With the new addition of OpenSSL QUIC API support and the support in
ngtcp2 main branch, make the necessary adjustments in curl to support
this combination.
- add support in configure.ac to detect the feature OPENSSL_QUIC_API2 in
openssl
- initialise ngtcp2 properly in this combination
- add a Curl_vquic_init() for global initialisation that ngtcp2 likes
for performance reasons
- add documentation on how to build in docs/HTTP3.md
- add CI testing in http3-linux.yml
Assisted-by: Viktor Szakats
Closes#17027
Try to enforce that the Rustls vTLS backend is only used with
rustls-ffi 0.15 - the documentation already describes this as
the required version.
Follow-up from https://github.com/curl/curl/issues/16890Closes#16922
The omitted link checks were not what I though they were. Omitting one
caused a mis-detection on Solaris, where the compile check alone
mis-detects `CloseSocket` as present.
Restore link checks for these functions:
`closesocket`, `ioctlsocket`, `socket`, `freeaddrinfo`, `getaddrinfo`,
`gethostname`, `getpeername`, `getsockname`,
`CloseSocket` (AmigaOS), `IoctlSocket` (AmigaOS).
Also re-sync link check code snippets with the ones in current master.
Partial revert of, regression from bd9f9b085aa242a5e93be0b2da96ce498d7813c4 #16377
Reported-by: Dagobert Michelsen
Bug: https://curl.se/mail/lib-2025-04/0004.htmlFixes#16915Closes#16917
It seems unnecessary and possibly unexpected to build test servers with
debug-enabled features and memory tracking whenever the tested curl is
built like that (which is a requirement for some tests, so curl is
mostly built like that when running tests.) It also makes building
servers a little bit faster with cmake for the most common cases.
You can apply debug options to `tests/server` with these new options:
- `./configure`: `--enable-server-debug`.
- cmake: `-DENABLE_SERVER_DEBUG`.
Also sync the way we pass these macros in autotools, with CMake builds.
Before this patch, autotools passed them via `curl_config.h`. After this
patch it passes them on the command-line, like cmake builds do.
This patch also make these option no longer passed to examples and
`http/client` in cmake builds, where they were no-ops anyway.
Ref: #15000Closes#16705
The issues found fell into these categories, with the applied fixes:
- const was accidentally stripped.
Adjust code to not cast or cast with const.
- const/volatile missing from arguments, local variables.
Constify arguments or variables, adjust/delete casts. Small code
changes in a few places.
- const must be stripped because an API dependency requires it.
Strip `const` with `CURL_UNCONST()` macro to silence the warning out
of our control. These happen at API boundaries. Sometimes they depend
on dependency version, which this patch handles as necessary. Also
enable const support for the zlib API, using `ZLIB_CONST`. Supported
by zlib 1.2.5.2 and newer.
- const must be stripped because a curl API requires it.
Strip `const` with `CURL_UNCONST()` macro to silence the warning out
of our immediate control. For example we promise to send a non-const
argument to a callback, though the data is const internally.
- other cases where we may avoid const stripping by code changes.
Also silenced with `CURL_UNCONST()`.
- there are 3 places where `CURL_UNCONST()` is cast again to const.
To silence this type of warning:
```
lib/vquic/curl_osslq.c:1015:29: error: to be safe all intermediate
pointers in cast from 'unsigned char **' to 'const unsigned char **'
must be 'const' qualified [-Werror=cast-qual]
lib/cf-socket.c:734:32: error: to be safe all intermediate pointers in
cast from 'char **' to 'const char **' must be 'const' qualified
[-Werror=cast-qual]
```
There may be a better solution, but I couldn't find it.
These cases are handled in separate subcommits, but without further
markup.
If you see a `-Wcast-qual` warning in curl, we appreciate your report
about it.
Closes#16142
Apply downstream patch from the vcpkg project:
- cmake/FindBrotli: streamline detecting multiple pkg-config modules.
Add `libbrotlicommon` to `Requires.private` in `libcurl.pc`.
Apply the above idea to the rest of multi-module dependencies:
- cmake/FindMbedTLS: streamline detecting multiple pkg-config modules
Add `mbedx509`, `mbedcrypto` to `Requires.private` in `libcurl.pc`.
