David Zhuang [Wed, 3 Sep 2025 00:28:21 +0000 (17:28 -0700)]
http: do the cookie list access under lock
A previous refactor of cookie logic changed Curl_cookie_getlist to no
longer return a list of copied cookies, but instead return a linked list
pointing to existing cookies. The returned linked list is accessed
outside of the scope of the cookie share lock in http_cookies, which
leads to issues if the shared cookie list is modified at the same time.
This is the relevant commit: be39ed1
Daniel Stenberg [Wed, 3 Sep 2025 07:52:36 +0000 (09:52 +0200)]
tool_getparam: warn on more unicode prefixes
If a string argument is expected and the first two bytes are 0xe2 ex80
and the third has the 7th bit set, that's enough for curl to warn.
Previously we tried to detect and warn only for the unicode double
quote, but users might use single quotes, other quotes or even lead the
argument with one of the "zero widths" characters. This is an attempt to
detect many of those. Without triggering for "normal" IDN hostnames.
Jay Satiro [Wed, 27 Aug 2025 07:35:01 +0000 (03:35 -0400)]
projects: fix Windows project 'clean' function
- Fix generate.bat "-clean" option.
- Change version template substitutes to match old files, eg go back to
using format version "11.00" instead of "11.0".
- Limit the vcxproj filters file types that are filtered to c, h, rc.
- Get rid of the tmpl extension from template files and add a README
to the tmpl directory explaining the purpose of the files.
- gitignore VCxx directories entirely rather than individual file types.
- Do not remove the VC directories during clean, instead remove just the
generated project files.
Removing the VC directories has the unwanted behavior of removing files
other than those generated. Visual Studio will generate its own
preference files (like if you have some debug arguments in your .suo)
and those files sit in the VC directories. We ignore those files since
they are the user's files and should not be deleted. Also the user may
have their own untracked files that we shouldn't be deleting.
Follow-up to 57d349fe which consolidated the project templates.
Assisted-by: Viktor Szakats
Closes https://github.com/curl/curl/pull/18412
Daniel Stenberg [Mon, 1 Sep 2025 14:36:53 +0000 (16:36 +0200)]
parsedate: make Curl_getdate_capped able to return epoch
By returning error separately on parse errors and avoiding magic
numbers, this function can now return 0 or -1 as proper dates when such
a date string is provided.
Stefan Eissing [Fri, 29 Aug 2025 15:38:45 +0000 (17:38 +0200)]
aws-lc: do not use large buffer
test_10_08, uploading larger files for a h2 proxy, sporadically fails
with a decrpytion error on received data in AWS-LC. The frequency can
be increased by simulated network receive blocks.
Not setting a 4 * TLS record sized buffer, leaving AWS-LC at its
default buffer size seems to mitigate this problem.
XCas13 [Fri, 29 Aug 2025 09:52:25 +0000 (13:52 +0400)]
ngtcp2: handshake timeout should be equal to --connect-timeout
Default timeout is hardcoded (10 seconds) and doesn't respect
--connect-timeout parameter. In some cases 10 seconds can be not enough
or too long to "establish a connection". Moreover the non-working
--connect-timeout parameter for http3 is confusing. This change makes
the handshake timeout equal to --connect-timeout, if it's set.
Discussion is here https://github.com/curl/curl/discussions/18427
Viktor Szakats [Thu, 28 Aug 2025 20:36:47 +0000 (22:36 +0200)]
GHA/windows: fix perl 5.40.3 bump fallout with custom-built modules
Perl got bumped from 5.38.4 to 5.40.3. The new version crashes when
loading the `Win32::Process*` modules built and cached in CI. The build
job uses Perl 5.38.4.
To avoid the crash, include the Perl version (hashed) in the cache key,
so that it's only loaded when the Perl version matches.
This solution is imperfect, because some of the jobs will not use the
Perl modules in transition periods, when different jobs use different
Perl versions. Anyway, can't think of a better one for now. Another
option is to drop the effort with these modules. After all they did not
help with crashes and hangs, nor with performance. While adding quite
a bit of CI complexity.
Also:
- test early if the modules load and log the result.
It's causing false-positives with clang-tidy v21, in cases in system
headers (seen in `FD_ISSET()` with macOS SDK). In some cases in
tests/server, there was no distinct source line that was triggering it.
Example:
```
/Applications/Xcode_16.4.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX15.5.sdk/usr/include/sys/_types/_fd_def.h:83:10: error: Potential out of bound access to 'fds_read.fds_bits' with tainted index [clang-analyzer-security.ArrayBound,-warnings-as-errors]
83 | return _p->fds_bits[(unsigned long)_fd / __DARWIN_NFDBITS] & ((__int32_t)(((unsigned long)1) << ((unsigned long)_fd % __DARWIN_NFDBITS)));
| ^
[...]
