cmake commands.
- tests: use `target_compile_definitions()`.
- tests/server: use generator expression for platform-specific macro.
- tests/unit: sync `Makefile.am` comment with cmake.
- tests/unit: merge two `AM_CPPFLAGS` lines to keep synced with cmake.
- tests: move macro definitions to `first.h` headers from build level.
`CURL_NO_OLDIES`, `CURL_DISABLE_DEPRECATION`, `WITHOUT_LIBCURL`,
`CURL_STATICLIB` (for servers).
To share more logic.
Pass `CURL_STATICLIB` in server on all platforms for simplicity.
(On non-Windows, it's a no-op. It's already done like this with curlu
and libcurltool.)
Also for lib:
- lib: merge commands.
- lib: sync macro order with tests (also in `Makefile.am`).
Viktor Szakats [Sat, 21 Jun 2025 18:05:39 +0000 (20:05 +0200)]
cmake: omit linking duplicate/unnecessary libs to tests & examples
Before this patch we explicitly linked the full list of libcurl
dependency libs to tests and examples via `CURL_LIBS`. This was
redundant, because test and example code do not directly use these
dependency libs and for indirect use they are implicitly passed
via libcurl as needed. After this patch, tests and examples only link
explicitly to system libs (e.g. socket).
Also bringing it closer to how `./configure` does this.
Borrow the variable name `CURL_NETWORK_AND_TIME_LIBS` from
`./configure`. However, its content is not exactly the same. With cmake
it also holds `pthread`, but doesn't hold AmiSSL.
Stefan Eissing [Mon, 28 Jul 2025 08:10:39 +0000 (10:10 +0200)]
multi: fix assert in multi_getsock()
Now that multi keeps the "dirty" bitset, the detection of possibly
stalling transfers needs to adapt. Before dirty, transfers needed
to expose a socket to poll or a timer to wait for.
Dirty transfer might no longer have a timer, but will run, so do
not need to report a socket. Adjust the assert condition.
Fixes #18046 Reported-by: Viktor Szakats
Closes #18051
Viktor Szakats [Tue, 1 Jul 2025 15:15:45 +0000 (17:15 +0200)]
CURLOPT: bump `CURLFTP*` enums to `long`, drop casts
This patch bumps the size of these constants from `int` to `long`, while
keeping their actual values the same. It may cause incompatibilities in
user code, requiring the bump of holder variables and/or adding casts:
Viktor Szakats [Tue, 1 Jul 2025 09:31:01 +0000 (11:31 +0200)]
CURLOPT: drop redundant `long` casts
Also:
- CURLOPT_HSTS_CTRL.md: sync macro definitions with `curl/curl.h`.
Perhaps it'd be better to delete copies like this?
- keep existing casts within the documentation to make sure it applies
to older curl versions as well.
- CURLOPT_IPRESOLVE.md: re-add a long cast to man page, for consistency
with the above.
Viktor Szakats [Sun, 27 Jul 2025 22:22:36 +0000 (00:22 +0200)]
config-win32.h: do not use winsock2 `inet_ntop()`/`inet_pton()`
Syncing winbuild and VS Project File builds with the same fix applied
to cmake and autotools builds earlier.
Also fixes these warnings seen in the VisualStudioSolution (VS2013) job
on AppVeyor CI:
```
lib\hostip.c(148): warning C4090: 'function' : different 'const' qualifiers
lib\hostip.c(155): warning C4090: 'function' : different 'const' qualifiers
```
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/52470650/job/gslnjrdxnd8b9mtv#L180
Went unnoticed because warnings are not promoted to error in these builds.
winbuild CI jobs did not hit this warning for some reason.
Viktor Szakats [Sun, 27 Jul 2025 22:03:03 +0000 (00:03 +0200)]
inet_pton, inet_ntop: drop declarations when unused
Do not declare local inet_pton/inet_ntop implementations when they are
not used. In this case the same symbol is defined as a macro and mapped
to the system implementation.