- cmake/FindLDAP: streamline detecting multiple pkg-config modules
And sync these changes with autotools, and add `libbrotlicommon`,
`mbedx509`, `mbedcrypto` to `Requires.private`.
Co-authored-by: Kai Pastor
Ref: https://github.com/microsoft/vcpkg/pull/43819Closes#16479
To avoid breaking the control flow and align to majority of code
already using `return`.
`exit()` has the side-effect of suppressing leak detection in cases.
Fix fallouts detected after switching to `return`.
- configure:
- fix `getaddrinfo` run test to call `freeaddrinfo()` to pacify ASAN,
and call `WSACleanup()` to deinit winsock2.
- fix `getifaddrs` run test to call `freeifaddrs()` to pacify ASAN.
- tests/server:
- setup `atexit(win32_cleanup)` via `win32_init()`.
- return 2 instead of 1 on winsock2 init failures.
- sws: goto cleanup instead of `exit()` in `http_connect()`.
Follow-up to 02dfe7193704817184b522888ffa926e6b73f648 #7235
- tests/client/http:
- cleanup memory to pacify ASAN in `h2-upgrade-extreme`,
`tls-session-reuse`.
- examples:
- block_ip: fix memory leak reported by CI.
- http2-upload: avoid handle leaks.
Untouched `exit()` calls, made from callbacks:
- docs/examples: ephiperfifo.c, ghiper.c, hiperfifo.c
- tests/libtest: lib582.c, lib655.c, lib670.c
- tests/server: tftpd.c
Closes#16507
Silence compiler warnings (200 of them across the main CI workflows):
```
warning #2193: null argument provided for parameter marked with attribute "nonnull"
warning: Null pointer passed to 1st parameter expecting 'nonnull' [core.NonNullParamChecker]
warning: Null pointer passed to 2nd parameter expecting 'nonnull' [core.NonNullParamChecker]
warning: argument 1 null where non-null expected [-Wnonnull]
warning: argument 2 null where non-null expected [-Wnonnull]
warning: comparison of unsigned expression in '< 0' is always false [-Wtype-limits]
warning: null argument where non-null required (argument 1) [-Wnonnull]
```
Also drop `if ... can be linked` feature checks that were identical to
`if ... is compilable` checks, for:
`closesocket`, `ioctlsocket`, `socket`, `freeaddrinfo`, `getaddrinfo`,
`gethostname`, `getpeername`, `getsockname`,
`CloseSocket` (AmigaOS), `IoctlSocket` (AmigaOS).
Another option is to really do the link checks. But, if they weren't
missed so far, it seems safer to drop than risk a detection failure,
as was the case with AmigaOS functions while working on this PR.
There remain 22 `-Wnonnull` warnings in `gethostbyname_r()`,
`getpeername()` `getsockname()`. Most of the rest is necessary for
detection, or originate from autotools and CMake detection code
templates. Some still fixable, like duplicate libs.
Follow-up to ca2f49ded03426a246b3db7833592157cdd7f597 #16287Closes#16377
It's fixed in gcc 5.5.0.
Example: https://godbolt.org/z/x6Th8q844
Seen in gcc 5.1.0, 5.4.0 (both 32/64-bit) with dl-mingw:
```
lib/rtsp.c: In function 'rtsp_parse_transport':
lib/rtsp.c:1025:36: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
rtp_channel_mask[idx] |= (unsigned char)(1 << off);
^
lib/mprintf.c: In function 'parsefmt':
lib/mprintf.c:526:31: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
usedinput[width/8] |= (unsigned char)(1 << (width&7));
^
lib/mprintf.c:544:35: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
usedinput[precision/8] |= (unsigned char)(1 << (precision&7));
^
lib/mprintf.c:559:29: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
usedinput[param/8] |= (unsigned char)(1 << (param&7));
^
lib/cfilters.c: In function 'Curl_pollset_change':
lib/cfilters.c:935:25: error: conversion to 'unsigned char' from 'int' may alter its value [-Werror=conversion]
ps->actions[i] |= (unsigned char)add_flags;
^
```
gcc 5.1.0: https://github.com/curl/curl/actions/runs/13413103492/job/37467698381#step:9:21
gcc 5.4.0: https://github.com/curl/curl/actions/runs/13413103492/job/37467694479#step:9:19Closes#16398
Fix or silence compiler warnings happening in feature detections
to reduce log noise. Warnings may also get promoted to errors in certain
cases, causing missed detections.
