Daniel Stenberg [Fri, 22 Dec 2023 08:51:20 +0000 (09:51 +0100)]
mprintf: overhaul and bugfixes
In a test case using lots of snprintf() calls using many commonly used
%-codes per call, this version is around 30% faster than previous
version.
It also fixes the #12561 bug which made it not behave correctly when
given unknown %-sequences. Fixing that flaw required a different take on
the problem, which resulted in the new two-arrays model.
lib557: extended - Verify the #12561 fix and test more printf features
unit1398: fix test: It used a <num>$ only for one argument, which is not
supported.
Viktor Szakats [Thu, 21 Dec 2023 03:59:20 +0000 (03:59 +0000)]
appveyor: replace PowerShell with bash + parallel autotools
PowerShell works (after a steep development curve), but one property of
it stuck and kept causing unresolvable usability issues: With
`$ErrorActionPreference=Stop`, it does abort on failures, but shows only
the first line of the error message. In `Continue` mode, it shows the
full error message, but doesn't stop on all errors. Another issue is
PowerShell considering any stderr output as if the command failed (this
has been improved in 7.2 (2021-Nov), but fixed versions aren't running
in CI and will not be for a long time in all test images.)
Thus, we're going with bash.
Also:
- use `-j2` with autotools tests, making them finish 5-15 minutes per
job faster.
- omit `POSIX_PATH_PREFIX`.
- use `WINDIR`.
- prefer forward slashes.
Fix remaining warnings in examples and tests which are not suppressed
by the pragma in `lib/curl_setup.h`.
Silence a toolchain issue causing warnings in `FD_SET()` calls with
older Cygwin/MSYS2 builds. Likely fixed on 2020-08-03 by:
https://cygwin.com/git/?p=newlib-cygwin.git;a=commitdiff;h=5717262b8ecfed0f7fab63e2c09c78991e36f9dd
Viktor Szakats [Sat, 9 Dec 2023 02:45:19 +0000 (02:45 +0000)]
build: fix some `-Wsign-conversion`/`-Warith-conversion` warnings
- enable `-Wsign-conversion` warnings, but also setting them to not
raise errors.
- fix `-Warith-conversion` warnings seen in CI.
These are triggered by `-Wsign-converion` and causing errors unless
explicitly silenced. It makes more sense to fix them, there just a few
of them.
- fix some `-Wsign-conversion` warnings.
- hide `-Wsign-conversion` warnings with a `#pragma`.
- add macro `CURL_WARN_SIGN_CONVERSION` to unhide them on a per-build
basis.
- update a CI job to unhide them with the above macro:
https://github.com/curl/curl/actions/workflows/linux.yml -> OpenSSL -O3
Viktor Szakats [Sat, 16 Dec 2023 17:23:40 +0000 (17:23 +0000)]
build: more `-Wformat` fixes
- memdebug: update to not trigger `-Wformat-nonliteral` warnings.
- imap: mark `imap_sendf()` with `CURL_PRINTF()`.
- tool_msgs: mark static function with `CURL_PRINTF()`.
Daniel Stenberg [Mon, 18 Dec 2023 09:34:17 +0000 (10:34 +0100)]
curl.h: add CURLE_TOO_LARGE
A new error code to be used when an internal field grows too large, like
when a dynbuf reaches its maximum. Previously it would return
CURLE_OUT_OF_MEMORY for this, which is highly misleading.
Yedaya Katsman [Sun, 17 Dec 2023 20:04:25 +0000 (22:04 +0200)]
tests: respect $TMPDIR when creating unix domain sockets
When running on termux, where $TMPDIR isn't /tmp, running the tests
failed, since the server config tried creating sockets in /tmp, without
checking the temp dir config. Use the TMPDIR variable that makes it find
the correct directory everywhere [0]
Mark Sinkovics [Thu, 14 Dec 2023 00:49:55 +0000 (19:49 -0500)]
cmake: fix generation for system name iOS
This PR fixes a problem that happens during CMake configuration when
the `CMAKE_SYSTEM_NAME` set to `iOS` and not `Darwin`. This value is
available (as far as I remember) version 3.14. The final solution
(thanks to @vszakats) is to use `APPLE` which contains all the Apple
platforms https://cmake.org/cmake/help/latest/variable/APPLE.html.