Viktor Szakats [Sun, 27 Jul 2025 21:36:33 +0000 (23:36 +0200)]
scripts: fix two Perl uninitialized value warnings
```
Use of uninitialized value $errors in exit at .github/scripts/badwords.pl line 87.
Use of uninitialized value $o in concatenation (.) or string at ../.github/scripts/randcurl.pl line 99.
```
Viktor Szakats [Thu, 17 Jul 2025 17:01:42 +0000 (19:01 +0200)]
build: extend GNU C guards to clang where applicable, fix fallouts
Some GNU C version guards implicitly include the clang compiler, because
clang reports itself as GCC 4.2.1.
This implicit inclusion doesn't happen if the guard requires a GCC
version above 4.2.1.
Fix two such guards to explicitly include clang where it does support
the guarded feature:
- curl/curl.h: use `typecheck-gcc.h` with clang.
llvm clang v14+ supports this. The corresponding Apple clang version
is also v14.
Ref: https://en.wikipedia.org/wiki/Xcode#Toolchain_versions
Apple clang v14 tested OK in CI:
https://github.com/curl/curl/actions/runs/16353901480/job/46207437204
- tool_urlglib: use `__builtin_mul_overflow()` with clang v8+.
llvm clang v3.8+ supports this, but to accommodate for Apple clang,
start with v8, the Apple version having the mainline v3.8 feature set.
Also fix compile warnings triggered by the above:
- lib1912: fix duplicate `;`:
```
tests/libtest/lib1912.c:44:57: error: empty expression statement has no effect; remove unnecessary ';' to silence this warning [-Werror,-Wextra-semi-stmt]
44 | print_err(o->name, "CURLOT_LONG or CURLOT_VALUES");
| ^
[...]
```
Ref: https://github.com/curl/curl/actions/runs/16351302841/job/46198524880?pr=17955#step:12:61
- lib2032: silence typcheck warning with a cast:
```
tests/libtest/lib2032.c:145:29: error: sizeof on pointer operation will return size of 'CURL **' (aka 'void **') instead of 'CURL *[3]' (aka 'void *[3]') [-Werror,-Wsizeof-array-decay]
145 | ntlm_easy + num_handles);
| ~~~~~~~~~ ^
```
Ref: https://github.com/curl/curl/actions/runs/16351302841/job/46198524880?pr=17955#step:12:86
Stefan Eissing [Thu, 10 Jul 2025 10:16:40 +0000 (12:16 +0200)]
connection: terminate after goaway
When a multiplex connection (h2/h3) is shutdown by the server, the
reported number of parallel transfers allowed drops to 0.
Determine that when the last transfer is done and terminate the
connection instead of keeping it in the cache.
We detect the drop to 0 also when we try to reuse such a connection, but
if we know this at the time the last transfer is done, we better
terminate it right away.
Have a consistent trace logging to this with the connections current
hostname and port. Adjust test expectations to carry port numbers.
Viktor Szakats [Sun, 27 Jul 2025 13:09:08 +0000 (15:09 +0200)]
doh: rename symbols to avoid collision with mingw-w64 headers
Collision happens when building with mingw-w64 v3 or v2 while targeting
Vista or newer. `iphlpapi.h` includes `windns.h` in this case, which
defines macros named `DNS_TYPE_*`, colliding with curl doh enums.
Daniel Stenberg [Mon, 30 Jun 2025 21:53:29 +0000 (23:53 +0200)]
tool_getparam: add support for `--longopt=value`
If the long option name ends with an equals sign (`=`), the argument is
the text following on its right side.
This makes the command line parser accept this common style in addition
to the existing way to accept option arguments more similar to how other
command line tools do.
Viktor Szakats [Fri, 25 Jul 2025 17:54:39 +0000 (19:54 +0200)]
http: silence `-Warray-bounds` with gcc 13+
This became an issue after promoting curl compiler warnings to errors in
curl-for-win. The code is correct. It over-allocates a struct to store
variable sized data past its length. Similar code is present in
`lib/smb.c`, silenced earlier.
