Daniel Stenberg [Tue, 6 Dec 2022 12:00:35 +0000 (13:00 +0100)]
KNOWN_BUGS: remove items not considered bugs any more
- CURL_GLOBAL_SSL
This option was changed in libcurl 7.57.0 and clearly it has not caused
too many issues and a lot of time has passed.
- Store TLS context per transfer instead of per connection
This is a possible future optimization. One that is much less important
and interesting since the added support for CA caching.
- Microsoft telnet server
This bug was filed in May 2007 against curl 7.16.1 and we have not
received further reports.
- active FTP over a SOCKS
Actually, proxies in general is not working with active FTP mode. This
is now added in proxy documentation.
- DICT responses show the underlying protocol
curl still does this, but since this is now an established behavior
since forever we cannot change it easily and adding an option for it
seems crazy as this protocol is not so little its not worth it. Let's
just live with it.
- Secure Transport disabling hostname validation also disables SNI
This is an already documented restriction in Secure Transport.
- CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM
The curl_formadd() function is marked and documented as deprecated. No
point in collecting bugs for it. It should not be used further.
- STARTTRANSFER time is wrong for HTTP POSTs
After close source code inspection I cannot see how this is true or that
there is any special treatment for different HTTP methods. We also have
not received many further reports on this, making me strongly suspect
that this is no (longer an) issue.
- multipart formposts file name encoding
The once proposed RFC 5987-encoding is since RFC 7578 documented as MUST
NOT be used. The since then implemented MIME API allows the user to set
the name on their own and can thus provide it encoded as it wants.
- DoH is not used for all name resolves when enabled
It is questionable if users actually want to use DoH for interface and
FTP port name resolving. This restriction is now documented and we
advice users against using name resolving at all for these functions.
curl.h: reword comment to not use deprecated option
CURLOPT_INFILE was replaced by CURLOPT_READDATA in 7.9.7, reword the
comment mentioning it to make code grepping easier as well as improve
the documentation.
Closes: #10062 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Ryan Schmidt [Wed, 7 Dec 2022 17:00:41 +0000 (11:00 -0600)]
system.h: fix socklen_t, curl_off_t, long long for Classic Mac OS
Change "__MWERKS__" to "macintosh". When this block was originally added
in 3ac6929 it was probably intended to handle classic Mac OS since the
previous classic Mac OS build procedure for curl (which was removed in bf327a9) used Metrowerks CodeWarrior.
But there are other classic Mac OS compilers, such as the MPW compilers,
that were not handled by this case. For classic Mac OS,
CURL_TYPEOF_CURL_SOCKLEN_T needs to match what's provided by the
third-party GUSI library, which does not vary by compiler.
Meanwhile CodeWarrior works on platforms other than classic Mac OS, and
they may need different definitions. Separate blocks could be added
later for any of those platforms that curl doesn't already support.
tool_formparse: avoid clobbering on function params
While perfectly legal to do, clobbering function parameters and using
them as local variables is confusing at best and rarely improves code
readability. Fix by using a local variable instead, no functionality
is changed.
This also renames the parameter from data to mime_data since the term
data is (soft) reserved for the easy handle struct.
Closes: #10046 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
noproxy: guard against empty hostnames in noproxy check
When checking for a noproxy setting we need to ensure that we get
a hostname passed in. If there is no hostname then there cannot be
a matching noproxy rule for it by definition.
Closes: #10057 Reported-by: Geeknik Labs Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Ryan Schmidt [Mon, 5 Dec 2022 19:25:05 +0000 (13:25 -0600)]
config-mac: define HAVE_SYS_IOCTL_H
This is needed to compile nonblock.c on classic Mac OS with Grand
Unified Socket Interface (GUSI) because nonblock.c uses FIONBIO which is
defined in <sys/filio.h> which is included by <sys/ioctl.h>.
Do things that are specific to classic Mac OS (i.e. include config-mac.h
in curl_setup.h and rename "main" to "curl_main" in tool_setup.h) when
only "macintosh" is defined. Remove the additional condition that
"__MRC__" should be defined since that would only be true with the MPW
MrC compiler which prevents the use of other reasonable compilers like
the MPW SC compiler and especially the Metrowerks CodeWarrior compilers.
"macintosh" is only defined by classic Mac OS compilers so this change
should not affect users of Mac OS X / OS X / macOS / any other OS.
Viktor Szakats [Mon, 5 Dec 2022 14:31:32 +0000 (14:31 +0000)]
Makefile.mk: improve a GNU Make hack [ci skip]
Replace the hack of using `$() ` to represent a single space. The new
method silences the `--warn-undefined-variables` debug warning and it's
also a better-known form of solving this problem.