This issue was found when during vcpkg installation. Running command
`vcpkg install curl:arm64-ios` and `vcpkg install curl:x64-ios` failed
with message:
```
CMake Error: try_run() invoked in cross-compiling mode, please set the following cache variables appropriately:
HAVE_H_ERRNO_ASSIGNABLE_EXITCODE (advanced)
```
After this fix, I was able to compile the compile the binary without
any issue.
In addition to that fix, this PR also contains an simplification to
check if the platform is not APPLE.
Baruch Siach [Mon, 11 Dec 2023 18:45:01 +0000 (20:45 +0200)]
gnutls: fix build with --disable-verbose
infof() parameters must be defined event with --disable-verbose since
commit dac293cfb702 ("lib: apache style infof and trace
macros/functions").
Move also 'ptr' definition under !CURL_DISABLE_VERBOSE_STRINGS.
Fixes the following build failure:
In file included from ../lib/sendf.h:29,
from vtls/gtls.c:44:
vtls/gtls.c: In function 'Curl_gtls_verifyserver':
vtls/gtls.c:841:34: error: 'version' undeclared (first use in this function); did you mean 'session'?
841 | gnutls_protocol_get_name(version), ptr);
| ^~~~~~~
Viktor Szakats [Mon, 11 Dec 2023 17:28:35 +0000 (17:28 +0000)]
build: remove redundant `CURL_PULL_*` settings
These macros were not propagated to the source code from CMake.
autotools set only one of them (`CURL_PULL_SYS_POLL_H`), initially to
address an AIX issue [1]. This later broke when introducing `system.h`
[2] without the logic it enabled. A subsequent fix [3] re-added the
logic, and also enabled it for AIX before its use, directly in
`system.h`.
Viktor Szakats [Sun, 10 Dec 2023 02:19:32 +0000 (02:19 +0000)]
system.h: sync mingw `CURL_TYPEOF_CURL_SOCKLEN_T` with other compilers
Align mingw with the other Windows compilers and use the `int` type for
`CURL_TYPEOF_CURL_SOCKLEN_T` (and thus for `curl_socklent_t`). This
makes it unnecessary to make a mingw-specific trick and pull all Windows
headers early just for this type definition. This type is specific to
Windows, not to the compiler. mingw-w64's Windows header maps it to
`int` too.
With this we also delete all remaining uses of `CURL_PULL_WS2TCPIP_H`.
[ The official solution is to use `socklen_t` for all Windows compilers.
In this case we may want to update `curl/curl.h` to pull in Windows
headers before `system.h`. ]
Reviewed-by: Daniel Stenberg Reviewed-by: Jay Satiro
Closes #12501
Viktor Szakats [Sat, 9 Dec 2023 20:37:11 +0000 (20:37 +0000)]
windows: simplify detecting and using system headers
- autotools, cmake: assume that if we detect Windows, `windows.h`,
`winsock2.h` and `ws2tcpip.h` do exist.
- lib: fix 3 outlier `#if` conditions to use `USE_WINSOCK` instead of
looking for `winsock2.h`.
- autotools: merge 3 Windows check methods into one.
- move Watt-32 and lwIP socket support to `setup-win32.h` from
`config-win32.h`. It opens up using these with all build tools. Also
merge logic with Windows Sockets.
- fix to assume Windows sockets with the mingw32ce toolchain.
Follow-up to: 2748c64d605b19fb419ae56810ad8da36487a2d4
- cmake: delete unused variable `signature_call_conv` since eb33ccd5332435fa50f1758e5debb869c6942b7f.
- autotools: simplify `CURL_CHECK_WIN32_LARGEFILE` detection.
- examples/externalsocket: fix header order.
- cmake/OtherTests.cmake: delete Windows-specific `_source_epilogue`
that wasn't used anymore.
- cmake/OtherTests.cmake: set `WIN32_LEAN_AND_MEAN` for test
`SIZEOF_STRUCT_SOCKADDR_STORAGE`.
After this patch curl universally uses `_WIN32` to guard
Windows-specific logic. It guards Windows Sockets-specific logic with
`USE_WINSOCK` (this might need further work).
Viktor Szakats [Fri, 8 Dec 2023 13:05:09 +0000 (13:05 +0000)]
build: enable missing OpenSSF-recommended warnings, with fixes
https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
as of 2023-11-29 [1].