Seen in linux-musl-debian-testing-gcc curl-for-win builds, gcc 14.2.0,
RISC-V (but not amd64/aarch64), unity, debian:testing (trixie):
musl:
```
In file included from /curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:184:
In function 'Curl_http_req_make',
inlined from 'Curl_http_proxy_create_CONNECT' at /curl/lib/http_proxy.c:252:12:
/curl/lib/http.c:4373:3: error: 'memcpy' offset [137, 142] from the object at 'req' is out of the bounds of
referenced subobject 'method' with type 'char[1]' at offset 136 [-Werror=array-bounds=]
4373 | memcpy(req->method, method, m_len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /curl/lib/urldata.h:182,
from /curl/lib/altsvc.c:32,
from /curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:4:
/curl/lib/http.h: In function 'Curl_http_proxy_create_CONNECT':
/curl/lib/http.h:230:8: note: subobject 'method' declared here
230 | char method[1];
| ^~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16527769182/job/46745369844?pr=18025#step:3:5798
Ref: https://github.com/curl/curl-for-win/actions/runs/16525969694/job/46739239206#step:3:5958
glibc (with unity batch):
```
In file included from /usr/riscv64-linux-gnu/include/string.h:548,
from /curl/lib/curl_setup_once.h:33,
from /curl/lib/curl_setup.h:823,
from /curl/lib/http.c:25,
from /curl/_r64-linux-gnu-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_2_c.c:4:
In function 'memcpy',
inlined from 'Curl_http_req_make' at /curl/lib/http.c:4373:3,
inlined from 'Curl_http_proxy_create_CONNECT' at /curl/lib/http_proxy.c:252:12:
/usr/riscv64-linux-gnu/include/bits/string_fortified.h:29:10: error: '__builtin_memcpy' offset [137, 142]
from the object at 'req' is out of the bounds of
referenced subobject 'method' with type 'char[1]' at offset 136 [-Werror=array-bounds=]
29 | return __builtin___memcpy_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
30 | __glibc_objsize0 (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /curl/lib/urldata.h:182,
from /curl/lib/http.c:50:
/curl/lib/http.h: In function 'Curl_http_proxy_create_CONNECT':
/curl/lib/http.h:230:8: note: subobject 'method' declared here
230 | char method[1];
| ^~~~~~
```
Ref: https://github.com/curl/curl-for-win/actions/runs/16538174468/job/46775731055#step:3:5936
Viktor Szakats [Fri, 25 Jul 2025 19:35:57 +0000 (21:35 +0200)]
GHA/http3-linux: bump to ngtcp2 1.14.0, fix local build
ngtcp2 1.14.0 added crypto dependencies to the ngtcp2 crypto `.pc`
files. It broke GHA builds, because how curl's `configure` is setting up
the per-dependency custom prefixes for pkg-config.
`configure` uses `PKG_CONFIG_LIBDIR` to set per-dependency custom
prefixes, as specified via `--with-ngtcp2=<custom-dir>`. In classic
`pkg-config` this overrides any previously configured `PKG_CONFIG_DIR`.
This in turn break detecting transitive pkg-config modules unless they
are found at locations `pkg-config` is searching by default. This
doesn't affect `pkgconf` because it appends `PKG_CONFIG_LIBDIR` to
the custom `PKG_CONFIG_DIR`, according to its man page.
It may make sense to fix this in`acinclude.m4`, to make sure to honor
global custom pkg-config paths while detecting components at custom
locations, regardless of pkg-config implementation. But this PR doesn't
do this.
Instead it drops the ngtcp2 custom path and lets detection rely on
`PKG_CONFIG_DIR` that's already set up for all custom-built dependencies
anyway.
Also:
- fix `openssl-quic` job to use the custom-built nghttp2 (like other
jobs do) instead of the system default.