Viktor Szakats [Fri, 2 Dec 2022 15:20:41 +0000 (15:20 +0000)]
Makefile.mk: address minor issues
- Fix `NROFF` auto-detection with certain shell/make-build combinations:
When a non-MSYS2 GNU Make runs inside an MSYS2 shell, Make executes
the detection command as-is via `CreateProcess()`. It fails because
`command` is an `sh` built-in. Ensure to explicitly invoke the shell.
- Initialize user-customizable variables:
Silences a list of warnings when running GNU Make with the option
`--warn-undefined-variables`. Another benefit is that it's now easy
to look up all user-customizable `Makefile.mk` variables by grepping
for ` ?=` in the curl source tree.
Suggested-by: Gisle Vanem
Ref: https://github.com/curl/curl/pull/9764#issuecomment-1330674433
- Fix `MKDIR` invocation:
Avoid a warning and potential issue in envs without forward-slash
support.
Daniel Stenberg [Thu, 1 Dec 2022 08:21:04 +0000 (09:21 +0100)]
runtests: do CRLF replacements per section only
The `crlf="yes"` attribute and "hyper mode" are now only applied on a
subset of dedicated sections: data, datacheck, stdout and protocol.
Updated test 2500 accordingly.
Also made test1 use crlf="yes" for <protocol>, mostly because it is
often used as a template test case. Going forward, using this attribute
we should be able to write test cases using linefeeds only and avoid
mixed line ending encodings.
Stefan Eissing [Tue, 29 Nov 2022 15:41:15 +0000 (16:41 +0100)]
tests: add HTTP/3 test case, custom location for proper nghttpx
- adding support for HTTP/3 test cases via a nghttpx server that is
build with ngtcp2 and nghttp3.
- test2500 is the first test case, performing a simple GET.
- nghttpx is checked for support and the 'feature' nghttpx-h3
is set accordingly. test2500 will only run, when supported.
- a specific nghttpx location can be given in the environment
variable NGHTTPX or via the configure option
--with-test-nghttpx=<path>
Extend NGHTTPX config to H2 tests as well
* use $ENV{NGHTTPX} and the configured default also in http2 server starts
* always provide the empty test/nghttpx.conf to nghttpx. as it defaults to
reading /etc/nghttpx/nghttpx.conf otherwise.
Daniel Stenberg [Mon, 28 Nov 2022 09:27:28 +0000 (10:27 +0100)]
curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS
As OpenSSL's include files are all included using <openssl/*.h> in curl
source code, we just risk that existing openssl files will "shadow"
include files without path if that path is provided.
Patrick Monnerat [Wed, 16 Nov 2022 16:40:11 +0000 (17:40 +0100)]
mime: relax easy/mime structures binding
Deprecation and removal of codeset conversion support from the library
have released the strict need for an early binding of mime structures to
an easy handle (https://github.com/curl/curl/commit/2610142).
This constraint currently forces to create the handle before the mime
structure and the latter cannot be attached to another handle once
created (see https://curl.se/mail/lib-2022-08/0027.html).
This commit removes the handle pointers from the mime structures
allowing more flexibility on their use.
When an easy handle is duplicated, bound mime structures must however
still be duplicated too as their components hold send-time dynamic
information.
fractal-access [Thu, 10 Nov 2022 15:20:28 +0000 (16:20 +0100)]
test416: verify growing FTP file support
Added setting: RETRSIZE [size] in the <servercmd> section. When set this
will cause the test FTP server to return the size set (rather than the
actual size) in the acknowledgement from a RETR request.
fractal-access [Wed, 19 Oct 2022 13:37:44 +0000 (14:37 +0100)]
ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH
When using the option CURLOPT_IGNORE_CONTENT_LENGTH (set.ignorecl in
code) to support growing files in FTP, the code should ignore the
initial size it gets from the server as this will not be the final size
of the file. This is done in ftp_state_quote() to prevent a size request
being issued in the initial sequence. However, in a later call to
ftp_state_get_resp() the code attempts to get the size of the content
again if it doesn't already have it, by parsing the response from the
RETR request. This fix prevents this parsing of the response to get the
size when the set.ignorecl option is set. This should maintain the size
value as -1, unknown, in this situation.
