Jay Satiro [Sun, 13 Feb 2022 21:58:04 +0000 (16:58 -0500)]
projects: Update VC version names for VS2017, VS2022
- Rename VC15 -> VC14.10, VC17 -> VC14.30.
The projects directory that holds the pre-generated Visual Studio
project files uses VC<ver> to indicate the MSVC version. At some point
support for Visual Studio 2017 (Visual Studio version 15 which uses MSVC
14.10) was added as VC15. Visual Studio 2022 (Visual Studio version 17
which uses MSVC 14.30) project files were recently added and followed
that same format using VC17.
There is no such MSVC version (yet) as VC15 or VC17.
For VS 2017 for example, the name we use is correct as either VS17,
VS2017, VC14.10. I opted for the latter since we use VC for earlier
versions (eg VC10, VC12, etc).
Marc Hoersken [Mon, 14 Mar 2022 23:16:46 +0000 (00:16 +0100)]
tests/server/util.h: align WIN32 condition with util.c
There is no need to test for both _WIN32 and WIN32 as curl_setup.h
automatically defines the later if the first one is defined.
Also tests/server/util.c is only checking for WIN32 arouund the
implementation of win32_perror, so just defining _WIN32
would not be sufficient for a successful compilation.
Reviewed-by: Daniel Stenberg Reviewed-by: Jay Satiro
Closes #8594
Jay Satiro [Thu, 17 Mar 2022 19:31:10 +0000 (15:31 -0400)]
gtls: fix build for disabled TLS-SRP
Prior to this change if, at build time, the GnuTLS backend was found to
have TLS-SRP support (HAVE_GNUTLS_SRP) but TLS-SRP was disabled in curl
via --disable-tls-srp (!USE_TLS_SRP) then a build error would occur.
Bug: https://curl.se/mail/lib-2022-03/0046.html Reported-by: Robert Brose
Closes https://github.com/curl/curl/pull/8604
Jay Satiro [Sat, 12 Mar 2022 23:23:12 +0000 (18:23 -0500)]
docs/opts: Mention Schannel client cert type is P12
Schannel backend code behaves same as Secure Transport, it expects a P12
certificate file or the name of a certificate already in the user's OS
key store. Also, both backends ignore CURLOPT_SSLKEY (tool: --key)
because they expect the private key to already be available from the
keystore or P12 certificate.
Daniel Stenberg [Tue, 22 Mar 2022 10:14:45 +0000 (11:14 +0100)]
test1135: sync with recent API updates
This test verifies that the order of functions in public headers remain
the same but hasn't been updated to care for recently added header
files. The order is important for some few platforms - or VERSIONINFO
needs to updated.
Philip H [Tue, 15 Mar 2022 18:39:43 +0000 (19:39 +0100)]
mlc_config.json: add file to ignore known troublesome URLs
This is the config file for the CI markdown link checker and lets us
filter URLs that are known to cause problems. Like
https://curl.zuul.vexxhost.dev/ for now.
Jay Satiro [Mon, 28 Feb 2022 19:28:37 +0000 (14:28 -0500)]
rtsp: don't let CSeq error override earlier errors
- When done, if an error has already occurred then don't check the
sequence numbers for mismatch.
A sequence number may not have been received if an error occurred.
Prior to this change a sequence mismatch error would override earlier
errors. For example, a server that returns nothing would cause error
CURLE_GOT_NOTHING in Curl_http_done which was then overridden by
CURLE_RTSP_CSEQ_ERROR in rtsp_done.
Jay Satiro [Wed, 9 Feb 2022 08:19:01 +0000 (03:19 -0500)]
mk-ca-bundle.pl: Use stricter logic to process the certificates
.. and bump version to 1.29.
This change makes the script properly ignore unknown blocks and
otherwise fail when Mozilla changes the certdata format in ways we
don't expect. Though this is less flexible behavior it makes it far less
likely that an invalid certificate can slip through.
Prior to this change the state machine did not always properly reset,
and it was possible that a certificate marked as invalid could then
later be marked as valid when there was conflicting trust info or
an unknown block was erroneously processed as part of the certificate.
Daniel Stenberg [Wed, 16 Mar 2022 22:12:28 +0000 (23:12 +0100)]
http: reject header contents with nul bytes
They are not allowed by the protocol and allowing them risk that curl
misbehaves somewhere where C functions are used but won't work on the
full contents. Further, they are not supported by hyper and they cause
problems for the new coming headers API work.
Updated test 262 to verify and enabled it for hyper as well
Jay Satiro [Sat, 12 Mar 2022 23:48:18 +0000 (18:48 -0500)]
libssh: Improve fix for missing SSH_S_ stat macros
- If building libcurl against an old libssh version missing SSH_S_IFMT
and SSH_S_IFLNK then use the values from a supported version.