It reduces the number of warnings by 4500+ across the linux, linux-old,
macos, non-native and windows GHA workflows (~142 jobs).
Also move picky warning logic for MSVC/Borland to
`CMake/PickyWarnings.cmake. To make them listed in the picky-warnings
log output, and to also apply to feature detections to make them compile
under the same conditions as source code. The hope is to help catching
issues faster. It also improves code quality of feature tests.
Fixed/silenced:
```
warning #177: variable "dummy" was declared but never referenced
warning #177: variable "flag" was declared but never referenced
warning #177: variable "res" was declared but never referenced
warning #592: variable "s" is used before its value is set
warning #1011: missing return statement at end of non-void function "main"
warning #1786: function "SSL_CTX_set_srp_password" (declared at line 1888 of "/usr/include/openssl/ssl.h") was declared deprecated ("Since OpenSSL 3.0")
warning #1786: function "SSL_CTX_set_srp_username" (declared at line 1887 of "/usr/include/openssl/ssl.h") was declared deprecated ("Since OpenSSL 3.0")
warning #2332: a value of type "const char *" cannot be assigned to an entity of type "char *" (dropping qualifiers)
warning: 'SSL_CTX_set_srp_password' is deprecated [-Wdeprecated-declarations]
warning: 'SSL_CTX_set_srp_password' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
warning: 'SSL_CTX_set_srp_username' is deprecated [-Wdeprecated-declarations]
warning: 'SSL_CTX_set_srp_username' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
warning: 'b' is used uninitialized [-Wuninitialized]
warning: 'gethostname' redeclared without dllimport attribute: previous dllimport ignored [-Wattributes]
warning: Undefined or garbage value returned to caller [core.uninitialized.UndefReturn]
warning: Value stored to 'i' is never read [deadcode.DeadStores]
warning: assigning to 'char *' from 'const char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
warning: control reaches end of non-void function [-Wreturn-type]
warning: empty expression statement has no effect; remove unnecessary ';' to silence this warning [-Wextra-semi-stmt]
warning: excess elements in struct initializer
warning: initialization discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
warning: macro "_FILE_OFFSET_BITS" is not used [-Wunused-macros]
warning: macro "_REENTRANT" is not used [-Wunused-macros]
warning: missing braces around initializer [-Wmissing-braces]
warning: no previous extern declaration for non-static variable 'off_t_is_large' [-Wmissing-variable-declarations]
warning: no previous prototype for 'check' [-Wmissing-prototypes]
warning: no previous prototype for function 'check' [-Wmissing-prototypes]
warning: null argument where non-null required (argument 2) [-Wnonnull]
warning: passing 'const char[1]' to parameter of type 'char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
warning: passing argument 2 of 'SSL_CTX_set_srp_password' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
warning: passing argument 2 of 'SSL_CTX_set_srp_username' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
warning: unused parameter 'c' [-Wunused-parameter]
warning: unused parameter 'f' [-Wunused-parameter]
warning: unused variable 'data' [-Wunused-variable]
warning: unused variable 'dummy' [-Wunused-variable]
warning: unused variable 'flag' [-Wunused-variable]
warning: unused variable 'res' [-Wunused-variable]
warning: unused variable 's' [-Wunused-variable]
warning: variable 's' set but not used [-Wunused-but-set-variable]
warning: variable 'ts' set but not used [-Wunused-but-set-variable]
```
Closes#16287
To reduce the number `-Wunused-macro` compiler warnings:
- delete unused macros.
- comment out unused macro that are part of a set.
- move macros into the scope they are used.
This may be useful to enable by default, but there are tricky cases that
I didn't manage to fix and paused the effort. E.g. internal features
checks in `openssl.c`. There is more, once those are fixed.
Closes#16279
We don't pursue this, and the necessary `#pragma` got in the way of
compiling curl with gcc 4.2 and older. Drop the logic completely.