- configure nghttp3 via `PKG_CONFIG_DIR` in the `openssl-quic` job,
to sync with other jobs. And drop `--with-nghttp3` option.
Viktor Szakats [Fri, 25 Jul 2025 17:22:01 +0000 (19:22 +0200)]
curl_ossl: extend callback table for nghttp3 1.11.0
```
../../lib/vquic/curl_osslq.c:1091:1: error: missing initializer for field 'recv_origin' of 'nghttp3_callbacks' [-Werror=missing-field-initializers]
1091 | };
| ^
In file included from ../../lib/vquic/curl_osslq.c:33:
/home/runner/nghttp3/build/include/nghttp3/nghttp3.h:2082:23: note: 'recv_origin' declared here
2082 | nghttp3_recv_origin recv_origin;
| ^~~~~~~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16527325587/job/46743893924?pr=18021#step:18:35
Viktor Szakats [Thu, 24 Jul 2025 12:44:03 +0000 (14:44 +0200)]
windows: include `wincrypt.h` before `iphlpapi.h` for mingw-w64 <6
Required for mingw-w64 5.x (and older) builds targeting a Windows 7+.
mingw-w64 6+ fixed `mprapi.h` (included indirectly via `iphlpapi.h`)
to include `wincrypt.h` for the missing types.
MSVC is not affected because SDK 7.1a (the oldest MS SDK curl supports),
`mprapi.h` does include `wincrypt.h`.
Make sure to include `wincrypt.h` before including `iphlpapi.h` as
a workaround. `wincrypt.h` is used unconditionally even though it's
not available in UWP. This is safe in this context, because we use
`iphlpapi.h` for `if_nametoindex`, which is not supported and used
in UWP builds.
This fixes auto-detection that missed detecting `if_nametoindex` in
the affected combination, and this build error in non-unity builds:
```
In file included from D:/my-cache/mingw32/i686-w64-mingw32/include/iprtrmib.h:9:0,
from D:/my-cache/mingw32/i686-w64-mingw32/include/iphlpapi.h:17,
from D:/a/curl/curl/lib/url.c:63:
D:/my-cache/mingw32/i686-w64-mingw32/include/mprapi.h:865:3: error: unknown type name 'CERT_NAME_BLOB'
CERT_NAME_BLOB *certificateNames;
^~~~~~~~~~~~~~
D:/my-cache/mingw32/i686-w64-mingw32/include/mprapi.h:887:3: error: unknown type name 'CRYPT_HASH_BLOB'
CRYPT_HASH_BLOB certBlob;
^~~~~~~~~~~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16497057672/job/46645264552?pr=18012#step:10:140
This combination is not normally tested in CI. It was caught in
the `dl-mingw, CM 6.4.0-i686 schannel !unity Win7` job while working
on another PR.
Viktor Szakats [Thu, 24 Jul 2025 19:05:26 +0000 (21:05 +0200)]
curl_setup.h: move UWP detection after `config-win32.h` (revert)
This change wasn't good because `config-win32.h` does rely on the UWP
detection result to set `USE_WIN32_CRYPTO` and LDAP macros. While it
fixed one issue, it created another.
It seems better to revert, and focus on reducing and/or eventually
dropping the logic within `config-win32.h` that alters `_WIN32_WINNT`.
It may not be necessary anymore with a minimum of VS2008 (soon VS2010).
The logic is also absent from cmake builds, without causing issues.
Could affect UWP winbuild/project-file builds. These are theoretical
builds because neither build method is prepared to target UWP.
Viktor Szakats [Tue, 22 Jul 2025 01:14:43 +0000 (03:14 +0200)]
tests: unset some envs instead of blanking them
After 7cf8414fabc3063cc3d2121eacec4a6daa4164a8 #12862, `VAR=` no longer
removes the env variable, but sets it to an empty/blank value instead.
To remove an env, `VAR` shall be used (without the assigment operator.)
