Stefan Eissing [Wed, 1 Mar 2023 12:05:09 +0000 (13:05 +0100)]
socket: detect "dead" connections better, e.g. not fit for reuse
- refs #10646 where reuse was attempted on closed connections in the
cache, leading to an exhaustion of retries on a transfer
- the mistake was that poll events like POLLHUP, POLLERR, etc
were regarded as "not dead".
- change cf-socket filter check to regard such events as inidication
of corpsiness.
- vtls filter checks: fixed interpretation of backend check result
when inconclusive to interrogate status further down the filter
chain.
Reported-by: SendSonS on github
Fixes #10646
Closes #10652
cf-socket: if socket is already connected, return CURLE_OK
In 7.87.0, if callback method for CURLOPT_SOCKOPTFUNCTION returns
CURL_SOCKOPT_ALREADY_CONNECTED then curl library used to return
CURLE_OK. n 7.88.0, now even if callback returns
CURL_SOCKOPT_ALREADY_CONNECTED, curl library still tries to connect to
socket by invoking method do_connect().
This is regression caused by commit
https://github.com/curl/curl/commit/71b7e0161032927cdfb
Fix: Check if we are already connected and return CURLE_OK.
Jay Satiro [Sun, 26 Feb 2023 08:44:38 +0000 (03:44 -0500)]
transfer: limit Windows SO_SNDBUF updates to once a second
- Change readwrite_upload() to call win_update_buffer_size() no more
than once a second to update SO_SNDBUF (send buffer limit).
Prior to this change during an upload readwrite_upload() could call
win_update_buffer_size() anywhere from hundreds of times per second to
an extreme test case of 100k per second (which is likely due to a bug,
see #10618). In the latter case WPA profiler showed
win_update_buffer_size was the highest capture count in
readwrite_upload. In any case the calls were excessive and unnecessary.
Stefan Eissing [Tue, 28 Feb 2023 10:43:50 +0000 (11:43 +0100)]
http2: fix for http2-prior-knowledge when reusing connections
- refs #10634 where errors in the HTTP/2 framing layer are observed.
- the bug was that on connection reuse, the code attempted to switch
in yet another layer of HTTP/2 handling instead of detecting that
this was already in place.
- added pytest testcase reproducing the issue.
Reported-by: rwmjones on github
Fixes #10634
Closes #10643
Stefan Eissing [Tue, 28 Feb 2023 10:05:06 +0000 (11:05 +0100)]
cf-socket: fix handling of remote addr for accepted tcp sockets
- do not try to determine the remote address of a listen socket. There
is none.
- Update remote address of an accepted socket by getpeername() if
available.
Reported-by: Harry Sintonen
Fixes #10622
Closes #10642
Stefan Eissing [Tue, 28 Feb 2023 09:07:21 +0000 (10:07 +0100)]
http: fix unix domain socket use in https connects
- when h2/h3 eyeballing was involved, unix domain socket
configurations were not honoured
- configuring --unix-socket will disable HTTP/3 as candidate for eyeballing
- combinatino of --unix-socket and --http3-only will fail during initialisation
- adding pytest test_11 to reproduce
Reported-by: Jelle van der Waa
Fixes #10633
Closes #10641
積丹尼 Dan Jacobson [Tue, 28 Feb 2023 01:36:30 +0000 (09:36 +0800)]
rate.c: single URLs make no sense in --rate example
Here somehow you need to put more than one URL in these examples, else
they will make no sense, as --rate only affects the second and beyond
URLs. The first URL will always finish the same time no matter what
--rate is given.
Daniel Stenberg [Fri, 24 Feb 2023 17:17:33 +0000 (18:17 +0100)]
idn: return error if the conversion ends up with a blank host
Some IDN sequences are converted into "" (nothing), which can make this
function end up with a zero length host name and we cannot consider that
a valid host to continue with.
This tool seems very restricted in how often it might be used by a
project and thus very quickly start to report fails simply because it
refuses to run when "there are more runs than allowed".
Jay Satiro [Tue, 21 Feb 2023 08:38:37 +0000 (03:38 -0500)]
winbuild: fix makefile clean
- Fix and move 'clean' code that removes the output and obj directories
trees from MakefileBuild.vc to Makefile.vc.
Prior to this change the 'clean' code did not work right because the
variables containing the directory names were not fully initialized and
the rmdir syntax was sometimes incorrect (typos). DIRDIST for example
was set to ..\builds\ and not ..\builds\$(CONFIG_NAME_LIB)\ so it would
remove the former and not the latter. If WITH_PREFIX was set then that
directory was removed instead.
Also, DIRDIST (the output directory) even if initialized should not be
removed by MakefileBuild.vc because by that time it could be set to a
user directory that may contain other files if WITH_PREFIX is set (eg we
don't want rmdir /s /q C:\usr\local). Therefore we remove from
Makefile.vc before any of that happens. I added a comment in both
makefiles explaining this.