Follow-up to 8a266ac4883958c339fe16796081a296cd66acb3 #15939
Reported-by: prpr19xx on Github
Fixes#16152Closes#16157
- replace deprecated `ares_init()` call with `ares_init_options()`.
Follow-up to 0d4fdbf15d8eec908b3e63b606f112b18a63015e #16054
- dedupe `CARES_STATICLIB` initalizations into `curl_setup.h`, to
ensure it's defined before the first (and every) `ares.h` include and
avoid a potential confusion.
- move `CARES_NO_DEPRECATED` from build level to `curl_setup.h`.
To work regardless of build system.
It is necessary because curl calls `ares_getsock()` from two places,
of which one feeds a chain of wrappers: `Curl_ares_getsock()`,
`Curl_resolver_getsock()`, `Curl_resolv_getsock()`.
Closes#16131
Allow building with c-ares and yet use threaded resolver for the main
host A/AAAA resolving:
`--with-ares` provides the c-ares install path and defaults to use
c-ares for name resolving
`--with-threaded-resolver` still uses c-ares in the build (for HTTPS)
but uses the threaded resolver for "normal" resolves.
It works similarly for cmake: ENABLE_ARES enables ares, and if
ENABLE_THREADED_RESOLVER also is set, c-ares is used for HTTPS RR and
the threaded resolver for "normal" resolves.
HTTPSRR and c-ares-rr are new features return by curl_version_info() and
thus shown by curl -V.
The c-ares-rr feature bit is there to make it possible to distinguish
between builds using c-ares for all name resolves and builds that use
the threaded resolves for the regular name resolves and c-ares for
HTTPSRR only. "c-ares-rr" means it does not use c-ares for "plain" name
resolves.
HTTPSRR support is EXPERIMENTAL only.
Closes#16054
- silence false positive picky warnings.
- avoid "possible noreturn" warnings for standalone tests and examples.
- fix to compile without `#pragma GCC diagnostic push` support.
- fix "#pragma GCC diagnostic not allowed inside functions".
Prerequisite for #15975 that needs GCC 4.4 for the latest pre-built
CeGCC/mingw32ce toolchain for Windows CE.
Cherry-picked from #15975Closes#16062
We decided last year not to pursue avoiding this warning, because it
adds noise and friction, while in most cases not revealing actual code
issues. We fixed the interesting portion of them throughout mid-2024.
Conclude this effort by deleting related FIXMEs and temporary comments.
Follow-up to 3829759bd042c03225ae862062560f568ba1a231 #12489Closes#15939
Adds the experimental feature `ssls-export` to libcurl and curl for
importing and exporting SSL sessions from/to a file.
* add functions to libcurl API
* add command line option `--ssl-sessions <filename>` to curl
* add documenation
* add support in configure
* add support in cmake
+ add pytest case
Closes#15924
- drop `HAVE_IOCTL` macro, drop exception.
- drop unused `setjmp.h` detection, drop exception.
It's a C89 header and result also not used in detections.
- use C89 `stdlib.h` without detection.
(It's still being detected by autotools anyway.)
Closes#15867
To avoid this in certain debug build cases:
```
./lib/easy_lock.h:72:20: error: inlining failed in call to 'curl_simple_lock_lock': function not considered for inlining [-Werror=inline]
```
Ref: #13596
Reported-by: Rudi Heitbaum
Fixes#15815Closes#15819
`Makefile.mk` supported MS-DOS and Amiga, but `./configure` also
supported them in a better tested and more flexible way.
This patch also adds CMake support for MS-DOS/DJGPP and Amiga OS 3.
`Makefile.mk` was not maintained. Delete it in favour of first-tier
build methods.
Also include some non-MS-DOS/AmigaOS-specific tidy-up, see details at
the end of this message.
Details:
- fix/silence all MS-DOS/DJGPP build warnings and issues.
- add MS-DOS support to cmake.
- default to `ENABLE_THREADED_RESOLVER=OFF` for MS-DOS.
- add support for `WATT_ROOT`.
- use static libcurl with MS-DOS.
- fixup default CMake suffixes/prefixes for DJGPP.
- disable hidden symbols for MS-DOS. Not supported on MS-DOS.
- opt-in MS-DOS into `USE_UNIX_SOCKETS`.