`SSL_CERT_FILE`, `CURL_HOME`, `HOME`, `XDG_CONFIG_HOME`, were added
before the change above. Make tests unset these envs again, as their
commit messages suggest, instead of blanking them. It does not change
the outcome of the tests.
Test log from the 'gcc 9` job above (with debug lines):
```
test 0428...[Expand environment variables within config file]
428: protocol FAILED!
There was no content at all in the file log/server.input.
Server glitch? Total curl failure? Returned: 26
== Contents of files in the log/ dir after test 428
=== Start of file cmd
--variable %FUNVALUE
--variable %VALUE2
--variable %BLANK
--variable %curl_NOT_SET=default
--expand-data 1{{FUNVALUE}}2{{VALUE2}}3{{curl_NOT_SET}}4{{BLANK}}5\{{verbatim}}6{{not.good}}7{{}}
=== End of file cmd
=== Start of file commands.log
../src/curl.exe --output log/curl428.out --include --trace-ascii log/trace428 --trace-time http://127.0.0.1:1593/428 -K log/cmd > log/stdout428 2> log/stderr428
=== End of file commands.log
=== Start of file server.cmd
Testnum 428
=== End of file server.cmd
=== Start of file stderr428
getenv of 'FUNVALUE' returned 0xee65d2
getenv of 'VALUE2' returned 0xee7a42
getenv of 'BLANK' returned (nil)
curl: Variable 'BLANK' import fail, not set
curl: log/cmd:3: '--variable' variable expansion failure
curl: cannot read config from 'log/cmd'
curl: option -K: error encountered when reading a file
curl: try 'curl --help' for more information
=== End of file stderr428
```
Env comparison:
Fail: https://ci.appveyor.com/project/curlorg/curl/builds/49123802/job/2a4w7i21npys9pd3
```
-- curl version=[8.6.1-DEV]
-- The C compiler identification is GNU 9.1.0
-- Found Perl: C:/msys64/usr/bin/perl.exe (found version "5.30.0").
-- Found _WIN32_WINNT=0x0601
* curl 8.6.1-DEV (Windows).
* libcurl/8.6.1-DEV Schannel zlib/1.2.11
* Features: alt-svc AsynchDNS Debug HSTS HTTPS-proxy IPv6 Kerberos Largefile libz NTLM SPNEGO SSL SSPI threadsafe TrackMemory UnixSockets
* Disabled: xattr
* System: MSYS_NT-10.0-14393 APPVYR-WIN 3.0.7-338.x86_64 2019-07-11 10:58 UTC x86_64 Msys
```
Viktor Szakats [Wed, 16 Jul 2025 02:25:08 +0000 (04:25 +0200)]
tests: fix UTF-8 detection, per-test `LC_*` settings, CI coverage
- runtests: fix `codeset-utf8` feature detection. Before this patch it
detected if the calling environment had UTF-8 enabled. If not, UTF-8
tests were all skipped. After this patch, it detects if UTF-8 is
supported by the calling environment regardless of what's currently
enabled.
Follow-up to 0b70b23ef4d007031bc2ae4fc63d5ed9136bc2b5 #15039
- GHA/macos: fix to actually enable `codeset-test`. Also set `LC_ALL`,
which seems necessary to trigger issues.
Follow-up to c221c0ee5935497168c52686a9d8cc87b45bbca9 #17938
- tests/data: replace `LC_CTYPE` env with `LC_ALL` in all tests
requiring a locale. Also to avoid potential issues with a blank or
unset `LC_ALL`, as seen earlier. And to ensure that the override works
on all platforms (as tested in CI.)
Slight downside is that this now resets the language/culture to `C`.
Ref: b4c9982382469398115cc0e3e0747e79db083455 #4743
Ref: 23208e330ac0c2164d59971baf79e87c45da1840 #4738
- replace `en_US.UTF-8` with `C.UTF-8` to be language/culture-agnostic.
- TEST-SUITE.md: drop `UTF-8` as a requirement for tests.