Prior to this change if libssh did not define SSH_S_IFMT and SSH_S_IFLNK
then S_IFMT and S_IFLNK, respectively, were used instead. The problem
with that is the user's S_ stat macros don't have the same values across
platforms. For example Windows has values different from Linux.
Marc Hoersken [Sat, 26 Feb 2022 13:34:42 +0000 (14:34 +0100)]
tool and tests: force flush of all buffers at end of program
On Windows data can be lost in buffers in case of abnormal program
termination, especially in process chains as seen due to flaky tests.
Therefore flushing all buffers manually should avoid this data loss.
In the curl tool we play the safe game by only flushing write buffers,
but in the testsuite where we manage all buffers, we flush everything.
This should drastically reduce Windows CI and testsuite flakiness.
Reviewed-by: Daniel Stenberg
Supersedes #7833 and #6064
Closes #8516
Dan Fandrich [Fri, 5 Nov 2021 05:02:05 +0000 (22:02 -0700)]
tool_cb_hdr: Turn the Location: into a terminal hyperlink
This turns even relative URLs into clickable hyperlinks in a supported
terminal when --styled-output is enabled. Many terminals already turn
URLs into clickable links but there is not enough information in a
relative URL to do this automatically otherwise.
Jay Satiro [Wed, 9 Feb 2022 08:45:50 +0000 (03:45 -0500)]
mk-ca-bundle.vbs: delete this script in favor of mk-ca-bundle.pl
mk-ca-bundle.vbs is a Windows-specific script for Mozilla certificate
extraction, similar to mk-ca-bundle.pl which runs on any platform. The
vbs version has not been maintained while the perl version has been
maintained with improvements and security fixes. I don't think it's
worth the work to maintain both versions. Windows users should be able
to use mk-ca-bundle.pl without any problems, as long as they have perl.
configure.ac: move -pthread CFLAGS setting back where it used to be
The fix for #8276 proposed in #8374 set `CFLAGS="$CFLAGS -pthead"`
earlier than it used to be set, applying it in cases where it should not
have been applied.
This moves the AIX XLC check to a new `case $host in` block inside of
the `if test "$USE_THREADS_POSIX" != "1"` block, where `CFLAGS="$CFLAGS
-pthead"` used to happen.
Daniel Stenberg [Wed, 9 Mar 2022 09:00:21 +0000 (10:00 +0100)]
curl: error out when options need features not present in libcurl
Trying to use a proxy when libcurl was built with proxy support disabled
should make curl error out properly.
Remove knowledge of disabled features from the tool code and instead
make it properly respond to what libcurl returns. Update all tests to
properly require the necessary features to be present/absent so that the
test suite can still be run even with libcurl builds with disabled
features.
Don [Tue, 8 Mar 2022 18:44:34 +0000 (10:44 -0800)]
nonblock: restore setsockopt method to curlx_nonblock
The implementation using setsockopt was removed when BeOS support was
purged. However this functionality wasn't BeOS specific, it is still
used by for example Orbis OS (Playstation 4/5 OS).
lwthiker [Mon, 28 Feb 2022 09:05:34 +0000 (11:05 +0200)]
openssl: enable CURLOPT_SSL_EC_CURVES with BoringSSL
The CURLOPT_SSL_EC_CURVES option (used by the '--curves' flag) in
libcurl was ignored when compiling with BoringSSL because
HAVE_SSL_CTX_SET_EC_CURVES was explicitly disabled if BoringSSL was
detected. However, this feature is supported in BoringSSL since 5fd1807d. This commit enables it, and also reduces the required minimal
OpenSSL version to 1.0.2 as per OpenSSL's official documentation.
Paul Howarth [Sun, 6 Mar 2022 13:13:34 +0000 (13:13 +0000)]
runtests: make 'oldlibssh' be before 0.9.4
The 'oldlibssh' feature indicates that the error code returned by libssh
for a broken known_hosts file should be 67 rather than 60 (test1459).
This feature was added as part of #8444 with 'oldlibssh' mapping to
libssh versions prior to 0.9.6, and then refined as part of #8511 to map
to versions prior to 0.9.5.
In Red Hat Enterprise Linux 8.5 there is a patched version of libssh
version 0.9.4 (https://git.centos.org/rpms/libssh/blob/c8/f/SOURCES) in
which test1459 fails because it returns the "new" value rather than the
"old" one. It's plausible that one of the patches is responsible for
this rather than the underlying code but I don't think so.
This change therefore drops the 'oldlibssh' version check to map to
libssh versions older than 0.9.4, which fixes builds on RHEL-8.
projects / thirdparty / curl.git / log