- improve MS-DOS support in autotools.
- default to `--disable-threaded-resolver` for MS-DOS.
- make sure to use `close_s()` (from Watt-32) with autotools and cmake.
`Makefile.mk` used it before this patch.
- GHA: add DJGPP cmake (~30s) and autotools (~60s) build jobs.
Also build tests and examples with cmake.
- improve AmigaOS support in autotools:
- configure: detect `CloseSocket()` when it's a macro.
- configure: fix `IoctlSocket` detection on AmigaOS.
- curl-amissl.m4: pass AmiSSL libs to tests/servers.
- add AmigaOS3 support to cmake:
- cmake: fix `HAVE_IOCTLSOCKET_CAMEL` and
`HAVE_IOCTLSOCKET_CAMEL_FIONBIO` detections.
- set necessary system libs.
- add AmiSSL support.
- inet_ntop, inet_pton: fix using it for AmigaOS. cmake detects them,
and they did not compile with AmigaOS.
- cmake: better sync `gethostname` detection with autotools.
Fixes detection for AmigaOS, where `gethostname` is a macro.
- cmake: fix `sys/utime.h` detection on AmigaOS.
- cmake: force-disable `getaddrinfo` for AmigaOS.
- cmake: tweak threading and static/shared default for AmigaOS.
- cmake: rely on manual variable `AMIGA` to enable the platform.
- GHA: add AmigaOS cmake and autotools (~45s) jobs.
Also build tests and examples with cmake.
- INSTALL: update MS-DOS and AmigaOS build instructions.
- amigaos: fix `-Wpointer-sign` and
`zero or negative size array '_args'` in `Printf()`.
- amigaos: fix `-Wpointer-sign`
- amigaos: fix `-Wredundant-decls` `errno` and `h_errno`.
- amigaos: brute-force silence `lseek()` size warnings.
- amigaos: server/resolve: silence `-Wdiscarded-qualifiers`.
- amigaos: server/resolve: fix `-Wpointer-sign`.
- amigaos: fix `CURL_SA_FAMILY_T` type.
- nonblock: prefer `HAVE_IOCTLSOCKET_CAMEL_FIONBIO` for AmigaOS.
`ioctl` is also detected, but fails when used. Make the above override
it for a successful build.
Authored-by: Darren Banfi
Fixes#15537Closes#15603
- tftpd: prefer `HAVE_IOCTLSOCKET_CAMEL_FIONBIO` for AmigaOS.
- tftpd: tidy-up conditional code.
- curl: set stack size to 16384 for AmigaOS3/4
Overriding the default 4096.
Suggested-by: Darren Banfi
Ref: https://github.com/curl/curl/pull/15543#issuecomment-2498783123
Ref: https://wiki.amigaos.net/wiki/Controlling_Application_Stack
- functypes.h: fix `SEND_QUAL_ARG2` for AmigaOS.
- tftp: add missing cast in sendto() call for AmigaOS.
- getinfo: fix warning with AmigaOS.
- tool_operate: silence warning with AmigaOS
- amigaos: fix building libtests due to missing `RLIMIT_NOFILE`.
- curl_gethostname: silence warning for AmigaOS.
- ftp: silence `-Wtype-limits` for AmigaOS.
- libtest: fix timeval initialization for AmigaOS.
- examples: fix `timeval` initialization for AmigaOS.
- examples: silence warning for AmigaOS.
- configure: fix IPv6 detection for cross-builds.
- netrc: fix to build with AmigaOS cleanly.
- buildinfo: detect and add `DOS` tag for MS-DOS builds.
- buildinfo: add `AMIGA` to buildinfo.txt in auttools.
- build: move `USE_WATT32` macro definition to cmake/configure.
Non-MS-DOS/AmigeOS-specific tidy-ups:
- configure: sync `sa_family_t` detection with cmake.
- configure: sync `ADDRESS_FAMILY` detection signals with cmake.
- doh: use `CURL_SA_FAMILY_T`.
- lib: drop mingw-specific `CURL_SA_FAMILY_T` workaround.
- cmake: extend instead of override check-specific
configurations/requirements.
This allows to honor global requirements added earlier.
Necessary for AmigaOS for example.