/Users/runner/work/curl/curl/tests/server/socksd.c:679:5: note: Taking false branch
679 | if(rc < 0) {
| ^
```
Daniel Stenberg [Thu, 28 Aug 2025 09:42:49 +0000 (11:42 +0200)]
cookie: simplifications
- add Curl_secure_context(), to have it determined in a single place.
- tweak the Curl_cookie_getlist() proto. Move some logic into the
function - at is only called in a single place. Instead of forcing the
caller to do it.
Stefan Eissing [Mon, 18 Aug 2025 15:12:35 +0000 (17:12 +0200)]
websocket: improve handling of 0-len frames
Write out 9-length frames to client's WRITEFUNCTION
Read 0-length frames from READFUNCTION *if* the function
started a new frame via `curl_ws_start_frame()`.
Viktor Szakats [Wed, 27 Aug 2025 14:23:58 +0000 (16:23 +0200)]
HTTP3.md: avoid `configure` issue for ngtcp2 1.14.0+ compatibility
Applied the same workaround to the build examples as used earlier in CI.
That is, drop `<path> from `--with-ngtcp2=<path>` and configure env
`PKG_CONFIG_PATH` instead.
Jay Satiro [Fri, 1 Aug 2025 07:57:12 +0000 (03:57 -0400)]
schannel: fix renegotiation
- Move the schannel_recv renegotiation code to function
schannel_recv_renegotiate.
- Save the state of a pending renegotiation.
- Pre-empt schannel_recv and schannel_send to continue a pending
renegotation.
- Partially block during renegotiation if necessary.
Prior to this change, since a1850ad7 (precedes 8.13.0), schannel_recv
did not properly complete renegotiation before attempting to decrypt
data. In some cases that could cause an error SEC_E_CONTEXT_EXPIRED.
Most of the time though DecryptMessage would succeed by chance and
return SEC_I_RENEGOTIATE which allowed the renegotiation to continue.
Reported-by: stephannn@users.noreply.github.com Reported-by: Dustin L. Howett
Fixes https://github.com/curl/curl/issues/18029
Closes https://github.com/curl/curl/pull/18125
Viktor Szakats [Thu, 14 Aug 2025 21:43:34 +0000 (23:43 +0200)]
GHA/linux: build `-O3` job with unity batches to save 10-15s
Before (build, test run):
https://github.com/curl/curl/actions/runs/16974205126/job/48118716664 25s, 12m56
https://github.com/curl/curl/actions/runs/16973102133/job/48114977897 24s, 12m51
After, with batch size 50 (build, test run):
https://github.com/curl/curl/actions/runs/17250901063/job/48952645881?pr=18293 16s, 12m51
https://github.com/curl/curl/actions/runs/17250901063/job/48953665204?pr=18293 17s, 12m42
Daniel Stenberg [Tue, 26 Aug 2025 14:03:24 +0000 (16:03 +0200)]
ftp: simplify
- Avoid checking what's always true. The ftpcode pointer is always
passed in, so use it.
- Simplified an indent level somewhat
- Split out two functions from the state machine
Daniel Stenberg [Mon, 18 Aug 2025 15:10:35 +0000 (17:10 +0200)]
socks_sspi: simplify, clean up Curl_SOCKS5_gssapi_negotiate
This function returned error on MANY places, each with its own cleanup
sequence and by the look of it almost all of them were incomplete,
making them leak resources on errors.
This take now gotos to the error label where it cleans everything up
before returning error. This also simplifies the function a lot.
Daniel Stenberg [Fri, 22 Aug 2025 14:58:28 +0000 (16:58 +0200)]
tool_getparam: let --trace-config override -v
If --trace-config is used to set a level before -v is used, don't reset
the state on first -v (to "-all") as it otherwise does. This way,
--trace-config can be used to set specific trace items before -v on the
command line and it still works.
Previously, the first -v use would otherwise reset and undo the earlier
--trace-config items.
Viktor Szakats [Mon, 25 Aug 2025 15:44:47 +0000 (17:44 +0200)]
projects: generate from a single template
The three projects (VC10, VC11, VC12) are identical except 5 repeated
strings in them. They also require running `generate.bat` before use,
to populate source files. Reduce the 3 almost identical projects to
a single template project and populate the repeated strings also via
`generate.bat`. This reduces the maintenance burden to a single copy of
the project files. Also saving 10000 LOCs.
- curl_ntlm_core: document version thresholds for an AWS-LC-specific
workaround.
It was necessary between v1.2.0 2022-09-01 and v1.30.1 2024-06-21.