Since cbf57176 the Cirrus CI 'macOS arm64 SecureTransport http2' has
been failing due to c89 warnings mixed code/declaration. That commit is
not the cause so I assume something has changed in the CI outside of our
configuration. Anyway, we don't mix code/declaration so this is the fix
for that.
Stefan Eissing [Thu, 9 Feb 2023 15:07:34 +0000 (16:07 +0100)]
CURLOPT_PIPEWAIT: allow waited reuse also for subsequent connections
As tested in test_02_07, when firing off 200 urls with --parallel, 199
wait for the first connection to be established. if that is multiuse,
urls are added up to its capacity.
The first url over capacity opens another connection. But subsequent
urls found the same situation and open a connection too. They should
have waited for the second connection to actually connect and make its
capacity known.
This change fixes that by
- setting `connkeep()` early in the HTTP setup handler. as otherwise
a new connection is marked as closeit by default and not considered
for multiuse at all
- checking the "connected" status for a candidate always and continuing
to PIPEWAIT if no alternative is found.
pytest:
- removed "skip" from test_02_07
- added test_02_07b to check that http/1.1 continues to work as before
Daniel Stenberg [Fri, 17 Feb 2023 09:04:31 +0000 (10:04 +0100)]
parsedate: parse strings without using sscanf()
- sscanf is slow and complex, avoid it
- give up already if the string is 12 bytes or longer as no valid string
can be that long
- this can now be done without copy
Matt Jolly [Mon, 20 Feb 2023 08:29:03 +0000 (19:29 +1100)]
tests: HTTP server fixups
- httpserver.pl -> http-server.pl for consistency
- add http3-server.pl to EXTRA_DIST; alphabetise for maintainability
- nghttpx proxy invocation scripts should not use getcwd
Jay Satiro [Sat, 18 Feb 2023 21:06:11 +0000 (16:06 -0500)]
tool_operate: fix scanbuild compiler warning
Prior to this change Azure CI scanbuild warned of a potential NULL
pointer string passed to strtol when CURLDEBUG enabled, even though the
way the code was written it wouldn't have happened.
OpenSSL 3 has deprecated some of the functions libcurl uses such as
those with DES, MD5 and ENGINE prefix. We don't have replacements for
those functions so the warnings were disabled in autotools and cmake
builds, but still showed in other builds.
Jay Satiro [Fri, 17 Feb 2023 08:26:07 +0000 (03:26 -0500)]
build-openssl.bat: keep OpenSSL 3 engine binaries
Prior to this change copying the OpenSSL 3 engine binaries failed
because 'engines-1_1' (OpenSSL 1.1.x folder name) was erroneously used
instead of 'engines-3'. The OpenSSL 3 builds would complete successfully
but without the engine binaries.
Daniel Stenberg [Thu, 16 Feb 2023 23:16:39 +0000 (00:16 +0100)]
urlapi: do the port number extraction without using sscanf()
- sscanf() is rather complex and slow, strchr() much simpler
- the port number function does not need to fully verify the IPv6 address
anyway as it is done later in the hostname_check() function and doing
it twice is unnecessary.
Daniel Stenberg [Thu, 16 Feb 2023 15:34:36 +0000 (16:34 +0100)]
curl: make --silent work stand-alone
- renamed the struct field to 'silent' to match the cmdline option
- make --show-error toggle independently of --silent
- make --silent independent of ->noprogress as well
By doing this, the three options --silent, --no-progress-meter and
--show-error should work independently of each other and also work with
and without '--no-' prefix as documented.
Reported-by: u20221022 on github
Fixes #10535
Closes #10536
Daniel Stenberg [Thu, 16 Feb 2023 22:52:22 +0000 (23:52 +0100)]
socks: allow using DoH to resolve host names
For SOCKS modes where a local host resolve is done.
It was previously disabled in 12d655d4561, but a few local tests seem to
indicate that it works fine. Works now because of the SOCKS refactor of 4a4b63daaa01ef59 that made it non-blocking.
Reported-by: roughtex on github
Fixes #10537
Closes #10540
Stefan Eissing [Thu, 16 Feb 2023 13:09:16 +0000 (14:09 +0100)]
test: add test for HTTP/2 corruption as reported in #10525
- adding test_02_20 for reproducing the situation
- using recently released mod_h2 Apache module
- skipping test if an older version is installed
- adding installation of current mod_h2 to github pytest workflow
This reproduces the error reliable (for me) on the lib/http2.c version
of curl 7.88.0. And passes with the recent curl master.
Stefan Eissing [Wed, 15 Feb 2023 09:31:52 +0000 (10:31 +0100)]
connnect: fix timeout handling to use full duration
- connect timeout was used at half the configured value, if the
destination had 1 ip version 4 and other version 6 addresses
(or the other way around)
- extended test2600 to reproduce these cases
Reported-by: Michael Kaufmann
Fixes #10514
Closes #10517
projects / thirdparty / curl.git / log