- cmake: omit warning on disabled IPv6 for MS-DOS and AmigaOS.
No IPv6 support on these platforms. Also sync with autotools.
- lib1960: use libcurl `inet_pton()` wrapper.
- cmake: detect LibreSSL (to match autotools).
- cmake: say the specific OpenSSL flavour detected.
- hostip: add missing `HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID` guard.
- lib: simplify classic mac feature guards.
Follow-up to a8861b6ccdd7ca35b6115588a578e36d765c9e38 #9764Closes#15543
- cmp-config.pl: add remaining exceptions. Sort list.
- drop unused `HAVE_SYS_WAIT_H`.
Follow-up to 50def7c881ba560ab6e0235990e8f07fa69f4bc8 #13249
- drop unused `HAVE_FCHMOD`.
Follow-up to 03cb1ff4d629d6110dab787c75c187626d58323d #12395
- autotools: stop promoting variables to macros:
`USE_NGTCP2_CRYPTO_*`, `USE_NGTCP2_H3`, `USE_OPENSSL_H3`,
`HAVE_LIBRESSL`.
They are not used in the source.
- cmake: drop unused `HAVE_O_NONBLOCK`,
`HAVE_DISABLED_NONBLOCKING`.
- lib: drop `NEED_MALLOC_H`.
It was used in manual-build cases for Amiga/MS-DOS/Windows/WinCE, but
never by autotools/cmake, thus apparently unnecessary.
- lib: drop unused `NEED_MEMORY_H`.
- lib: simplify classic mac feature guards,
drop `HAVE_EXTRA_STRICMP_H` and `HAVE_EXTRA_STRDUP_H`.
- autotools: drop unused `HAVE_GETHOSTBYNAME` detection.
- autotools: drop unused OpenSSL feature tests:
`HAVE_ERR_H`, `HAVE_PEM_H`, `HAVE_RSA_H`
- autotools: drop unused OpenSSL feature tests:
`HAVE_X509_H`, `HAVE_CRYPTO_H`, `HAVE_SSL_H`.
They performed a fallback check when the primary check missed
`openssl/x509.h`. Though if any other prefixed headers were found,
OpenSSL is already assumed detected.
The fallback check was looking for 3 unprefixed OpenSSL headers, and
if all found, marked OpenSSL found internally, but did not promote
it to `curl_config.h` via `USE_OPENSSL`. Meaning it either didn't do
anything or may have continued with an inconsistent state.
Added in d99c20f62876457ca6880d706825e68f695bda18 (2008)
At the time, there was an extra `AC_DEFINE(USE_SSLEAY, 1 ...` logic
after this code, which kicked in in the fallback case, but that code
was deleted in 709cf76f6bb7dbaca14e3e8df160ccfac04dcecb (2015)
Follow-up to 709cf76f6bb7dbaca14e3e8df160ccfac04dcecb
- autotools: drop `AC_SUBST()` where the value is explicitly set anyway
and the macro is unused.
- autotools: replace `AC_SUBST(VAR, 1)` with local variable assigments,
where the `@VAR@` macro is unused. Also dedupe the local variable if
there was a parallel one used for the same purpose.
- autotools: drop local feature variables that were never used.
- autotools: drop unused `CURL_CHECK_OPTION_NTLM_WB`,
`CURL_CHECK_NTLM_WB`.
Also stop setting unused `NTLM_WB_ENABLED` macro for VMS.
Follow-up to 50def7c881ba560ab6e0235990e8f07fa69f4bc8 #13249
- autotools: drop unused `PKGADD_*`.
Follow-up to bae0d473f5912d38fc8da1f9850a70b015b53c9e #3331
- autotools: drop unused `CURL_NETWORK_LIBS`.
Follow-up to 3af75e18d691af24c4a11ee6cb1441de44b3a836 #14697Closes#15577
The idea of linking dependencies found to `libcurl.pc` turns out not
to work in practice in some cases.