Daniel Stenberg [Sat, 19 Nov 2022 14:58:35 +0000 (15:58 +0100)]
runtests: --no-debuginfod now disables DEBUGINFOD_URLS
Prior to this change, DEBUGINFOD_URLS was always disabled by runtests
due to a report of it slowing down tests. However, some setups need it
to fetch debug symbols, and if it is disabled on those systems then curl
tests with valgrind will fail.
Casey Bodley [Mon, 21 Nov 2022 19:56:13 +0000 (14:56 -0500)]
test/aws_sigv4: test cases for content-sha256
1956 adds the sha256 value corresponding to an empty buffer
1957 adds an arbitrary value and confirms that the signature differs from 1956
1958 adds whitespace to 1957 and confirms that the signature matches 1957
1959 adds a value longer than 'char sha_hex[65]' in Curl_output_aws_sigv4()
Casey Bodley [Tue, 25 Oct 2022 22:46:58 +0000 (18:46 -0400)]
aws_sigv4: consult x-%s-content-sha256 for payload hash
`Curl_output_aws_sigv4()` doesn't always have the whole payload in
memory to generate a real payload hash. this commit allows the user to
pass in a header like `x-amz-content-sha256` to provide their desired
payload hash
some services like s3 require this header, and may support other values
like s3's `UNSIGNED-PAYLOAD` and `STREAMING-AWS4-HMAC-SHA256-PAYLOAD`
with special semantics. servers use this header's value as the payload
hash during signature validation, so it must match what the client uses
to generate the signature
CURLOPT_AWS_SIGV4.3 now describes the content-sha256 interaction
Daniel Stenberg [Tue, 22 Nov 2022 07:25:50 +0000 (08:25 +0100)]
test1662: verify formpost, 301 redirect, no rewind possible
Reproduces #9735 and verifies the subsequent fix. The original issue
uses a pipe that cannot be rewound, but this test case instead sets a
callback without rewind ability to get roughly the same properties but
being a much more portable test.
Daniel Stenberg [Tue, 22 Nov 2022 07:25:50 +0000 (08:25 +0100)]
lib: rewind BEFORE request instead of AFTER previous
This makes a big difference for cases when the rewind is not actually
necessary to perofm (for example HTTP response code 301 converts to GET)
and therefore the rewind can be avoided. In particular for situations
when that rewind fails, for example when reading from a pipe or similar.
Reported-by: Ali Utku Selen
Fixes #9735
Closes #9958
openssl: silence compiler warning when not using IPv6
In non-IPv6 builds the conn parameter is unused, and compilers which
run with "-Werror=unused-parameter" (or similar) warnings turned on
fails to build. Below is an excerpt from a CI job:
Stefan Eissing [Tue, 22 Nov 2022 08:55:41 +0000 (09:55 +0100)]
vtls: localization of state data in filters
- almost all backend calls pass the Curl_cfilter intance instead of
connectdata+sockindex
- ssl_connect_data is remove from struct connectdata and made internal
to vtls
- ssl_connect_data is allocated in the added filter, kept at cf->ctx
- added function to let a ssl filter access its ssl_primary_config and
ssl_config_data this selects the propert subfields in conn and data,
for filters added as plain or proxy
- adjusted all backends to use the changed api
- adjusted all backends to access config data via the exposed
functions, no longer using conn or data directly
cfilter renames for clear purpose:
- methods `Curl_conn_*(data, conn, sockindex)` work on the complete
filter chain at `sockindex` and connection `conn`.
- methods `Curl_cf_*(cf, ...)` work on a specific Curl_cfilter
instance.
- methods `Curl_conn_cf()` work on/with filter instances at a
connection.
- rebased and resolved some naming conflicts
- hostname validation (und session lookup) on SECONDARY use the same
name as on FIRST (again).
new debug macros and removing connectdata from function signatures where not
needed.
adapting schannel for new Curl_read_plain paramter.
Daniel Stenberg [Tue, 22 Nov 2022 08:32:42 +0000 (03:32 -0500)]
examples/10-at-a-time: fix possible skipped final transfers
Prior to this change if curl_multi_perform returned 0 running handles
and then all remaining transfers were added, then the perform loop would
end immediately without performing those transfers.
Viktor Szakats [Tue, 22 Nov 2022 08:25:05 +0000 (08:25 +0000)]
Makefile.mk: portable Makefile.m32
Update bare GNU Make `Makefile.m32` to:
- Move objects into a subdirectory.
- Add support for MS-DOS. Tested with DJGPP.
- Add support for Watt-32 (on MS-DOS).
- Add support for AmigaOS.
- Rename `Makefile.m32` to `Makefile.mk`
- Replace `ARCH` with `TRIPLET`.