Tests shall work (or least be skipped) without UTF-8 support.
Viktor Szakats [Fri, 18 Jul 2025 16:17:06 +0000 (18:17 +0200)]
build: fix build errors/warnings in rare configurations
- vtls: fix unused variable and symbols.
- ftp: fix unused variable.
- http: fix unused variables.
- smtp: fix unsued variable.
- wolfssl: fix unused variable with !proxy.
- libssh: fix unused argument.
- curl_trc: sync guards between declaration and definition.
- curl_trc: add missing guard for `Curl_trc_ssls` when !verbose.
- curl_trc: fix errors with !http + http3.
- curl_trc: fix missing function with !http + nghttp2.
- cf-h2-proxy: disable when !http + nghttp2, to avoid calling undeclared
functions.
- sha256: fix missing declaration in rare configs.
- md4: fix symbol conflict when building GnuTLS together with AWS-LC or
wolfSSL. By prioritizing the latter two. AWS-LC has no option
to disable the clashing symbol. wolfSSL does, but the most seamless is
to skip including GnuTLS's standalone `md4.h` to avoid the clash.
- build: fix errors with !http + nghttp2.
- build: catch !ssl + ssls-export combination in source. Convert
build-level errors to warnings.
- build: fix errors with !http + http3.
- build: fix building curl tool and unit1302 in rare combinations.
By always compiling base64 curlx functions.
- cmake: add `_CURL_SKIP_BUILD_CERTS` internal option.
To disable automatically building certs with the testdeps target.
To improve performance when testing builds.
(used locally to find the failing builds fixed in this PR.)
Viktor Szakats [Fri, 18 Jul 2025 21:43:32 +0000 (23:43 +0200)]
cmake: fix to disable Schannel and SSPI for non-Windows targets
Fixing:
```
In file included from lib/vtls/vtls.c:50:
In file included from lib/vtls/../urldata.h:314:
lib/vtls/../curl_sspi.h:41:10: fatal error: 'security.h' file not found
41 | #include <security.h>
| ^~~~~~~~~~~~
1 error generated.
lib/curl_sspi.h:41:10: fatal error: 'security.h' file not found
41 | #include <security.h>
| ^~~~~~~~~~~~
1 error generated.
```
Stefan Eissing [Mon, 21 Jul 2025 10:23:06 +0000 (12:23 +0200)]
pytest: add SOCKS tests and scoring
Configure curl with `--with-test-sockd=<path to sockd>` for a locally
installed dante sockd server and new `test_40_*` will verify that
down- and uploads work via SOCKS.
Invoke scorecard.py with `--socks4` or `--socks5` to run performance
tests with SOCKS. Note that SOCKS is not supported for HTTP/3.
Viktor Szakats [Tue, 22 Jul 2025 10:19:22 +0000 (12:19 +0200)]
test1148: drop redundant `LC_NUMBER=` env setting
No longer necessary after a previous change made sure to strip
the '100.0%' number from the result, before checking it. The dot is
a regex character catching any decimal separator.
Viktor Szakats [Tue, 22 Jul 2025 14:44:45 +0000 (16:44 +0200)]
lib1560: fix memory leak when run without UTF-8 support
The issue is missed in CI, because valgrind jobs all run with UTF-8
support.
Fixing:
```
test 1560...[URL API]
valgrind ERROR ==13362== 104 bytes in 1 blocks are definitely lost in loss record 1 of 1
==13362== at 0x484D953: calloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==13362== by 0x48E1302: curl_dbg_calloc (in /curl/bld/lib/libcurl.so.4.8.0)
==13362== by 0x4931D12: curl_url (in /curl/bld/lib/libcurl.so.4.8.0)
==13362== by 0x14F658: get_parts (in /curl/bld/tests/libtest/libtests)
==13362== by 0x150AC6: test_lib1560 (in /curl/bld/tests/libtest/libtests)
==13362== by 0x17F5D5: main (in /curl/bld/tests/libtest/libtests)
```
Ref: https://github.com/curl/curl/actions/runs/16446352985/job/46479298080?pr=17988#step:41:3007
Viktor Szakats [Tue, 15 Jul 2025 19:37:51 +0000 (21:37 +0200)]
test1560: set locale/codeset with `LC_ALL` (was: `LANG`), test in CI
To fix running test 1560 when `LC_ALL` is set to something unexpected
(e.g. `C`). Also syncing it with the rest of tests.