Specifically: gss, ldap, mbedtls, libmsh3, rustls
A `.pc` may not work or be missing for a couple of reasons:
- not all build methods generate it: mbedTLS, Rustls
- generated file is broken: msh3
Ref: https://github.com/nibanks/msh3/pull/225
- installed package flavour isn't shipping with one:
FreeBSD GSS, OmniOS LDAP, macOS LDAP
The effect of such issues shall be subtle in theory, because
`libcurl.pc` normally lists these dependencies in the `Requires.private`
section meant for static linking. But, e.g. `pkg-config --exists`
requires these to be present, and builds sometimes use this check
regardless of build type. This bug is not present in `pkgconf`; it only
checks for them when `--static` is also passed.
Fix these by adding affected `.pc` references to `libcurl.pc` only when
we detected the dependency via `pkg-config`.
There are a few side-effects of this solution:
- references are never added for dependencies where curl doesn't
implement `pkg-config` detection. These are:
- autotools: ldap, mbedtls, msh3
- cmake: ldap (pending #15273)
- generated `libcurl.pc` depends on the build-time environment.
- generated `libcurl.pc` depends on curl build tool (cmake, autotools).
- generated `libcurl.pc` depends on curl build implementation details.
Make an exception for GNU GSS, where I blindly guess that `gss.pc` is
always available, as no issues were reported.
Other, not mentioned, dependencies continue to be added regardless
of the detection method.
Reported-by: Harmen Stoppels, Thomas, Daniel Engberg, Andy Fiddaman
Fixes#15469Fixes#15507Fixes#15535
Fixes https://github.com/curl/curl/pull/15163#issuecomment-2473358444Closes#15573
`libcurl.pc` `Libs.private` (since 8.11.0, and in `Libs` before 7.20.0)
and `curl-config` `--static-libs` (since 7.17.1, and in `Libs` between
7.7.2-7.25.0). This included all flags inherited from the environment,
in addition to those coming from dependency detections.
To avoid spilling all linker flags inherited from the environment to
the libcurl config files, this patch omits them all, except `-L`, `-F`,
`--library-path=` and `-framework` options, which are still passed.
The rationale for the exceptions is that `LIBS` is passed as-is, and
`LDFLAGS`, `LIBS` are the canonical way to pass custom libs options
to a build. `LIBS` may not work without a matching custom libpath.
This brings autotools behaviour closer to cmake, and `curl-config`
closer to `libcurl.pc`.
Follow-up to 9f56bb608ecfbb8978c6cb72a04d9e8b23162d82 #14681
Follow-up to 4c8adc8fee5e55754da3d8f8d982733a7bf3dece
Reported-by: Peter Marko
Fixes#15533Closes#15550
Different variable names were used in flag save and restore operations,
which could cause existing `CPPFLAGS` and `LDFLAGS` be accidentally lost
when detecting Rustls.
Follow-up to 647e86a3efe1eea7a2a456c009cfe1eb55fe48eb #13179Closes#15546
Build wolfSSL master with
./configure --prefix=/path --enable-ip-alt-name --enable-quic
--enable-earlydata --enable-psk --enable-opensslcoexist
and configure curl with openssl + wolfssl. Normal tests run.
pytest session resumption fails, as wolfssl does not handle the
new_session callback without opensslextra right now.
Closes#15481
The gethostbyname(3) family was removed in POSIX-1.2008 in favor of
getaddrinfo(3) introduced in POSIX-1.2001. Modern POSIX systems such as
Sortix does not have gethostbyname nor the related definitions and
structures.
curl already only uses getaddrinfo(3) if available and thread safe,
although there is mild breakage if the related gethostbyname definitions
are missing.
This change attempts to fix that breakage:
Remove an unnecessary configure error if gethostbyname is missing since
getaddrinfo is enough as a fallback.
Rewrite Curl_ip2addr to not use struct hostent as it no longer is
standardized and create the struct Curl_addrinfo directly.
Only define the Curl_he2ai function on non-getaddrinfo systems where it
is going to be used with struct hoestent.
Revoke the fallback logic for when it's unknown whether getaddrinfo is
thread safe. It doesn't appear to make any sense since h_errno is
unrelated to getaddrinfo. The logic prevents new POSIX.1-2024 systems
from passing the thread safety test since h_errno does not exist anymore
and POSIX already requires getaddrinfo to be thread safe. There's
already a denylist in place for operating systems with known buggy
implementations.
Closes#15475
This warning remains silent in unity builds. Since we're using unity
in CI for most jobs, warnings remain undetected there.