No longer necessary since v1.31.0 2024-07-01:
https://github.com/aws/aws-lc/commit/ba94617d99c18949711e8e405721ea85a2b38c3f
Follow-up to 34ef4fab22d93cf7ef1d6c2954a0bad19f323ea9 #10320
Stefan Eissing [Sat, 23 Aug 2025 12:15:13 +0000 (14:15 +0200)]
asyn-thrdd: more simplifications
- use wakeup sockets non-locked.
- send wakeup notify only in normal control flow (not cancel). close
wakeup sockets in unlink only.
- remove 5ms thread lifetime wait crutch before pthread_cancel().
Viktor Szakats [Sat, 23 Aug 2025 08:48:12 +0000 (10:48 +0200)]
build: support LibreSSL native crypto lib with ngtcp2 1.15.0+
In ngtcp2 1.15.0 the LibreSSL crypto interface library got its own name:
`libngtcp2_crypto_libressl`. In previous versions it used
`libngtcp2_crypto_quictls`, shared with quictls itself (but not
compatible with).
Adapt autotools and cmake scripts to look for the new name first, and
fall back to the old one if not found.
Fallback to quictls tested OK in CI with both autotools and cmake:
https://github.com/curl/curl/actions/runs/17174994908?pr=18377
Viktor Szakats [Fri, 22 Aug 2025 21:55:47 +0000 (23:55 +0200)]
asyn-thrdd: fix no `HAVE_GETADDRINFO` builds
mingw32ce, CM 4.4.0-arm schannel:
```
lib/asyn-thrdd.c: In function 'gethostbyname_thread':
lib/asyn-thrdd.c:349: error: too many arguments to function 'async_thrd_cleanup'
```
Ref: https://github.com/curl/curl/actions/runs/17158865566/job/48682687295?pr=18039#step:9:21
Viktor Szakats [Fri, 22 Aug 2025 14:42:06 +0000 (16:42 +0200)]
openssl: drop more legacy cruft
- drop `ALLOW_RENEG` undocumented (insecure) build-time option.
- drop unnecessary check for `OPENSSL_VERSION_NUMBER`.
It's present in all supported OpenSSL versions and forks.
Stefan Eissing [Fri, 22 Aug 2025 13:24:04 +0000 (15:24 +0200)]
asyn-thrdd: manage DEFERRED and locks better
- cancel thread waits until thread start is at least 5ms in the past
to give it some time to get its cancellation setup in place
- cancel thread without holding the mutex. It's supposed to be an
async operation, but better be safe
- set DEFERRED cancel state explicitly, should be default in a pthread,
but better be safe
- assume:
- `BIO_CTRL_EOF`
- `SSL_CTRL_SET_MSG_CALLBACK`
- `SSL_CTRL_SET_MSG_CALLBACK`
- `SSL_CTRL_SET_TLSEXT_HOSTNAME`
- `SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER`
- `SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS`
- `SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG`
- `SSL_OP_NO_COMPRESSION`
- `SSL_OP_NO_TICKET`
- `X509_V_FLAG_PARTIAL_CHAIN`
- `X509_V_FLAG_TRUSTED_FIRST`
They are present in all supported OpenSSL (and fork) versions.
- replace `SSL_ERROR_WANT_EARLY` with `SSL_ERROR_WANT_CLIENT_HELLO_CB`.
The former appeared in OpenSSL 1.1.1-dev, but renamed before
the stable release.
- document support for macros:
- `ENGINE_CTRL_GET_CMD_FROM_NAME`
- `SSL_ERROR_WANT_ASYNC_JOB`
- `SSL_ERROR_WANT_ASYNC`
- `SSL2_VERSION_MAJOR`
- `TLS1_3_VERSION`
- drop legacy fallback for `CONF_MFLAGS_DEFAULT_SECTION`.
It was there for OpenSSL 0.9.8 support.
- fix `SSL_CTRL_SET_MSG_CALLBACK` accidentally serving as a guard for
OpenSSL (and forks) as a whole.
Stefan Eissing [Mon, 11 Aug 2025 13:58:11 +0000 (15:58 +0200)]
ares: use `ares_strerror()` to retrieve error messages
Add optional detail to `Curl_resolver_error()` to add to failure message
where available. This makes, for c-ares, the reason for a failed
resource available to the user without extra trace config.
When "dns" tracing enabled, print the c-ares server config at the start
of a resolve.
Stefan Eissing [Thu, 21 Aug 2025 19:50:20 +0000 (21:50 +0200)]
asyn-thrdd: remove condition variable
Add a flag `thrd_don` to assess if the resolving thread has finished and
only destroy the context when *both* ref_count reaches 0 and thrd_done
is true.
Stefan Eissing [Thu, 21 Aug 2025 19:19:27 +0000 (21:19 +0200)]
asyn-thrdd: use condition var more carefully
When the thread started is too fast, the signal will come before the
wait. Add an additional check before the wait to catch the thread
having started or already ended.
projects / thirdparty / curl.git / log
