Stefan Eissing [Fri, 12 Jun 2026 10:02:08 +0000 (12:02 +0200)]
lib: transfer origin and proxy handling
Add `data->state.origin` as the origin the transfer is sending the
current request to/gets the response from. Use it for request specific
properties like authentication, hsts and cookie handling, etc.
Unless talking to a forwarding HTTP proxy (e.g. not tunneling),
`data->state.origin` and `conn->origin` are the same.
With a forwarding HTTP proxy in play, `conn->origin` is set to
`conn->http_proxy.peer` and `conn->bits.origin_is_proxy` (a new bit) is
set.
Viktor Szakats [Sun, 7 Jun 2026 23:21:44 +0000 (01:21 +0200)]
socket: introduce `SOCK_EAGAIN()` and use it
To contain the logic of checking for both `EWOULDBLOCK` and/or `EAGAIN`
depending on platform/availability. Also to avoid checking for both if
they mapp to the same value, and to avoid PP guards around use.
This also ensures `EAGAIN` is consistently not checked on Windows, where
headers defined it, but `SOCKERRNO` never returns it, because curl maps
it to `WSAGetLastError()`.
If they map to the same value, checking them both in an `if` expression
trips GCC warning `-Wlogical-op` (the same way it triggers duplicate
case value error in `switch`).
Also:
- replace two `switch()` statements with the new macro.
- tests/server/sws: make two outliers use the new macro that were only
checking for `EWOULDBLOCK` before this patch, in `connect_to()`.
- move variables to the left-side of expressions, where missing.
- rustls: use a variant of this macro that uses raw `EWOULDBLOCK`.
Tried tracing it back to the origins, but I couldn't figure out if
this is working as expected on all supported Windows versions in
Rust. It seems to be using `GetLastError()`, according to
https://docs.rs/system_error/0.2.0/system_error/, which would be
probably incorrect.
Notes:
- it's probably a good idea to assign `SOCKERRNO` to a variable before
passing it to this macro.
Viktor Szakats [Fri, 12 Jun 2026 15:51:22 +0000 (17:51 +0200)]
AmigaOS: fix build fallouts, re-add to CI
Fix build issues:
- src: adjust `toolx_ftruncate()`.
- libtests/cli_ftp_upload: make `struct timeval` initialization portable.
- libtests/lib1960: do unconst in local `inet_pton()` macro.
- tests/server/dnsd: make it stub instead of failing the build.
- tests/server: make them link AmiSSL for `SocketBase`.
Also:
- bump AmiSSL to the latest release.
- add download hash checks and toolchain cache.
- sync restored code with local updates made since last year.
Stefan Eissing [Fri, 12 Jun 2026 10:33:44 +0000 (12:33 +0200)]
schannel: fix https proxy for client cert and certinfo
When schannel operates in front of a proxy, it needs to use the proxy
ssl configs, not the transfers ones. Choose the configs as it is done in
other TLS backends.
Prior to this change the client cert for the destination was mistakenly
also used as the client cert for the proxy.
Prior to this change the proxy server certificate info was mistakenly
saved as the destination cert info. However, if the destination was a
TLS connection, the real destination cert info would overwrite the
proxy cert info. libcurl currently does not support proxy server cert
info AFAICT (see discussion in #21986).
Viktor Szakats [Thu, 11 Jun 2026 22:42:55 +0000 (00:42 +0200)]
telnet: fix old copy-paste typo in variable name
This code lacks tests, though we agreed it looks plausible enough to
merge it based on surrounding code. Even though this line has been
present for a long time. If you use this code, please report any results
or issues.
Darren Banfi [Fri, 12 Jun 2026 11:12:06 +0000 (12:12 +0100)]
AmigaOS: curl_setup.h avoid explicit_bzero with clib2
clib2 defines __NEWLIB__ after its system headers are included, but it
does not provide explicit_bzero().
curl therefore selects the explicit_bzero() path and fails to build with
m68k-amigaos-gcc:
```
../lib/curl_setup.h:1650:35: error: implicit declaration of function 'explicit_bzero' [-Werror=implicit-function-declaration]
1650 | #define curlx_memzero(buf, size) explicit_bzero(buf, size)
| ^~~~~~~~~~~~~~
curlx/strdup.c:115:5: note: in expansion of macro 'curlx_memzero'
115 | curlx_memzero(buf, size);
| ^~~~~~~~~~~~~
```
Excluding __CLIB2__ from the generic __NEWLIB__ branch makes curl use
its existing portable curlx_memzero() fallback. The full AmigaOS build
then completes successfully.
I've tested the following on Amiga OS 3.2.3 with this patch and latest
build.
- HTTP and HTTPS transfers
- AmiSSL certificate handling
- redirects
- downloads and file output
- timeout handling with the expected exit code 28
- repeated execution with clean exits
- no crashes or regressions observed
Viktor Szakats [Fri, 12 Jun 2026 00:13:03 +0000 (02:13 +0200)]
GHA: drop `brew update` from all jobs
After adding it a month ago (where missing) to fix a failure.