- Build `tool_hugehelp.c` proper (when tools are available).
- Drop MS-DOS compatibility macro `USE_ZLIB` (replaced by `HAVE_LIBZ`)
- Add support for `ZLIB_LIBS` to override `-lz`.
- Omit object files when building examples.
- Default `CC` to `gcc` once again, for convenience. (Caveat: compiler
name `cc` cannot be set now.)
- Set `-DCURL_NO_OLDIES` for examples, like autotools does.
- Delete `makefile.dj` files. Notice the configuration details and
defaults are not retained with the new method.
- Delete `makefile.amiga` files. A successful build needs a few custom
options. We're also not retaining all build details from the existing
Amiga make files.
- Rename `Makefile.m32` to `Makefile.mk` to reflect that they are not
Windows/MinGW32-specific anymore.
- Add support for new `CFG` options: `-map`, `-debug`, `-trackmem`
- Set `-DNDEBUG` by default.
- Allow using `-DOS=...` in all `lib/config-*.h` headers, syncing this
with `config-win32.h`.
- Look for zlib parts in `ZLIB_PATH/include` and `ZLIB_PATH/lib`
instead of bare `ZLIB_PATH`.
Note that existing build configurations for MS-DOS and AmigaOS likely
become incompatible with this change.
Example AmigaOS configuration:
```
export CROSSPREFIX=/opt/amiga/bin/m68k-amigaos-
export CC=gcc
export CPPFLAGS='-DHAVE_PROTO_BSDSOCKET_H'
export CFLAGS='-mcrt=clib2'
export LDFLAGS="${CFLAGS}"
export LIBS='-lnet -lm'
make -C lib -f Makefile.mk
make -C src -f Makefile.mk
```
Example MS-DOS configuration:
```
export CROSSPREFIX=/opt/djgpp/bin/i586-pc-msdosdjgpp-
export WATT_PATH=/opt/djgpp/net/watt
export ZLIB_PATH=/opt/djgpp
export OPENSSL_PATH=/opt/djgpp
export OPENSSL_LIBS='-lssl -lcrypt'
export CFG=-zlib-ssl
make -C lib -f Makefile.mk
make -C src -f Makefile.mk
```
Jay Satiro [Mon, 14 Nov 2022 08:30:30 +0000 (03:30 -0500)]
sendf: change Curl_read_plain to wrap Curl_recv_plain (take 2)
Prior to this change Curl_read_plain would attempt to read the
socket directly. On Windows that's a problem because recv data may be
cached by libcurl and that data is only drained using Curl_recv_plain.
Rather than rewrite Curl_read_plain to handle cached recv data, I
changed it to wrap Curl_recv_plain, in much the same way that
Curl_write_plain already wraps Curl_send_plain.
This fixes a bug in the schannel backend where decryption of arbitrary
TLS records fails because cached recv data is never drained. We send
data (TLS records formed by Schannel) using Curl_write_plain, which
calls Curl_send_plain, and that may do a recv-before-send
("pre-receive") to cache received data. The code calls Curl_read_plain
to read data (TLS records from the server), which prior to this change
did not call Curl_recv_plain and therefore cached recv data wasn't
retrieved, resulting in malformed TLS records and decryption failure
(SEC_E_DECRYPT_FAILURE).
The bug has only been observed during Schannel TLS 1.3 handshakes. Refer
to the issue and PR for more information.
--
This is take 2 of the original fix. It preserves the original behavior
of Curl_read_plain to write 0 to the bytes read parameter on error,
since apparently some callers expect that (SOCKS tests were hanging).
The original fix which landed in 12e1def5 and was later reverted in 18383fbf failed to work properly because it did not do that.
Also, it changes Curl_write_plain the same way to complement
Curl_read_plain, and it changes Curl_send_plain to return -1 instead of
0 on CURLE_AGAIN to complement Curl_recv_plain.
Behavior on error with these changes:
Curl_recv_plain returns -1 and *code receives error code.
Curl_send_plain returns -1 and *code receives error code.
Curl_read_plain returns error code and *n (bytes read) receives 0.
Curl_write_plain returns error code and *written receives 0.
HTTP/3 needs a special filter chain, since it does the TLS handling
itself. This PR adds special setup handling in the HTTP protocol handler
that takes are of it.
When a handler, in its setup method, installs filters, the default
behaviour for managing the filter chain is overridden.
Reported-by: Karthikdasari0423 on github
Fixes #9931
Closes #9945
projects / thirdparty / curl.git / log