Also:
- GHA/linux: enable `libidn2` in more jobs.
Also to enable test 1560 reproducing this issue in more jobs.
- GHA/linux: run tests with `LC_ALL=C` in one of the jobs.
- GHA/linux: switch to the non-deprecated package name for libidn2.
- GHA/macos: run tests with non-default locale settings in one job.
- GHA/macos: enable AppleIDN in that job.
Viktor Szakats [Fri, 11 Jul 2025 19:50:23 +0000 (21:50 +0200)]
GHA/checksrc: expand spellcheck, fix issues found
- codespell: break logic out into its own runnable script. Allowing
to run it on local machines.
- codespell: install via `pip`, bump to latest version.
- codespell: show version number in CI log.
- codespell: drop no longer needed word exception: `msdos`.
- codespell: include all curl source tree, except `packages` and
`winbuild`. Drop an obsolete file exclusion.
- add new spellchecker job using the `typos` tool. It includes
the codespell dictionary and a couple more. Use linuxbrew to install
it. This takes 10 seconds, while installing via `cargo` from source
would take over a minute.
- codespell: introduce an inline ignore filter compatible with `cspell`
Make `typos` recognize it, too. Move single exceptions inline.
Fix new typos found. Also rename variables and words to keep
spellchecking exceptions at minumum. This involves touching some tests.
Also switch base64 strings to `%b64[]` to avoid false positives.
Viktor Szakats [Sun, 20 Jul 2025 23:57:26 +0000 (01:57 +0200)]
windows: fix `if_nametoindex()` detection with autotools, improve with cmake
- autotools: fix auto-detection on the Windows platform.
It was mis-detected when targeting Windows XP/2003 64-bit.
It was permanently undetected when building for Windows 32-bit.
```
lib/url.c: In function 'zonefrom_url':
lib/url.c:1802:18: error: implicit declaration of function 'if_nametoindex' [-Wimplicit-function-declaration]
1802 | scopeidx = if_nametoindex(zoneid);
| ^~~~~~~~~~~~~~
lib/url.c:1802:18: error: nested extern declaration of 'if_nametoindex' [-Werror=nested-externs]
```
Ref: https://github.com/curl/curl/actions/runs/16405598782/job/46351023138?pr=17982#step:10:29
Reported-by: LoRd_MuldeR
Fixes #17979
Without this patch the workaround for the 8.15.0 release is:
`export ac_cv_func_if_nametoindex=0` for Windows XP/2003 64-bit.
Background: Checking for the `if_nametoindex()` function via
`AC_CHECK_FUNCS()` (autotools) or `check_function_exists()` (cmake) do
not work on Windows, for two reasons:
- the function may be disabled at compile-time in Windows headers
when targeting old Windows versions (XP or WS2003 in curl context)
via `_WIN32_WINNT`. But it's always present in the system implib
`iphlpapi` where these checks are looking.
- for 32-bit Windows the function signature in the implib requires
a 4-byte argument, while these checks always use no arguments,
making them always fail.
- cmake: call `if_nametoindex` dynamically with mingw-w64 v1.0.
This mingw-w64 version lacks prototype and implib entry for it.
- cmake: add auto-detection for Windows and use as a fallback for
non-pre-fill cases.
- cmake: disable pre-fill with `_CURL_PREFILL=OFF`. (for testing)
- cmake: disable pre-fill for untested compilers. (i.e. non-MSVC,
non-mingw64)
- GHA/windows: make an autotools job build for Windows XP.