Enable new recommended warnings (except `-Wsign-conversion`):
- enable `-Wformat=2` for clang (in both cmake and autotools).
- add `CURL_PRINTF()` internal attribute and mark functions accepting
printf arguments with it. This is a copy of existing
`CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible
with redefinting the `printf` symbol:
https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94
- fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for
mingw-w64 and enable it on this platform.
- enable `-Wimplicit-fallthrough`.
- enable `-Wtrampolines`.
- add `-Wsign-conversion` commented with a FIXME.
- cmake: enable `-pedantic-errors` the way we do it with autotools.
Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747
- lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format
checks. Previously it was always disabled due to the internal `printf`
macro.
Fix them:
- fix bug where an `set_ipv6_v6only()` call was missed in builds with
`--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`.
- add internal `FALLTHROUGH()` macro.
- replace obsolete fall-through comments with `FALLTHROUGH()`.
- fix fallthrough markups: Delete redundant ones (showing up as
warnings in most cases). Add missing ones. Fix indentation.
- silence `-Wformat-nonliteral` warnings with llvm/clang.
- fix one `-Wformat-nonliteral` warning.
- fix new `-Wformat` and `-Wformat-security` warnings.
- fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its
definition to `lib/curl_setup.h` allowing use in `tests/server`.
- lib: fix two wrongly passed string arguments in log outputs. Co-authored-by: Jay Satiro
- fix new `-Wformat` warnings on mingw-w64.
Daniel Stenberg [Sat, 16 Dec 2023 10:46:31 +0000 (11:46 +0100)]
cmdline-docs: use .IP consistently
Remove use of .TP and some .B. The idea is to reduce nroff syntax as
much as possible and to use it consistently. Ultimately, we should be
able to introduce our own easier-to-use-and-read syntax/formatting and
convert on generation time.
Daniel Stenberg [Mon, 11 Dec 2023 18:36:27 +0000 (19:36 +0100)]
readwrite_data: loop less
This function is made to loop in order to drain incoming data
faster. Completely removing the loop has a measerably negative impact on
transfer speeds.
Downsides with the looping include
- it might call the progress callback much more seldom. Especially if
the write callback is slow.
- rate limiting becomes less exact
- a single transfer might "starve out" other parallel transfers
- QUIC timers for other connections can't be maintained correctly
The long term fix should be to remove the loop and optimize coming back
to avoid the transfer speed penalty.
This fix lower the max loop count to reduce the starvation problem, and
avoids the loop completely for when rate-limiting is in progress.
Stefan Eissing [Wed, 13 Dec 2023 10:25:20 +0000 (11:25 +0100)]
lib: eliminate `conn->cselect_bits`
- use `data->state.dselect_bits` everywhere instead
- remove `bool *comeback` parameter as non-zero
`data->state.dselect_bits` will indicate that IO is
incomplete.
Q: "The cmake build selected to run gcc with -fPIC on my box while the
plain configure script did not."
A: With CMake, since 2ebc74c36a19a1700af394c16855ce144d9878e3 #11546
and fc9bfb14520712672b4784e8b48256fb29204011 #11627, we explicitly
enable PIC for libcurl shared lib. Or when building libcurl for
shared and static lib in a single pass. We do this by default for
Windows or when enabled by the user via `SHARE_LIB_OBJECT`.
Otherwise we don't touch this setting. Meaning the default set by
CMake (if any) or the toolchain is used. On Debian Bookworm, this
means that PIC is disabled for static libs by default. Some platforms
(like macOS), has PIC enabled by default.
autotools supports the double-pass mode only, and in that case
CMake seems to match PIC behaviour now (as tested on Linux with gcc.)
Viktor Szakats [Sun, 10 Dec 2023 03:33:17 +0000 (03:33 +0000)]
cmake: delete obsolete TODO items [ci skip]
There is always room for improvement, but CMake is up to par now with
autotools, so there is no longer a good reason to keep around these
inline TODO items.
Answering one of questions:
Q: "The gcc command line use neither -g nor any -O options. As a
developer, I also treasure our configure scripts's --enable-debug
option that sets a long range of "picky" compiler options."