Removing this time to fix a different failure (on Linux), and also to
improve CI performance. Some install steps take over a minute, most of
that spent on `brew update`.
GH runner images also enabled extra taps which may contribute to further
delays, and seen to make it more fragile if GH itself struggles (taps
are hosted there.)
Daniel Stenberg [Thu, 11 Jun 2026 14:58:28 +0000 (16:58 +0200)]
libtests: add and use tutil_throwaway_cb
This is an implementation of a CURLOPT_WRITEFUNCTION callback that just
throws away the content and returns success. Saves us from having to
reimplement it many times in different tests.
Fabian Keil [Sun, 7 Jun 2026 11:52:46 +0000 (13:52 +0200)]
tests: add the "--resolve" keyword to tests that lack it
... even though they use the curl option "--resolve".
This makes it more convenient to choose or skip the tests.
For example Privoxy's cts test framework relies on the "--resolve"
keyword when executing the "upstream-tests" scenario to skip curl
tests that aren't expected to work when the requests are made through
Privoxy. While some of the modified tests are already skipped for
other reasons through other means when testing Privoxy, it's good to
be consistent.
Viktor Szakats [Thu, 11 Jun 2026 15:41:21 +0000 (17:41 +0200)]
GHA/windows: bump Cygwin Action and adjust version number
It seems the commit hash behind the v6.1 tag is changing, and the latest
version is actually v6.0.2, which is currently mapped to the v6.1 hash.
Fixing:
```
warning[ref-version-mismatch]: action's hash pin has mismatched or missing version comment
--> .github/workflows/windows.yml:98:87
|
98 | - uses: cygwin/cygwin-install-action@711d29f3da23c9f4a1798e369a6f01198c13b11a # v6.1
| --------------------------------------------------------------------------- ^^^^ points to commit 3f0a3f9f988f
| |
| is pointed to by tag v6.0.1
```
Stefan Eissing [Thu, 11 Jun 2026 07:37:46 +0000 (09:37 +0200)]
h3proxy: no stream userdata
Do not set the easy handle opening a proxy tunnel as userdata on the
stream. The ease handle might go out of scope long before the tunnel
stream is closed.
Viktor Szakats [Thu, 16 Apr 2026 08:52:57 +0000 (10:52 +0200)]
build: enable `-Wformat-signedness`, fix issues found
Adjust code to avoid `-Wformat-signedness` warnings, while making sure
that enums are always cast to a known type when passing them to `printf`
functions, to support compilers and compiler settings where enums are
not default-size signed ints.
- cast integers printed as hex to `unsigned`. (63 times, 20 of them in
`mbedtls.c`)
- cast misc enums to `int` for printing. (31 times)
- cast `CURL_LOCK_DATA_*` enums to `int`. (4 times)
- cast `CURL_FORMADD_*` enums to `int`. (13 times)
- cast `CURLSHE_*` enums to `int`. (3 times)
- cast `CURLUE_*` enums to `int`. (33 times)
- cast `CURLMSG_*` enums to `int`. (6 times)
- cast `CURLE_*` enums to `int`. (~380 times)
- unit1675: fix mask.
Follow-up to 7c34365ccea19949317878c7fcd5f7376e2e09f1 #21879
Stefan Eissing [Fri, 5 Jun 2026 10:55:50 +0000 (12:55 +0200)]
ngtcp2: share common functionality
Share common functions/structs between ngtcp2 HTTP/3 and the proxy
version.
Fix bugs in proxy implementation when it comes to stream and pollset
handling and transfer lifetimes.
Curl_multi_xfer_sockbuf_borrow: work without multi
When a connection gets shutdown by a share, the easy handle used is
share->admin and it does not have a multi handle. In that case let
Curl_multi_xfer_sockbuf_borrow() allocate a buffer to be freed on
release.
This happens when a TLS filter sends its last notify through a HTTP/3
proxy tunnel.
Viktor Szakats [Tue, 9 Jun 2026 17:57:38 +0000 (19:57 +0200)]
appveyor: bump 3 VS2022 jobs to VS2026
Also:
- install CMake 4.2.1 manually for VS2026 jobs, because the preinstalled
version (4.1.2) does not yet support the compatible generator.
- VisualStudioSolution VS2010 job to VS2015 worker image (from VS2013).
VS2013 is no longer listed on the AppVeyor support page.
- downgrade OpenSSL to 3.5 (from 3.6) for the VS2022 job, to add
variation.
Note: the jobs run much slower after bumping to VS2026. This seems to be
due slower configure and build steps.