Unconditionally enable _GNU_SOURCE when building on GNU/Hurd; this way
it is possible to properly use/rely on GNU extensions e.g. accept4(),
memrchr(), and the GNU strerror_r().
Viktor Szakats [Sat, 19 Jul 2025 13:21:31 +0000 (15:21 +0200)]
multissl: initialize when requesting a random number
To fix test 1308 in MultiSSL builds.
Failure was caused by the random number generator virtual function being
NULL, instead of pointing to the implementation in the runtime-selected
TLS backend. This could happen in MultiSSL builds when a functionality
was asking for a random number without triggering a VTLS function table
initialization first. Such functionality is MIME, or form data via MIME.
The reason CI did not catch it in an earlier MultiSSL GHA/windows job,
is that it was a debug-enabled one. In debug-enabled builds the test
runner was overriding the random number generator for all tests.
Viktor Szakats [Sat, 19 Jul 2025 20:53:08 +0000 (22:53 +0200)]
GHA/macos: enable QUIC API with OpenSSL
In one autotools and one cmake job.
Also:
- enable OpenSSL QUIC in two more jobs.
- pytest: add checks to skip h3 tests when there is no h3 server to
tests 26, 27a, 27b, 27c, 29 in test_02_download. Fixing:
```
FAILED tests/http/test_02_download.py::TestDownload::test_02_26_session_shared_reuse[h3] - AssertionError: expected exit code 0, got 1
[...]
```
Ref: https://github.com/curl/curl/actions/runs/16392680316/job/46320739635?pr=17973
Viktor Szakats [Fri, 18 Jul 2025 21:09:15 +0000 (23:09 +0200)]
GHA/macos: add Rustls, aws-lc jobs
Bind them to the (arbitrary choice of) Apple clang and gcc compilers,
respectively.
Also:
- bind existing mbedTLS job to the llvm compiler, to keep the number of
jobs the same as before this patch.
- move OpenLDAP from mbedTLS over to LibreSSL to keep testing it with
all 3 compilers.
- simplify exclusions for clang-tidy and torture jobs.
- tag clang-tidy and torture jobs via `install_steps`.
To avoid keeping around special bool fields.
test1560: skip some URLs if UTF-8 is not supported
Debian CI found that `lib1560` implements tests that will fail when
UTF-8 isn't supported. We can detect that with `nl_langinfo` and skip
the specific URLs that fail (i.e., those whose `getflags` are either
`CURLU_PUNYCODE` or `CURLU_PUNY2IDN`).
Viktor Szakats [Sat, 19 Jul 2025 16:45:25 +0000 (18:45 +0200)]
tests: set `CURL_ENTROPY` per test, not globally
Setting `CURL_ENTROPY` in debug-enabled builds overrides the code paths
responsible for random number generation. To avoid masking issue there,
this patch moves `CURL_ENTROPY` settings to each test that requires it,
and stop setting it by default for all tests (in `runner.pm`).
This makes it possible to catch random generator issues in debug-enabled
builds; extending test coverage.
To keep offering a well-defined state for tests, make `runner.pm` delete
the `CURL_ENTROPY` env, if present.
Reported-by: Kai Pastor Reported-by: Tal Regev
Bug: https://github.com/microsoft/vcpkg/pull/46444#pullrequestreview-3026575393
Ref: https://github.com/microsoft/vcpkg/pull/46444/commits/3a845c4b15066e8167bb4708007180fb6bedf40d
Stefan Eissing [Wed, 16 Jul 2025 09:10:13 +0000 (11:10 +0200)]
openssl: some small cleanups
- rename Curl_oss_check_peer_cert() to Curl_ossl_check_peer_cert()
- leave altname match loop after the first success when the match
was an ip address
- remove static subj_alt_hostcheck() since it did not really do much
- use length based infof() output of altname, even though it does
seem always to be nul terminated
projects / thirdparty / curl.git / log