A: CMake offers the `CMAKE_BUILD_TYPE` variable to control debug info
and optimization level. E.g.:
- `Release` = `-O3` + no debug info
- `MinSizeRel` = `-Os` + no debug info
- `Debug` = `-O0` + debug info
Daniel Stenberg [Sat, 9 Dec 2023 23:05:04 +0000 (00:05 +0100)]
cmdline/gen: fix the sorting of the man page options
They were previously sorted based on the file names, which use a .d
extension, making "data" get placed after "data-binary" etc. Making the
sort ignore the extention fixes the ordering.
Reported-by: Boris Verkhovskiy
Bug: https://curl.se/mail/archive-2023-12/0014.html
Closes #12494
Daniel Stenberg [Fri, 8 Dec 2023 08:34:05 +0000 (09:34 +0100)]
tests: rename tests scripts to the test number
It is hard to name the scripts sensibly. Lots of them are similarly
named and the name did not tell which test that used them.
The new approach is rather to name them based on the test number that
runs them. Also helps us see which scripts are for individual tests
rather than for general test infra.
Daniel Stenberg [Tue, 5 Dec 2023 14:55:35 +0000 (15:55 +0100)]
lib: strndup/memdup instead of malloc, memcpy and null-terminate
- bufref: use strndup
- cookie: use strndup
- formdata: use strndup
- ftp: use strndup
- gtls: use aprintf instead of malloc + strcpy * 2
- http: use strndup
- mbedtls: use strndup
- md4: use memdup
- ntlm: use memdup
- ntlm_sspi: use strndup
- pingpong: use memdup
- rtsp: use strndup instead of malloc, memcpy and null-terminate
- sectransp: use strndup
- socks_gssapi.c: use memdup
- vtls: use dynbuf instead of malloc, snprintf and memcpy
- vtls: use strdup instead of malloc + memcpy
- wolfssh: use strndup
Daniel Stenberg [Wed, 6 Dec 2023 13:13:17 +0000 (14:13 +0100)]
url: for disabled protocols, mention if found in redirect
To help users better understand where the URL (and denied scheme) comes
from. Also removed "in libcurl" from the message, since the disabling
can be done by the application.
The error message now says "not supported" or "disabled" depending on
why it was denied:
Protocol "hej" not supported
Protocol "http" disabled
And in redirects:
Protocol "hej" not supported (in redirect)
Protocol "http" disabled (in redirect)
Stefan Eissing [Mon, 4 Dec 2023 11:13:25 +0000 (12:13 +0100)]
ngtcp2: ignore errors on unknown streams
- expecially in is_alive checks on connections, we might
see incoming packets on streams already forgotten and closed,
leading to errors reported by nghttp3. Ignore those.
Same with details:
https://ci.appveyor.com/project/curlorg/curl/builds/48662893/job/ol8a78q9gmilb6wt#L1263
```
tests/libtest/lib1545.c:38:3: error: 'curl_formadd' is deprecated: since 7.56.0. Use curl_mime_init() [-Werror=deprecated-declarations]
38 | curl_formadd(&m_formpost, &lastptr, CURLFORM_COPYNAME, "file",
| ^~~~~~~~~~~~
[...]
```
David Benjamin [Fri, 1 Dec 2023 19:40:32 +0000 (14:40 -0500)]
vtls: consistently use typedef names for OpenSSL structs
The foo_st names don't appear in OpenSSL public API documentation. The
FOO typedefs are more common. This header was already referencing
SSL_CTX via <openssl/ssl.h>. There is a comment about avoiding
<openssl/x509v3.h>, but OpenSSL actually declares all the typedefs in
<openssl/ossl_typ.h>, which is already included by <openssl/ssl.h> (and
every other OpenSSL header), so just use that. Though I've included it
just to be explicit.
(I'm also fairly sure including <openssl/ssl.h> already triggers the
Schannel conflicts anyway. The comment was probably just out of date.)
Stefan Eissing [Fri, 1 Dec 2023 13:00:15 +0000 (14:00 +0100)]
ngtcp2: fix races in stream handling
- fix cases where ngtcp2 invokes callbacks on streams that
nghttp3 has already forgotten. Ignore the NGHTTP3_ERR_STREAM_NOT_FOUND
in these cases as it is normal behaviour.
projects / thirdparty / curl.git / log