Daniel Stenberg [Tue, 9 Jun 2026 12:25:51 +0000 (14:25 +0200)]
tests: enhance names, remove duplicates
- test 1030: remove, duplicate of 154
- test 1105: make name unique
- test 161: make name reflect what it tests
- test 2074: correct the name
- test 310: improve name
- test 358: correct the name
- test 409: removed, duplicate of 401
- test 472: clarify the test name (how it differs from 439)
- test 1509: update name
- test 527: duplicate of 526
- test 758: separate the name from 530
- test 611: duplicate of 608, remove
- test 639: adjust the name
- test 688: minor name tweak to clarify
- test 708: enhance name
- test 800/847: clarify the names
- test 1520: dedupe the name
- test 962: enhance name
- test 1196/2203: enhanced names
- test 1211: name tweak
- test 1256/1257: enhance the names
- test 1483: fix name
- test 1541: fix name
- test 1553: fix name
- test 1609: removed, exact duplicate of 1607
- test 2200: fix name
- test 3031: corret the name
- test 3016/3203: fix names and keywords
- test 3201/3220: enhance names
- test 3212: fix name
- add missing FILE keywords
- drop FAILURE as keyword
Yedaya Katsman [Mon, 8 Jun 2026 19:48:45 +0000 (22:48 +0300)]
cf-socket: store errno from do_connect in ctx->error
This fixes a misleading log in verbose mode when ipv6 connectivity isn't
available, presumably also in other cases:
```
* Immediate connect fail for 2a00:1450:4028:806::200e: Network is unreachable
* connect to 2a00:1450:4028:806::200e port 443 from :: port 0 failed: Success
```
Daniel Stenberg [Mon, 8 Jun 2026 14:37:44 +0000 (16:37 +0200)]
cookie: tailmatch the domains for secure override
If a SECURE cookie is set for a sub-domain (`example.com`) and is then
attempted to get set again for more specific part of that domain
(`www.example.com`) without the SECURE property, the second occurance
should not be allowed.
Reported-by: Trail of Bits
Verified by test 3305
Closes #21910
Stefan Eissing [Mon, 8 Jun 2026 14:57:01 +0000 (16:57 +0200)]
ws: make pong sending lazy
Do not send PONG frames unless there is sufficient space left in the
websocket send buffer. A server might be lazy in reading our data and
intermediary PONG frames can be skipped by a client (RFC 6455, ch.
5.5.3).
Add test case measuring no real RSS increase on a server blasting with
PING frames.
Viktor Szakats [Tue, 9 Jun 2026 00:08:30 +0000 (02:08 +0200)]
pytest: close file handles after use (cont.), and tidy-ups
- dante.py, dnsd.py, sshd.py: drop redundant conditions.
Spotted in sshd by GitHub Code Quality.
- curl.py: comment out `if` to silence CodeQL warning.
Daniel Stenberg [Mon, 8 Jun 2026 21:21:55 +0000 (23:21 +0200)]
digest: escape control codes too
Since the username is decoded when used and control codes are accepted
in HTTP usernames in general, the username encoding for the Digest auth
needs to percent encode such bytes.
Viktor Szakats [Mon, 8 Jun 2026 11:56:49 +0000 (13:56 +0200)]
checksrc-all.pl: do not check files multiple times
Restrict `git ls-files` to return `*.[ch]` files within `$dir` only.
Before this patch it returned files in subdirectories too, which did
double work and may have made `checksrc.pl` pick `.checksrc` from the
first such subdirectory, masking the one in `$dir`. (current curl tree
is not affected)
alhudz [Mon, 8 Jun 2026 05:07:34 +0000 (10:37 +0530)]
chunked: reject invalid bytes in trailer
Trailers are delivered to the application as headers via
CLIENTWRITE_TRAILER, but unlike regular response headers they skipped
the verify_header() checks, so a server could smuggle a nul byte (or
stray CR) into a header reaching CURLOPT_HEADERFUNCTION and
curl_easy_header().
Run each assembled trailer line through Curl_verify_header(), the same
validation used for normal headers.
Stefan Eissing [Mon, 8 Jun 2026 08:11:30 +0000 (10:11 +0200)]
ssl native_ca_store: always reinit
Add bit `native_ca_store_opt` to keep the setting of
CURLOPT_(PROXY_)SSL_OPTIONS and use that to calculate every easy
transfer if a native CA store shall be used or not.
This avoids `native_ca_store` getting stuck on TRUE after being set
once.
Stefan Eissing [Tue, 2 Jun 2026 09:10:10 +0000 (11:10 +0200)]
progress: fx CURLINFO time reporting
Whack the times reported for a transfer (see
https://curl.se/libcurl/c/curl_easy_getinfo.html#TIMES) into order for
all variations of up-/download, http/ftp etc. Make sure they are
reported in the documented order.
There is still the *possibility* of PRETRANSFER being longer then
POSTTRANSFER, if a server sends a response before an upload is done.
POST is the time the first response byte is received, and PRE is the
time the last byte was sent by curl.
This may happen with more likelihood on HTTP/2 and 3 for a server
rejected upload. But for successful uploads, the answer will almost over
come afterwards.
Undo the previous twists in lib500.c tests, adjust pytest timeline
checks.
Fixes #21828 Reported-by: BazaarAcc32 on github
Closes #21843
projects / thirdparty / curl.git / log