Disable them for all builds to avoid a surprise warning outside our CI.
The issue caught by the warning is useful for a tidy codebase, but
doesn't affect executed code. It was enabled in
84338c4de2d7c798e3c270c9610d51a4ad18a90b #12331 (2023-11-15).
llvm source: fee2953f23/clang/lib/Sema/AnalysisBasedWarnings.cpp (L125-L134)
llvm issue: https://github.com/llvm/llvm-project/issues/71046
Follow-up to 7c023c3f6e2c454fbac7277d8dc038854c192d72 #15384Closes#15416
Added in 37eba37019388f767f5de67b4071641044d7b026 (2009-06-17) to help
detecting socket functions.
But, this `socket.h` isn't used in the source code since
90dd1fc66401d5bb7814f4edeb16a06c925b1f1e #8288 (2022-01-16).
Closes#15173
Before this patch they were detected via manual methods, then with
`AC_CHECK_FUNCS()`.
Delete the manual checks and keep the latter.
Also delete `CURL_INCLUDES_POLL()` which is no longer used after
the above.
Closes#15170
poll() on macOS 10.12 was deemed broken in 2016 when we discovered that
it misbehaves when provided with no sockets to wait for. The
HAVE_POLL_FINE is used to mark a poll() implementation that behaves
correctly: it *should* still wait the timeout time.
curl has therefore opted to use select() on Apple operating systems ever
since. To avoid the risk that this or other breakage cause problems.
However, using select() internally is also bad because it suffers from
problems when using file descriptors beyond 1024.
This change makes poll() used if it is present, but if there is no
sockets to wait for it avoids using poll() and instead falls back to
select() - but without any sockets to wait for there is no 1024 problem.
This removes all previous special-handling involving HAVE_POLL_FINE.
ref: https://daniel.haxx.se/blog/2016/10/11/poll-on-mac-10-12-is-broken/Closes#15096
Since it seems the _POSIX_C_SOURCE "trick" does not work there, the
check does not find poll().
Fixes#15013
Reported-by: vvb2060 on github
Closes#15037
- lib557: suppress `-Wformat-overflow` warning in source.
Fixes:
```
lib557.c: In function ‘test_float_formatting’:
lib557.c:1408:37: error: ‘%*f’ directive output of 2147483648 bytes exceeds ‘INT_MAX’ [-Werror=format-overflow=]
1408 | curl_msnprintf(buf, sizeof(buf), "%*f", INT_MIN, 9.1);
| ^~~
lib557.c:1408:3: note: ‘curl_msnprintf’ output 2147483649 bytes
1408 | curl_msnprintf(buf, sizeof(buf), "%*f", INT_MIN, 9.1);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
Ref: https://app.circleci.com/pipelines/github/curl/curl/10226/workflows/87642ee9-cda6-4916-8206-c82aac5f595e/jobs/107669?invite=true#step-106-40996_46
The root cause of why this option gets enabled remains undiscovered.
Reported-by: Daniel Stenberg
Fixes#15008
Follow-up to 71cf0d1fca9e1f53524e1545ef0c08d174458d80 #14772
- build: drop `-Wno-format-overflow` from picky warning list.
These options only get used with picky warnings enabled.
Follow-up to 145f87b9e89f3a5e287233fe7d3cf57aca23dd8c #14598
- unit1652: suppress in source (and not rely on picky warnings anymore.)
Closes#15012
Before this patch, only these triplets were considered Apple:
`<cpu>-apple-darwin`
After this patch, these are also considered Apple:
`<cpu>-apple-(ios*|tvos*|visionos*|watchos*|<ETC>)`
`$host_os` (the last third of the triplet) still has a valid use
to differentiate between OS flavours, though for now this isn't
used, aligning with CMake.
Closes#14728
- cmake: drop `configure.os`.
This also includes OS version, but thus far it's not important enough
to include it.
- autotools: drop redundant, autotools-only `{target|host}.vendor`.
(it's part of the triplet in `{target|host}`.)
- swap order to `*.cpu` -> `*.os` to match triplet-order.
- cmake: drop redundant `target`.
It's manually filled and only in a (so far) few CI jobs. Let's revisit
when this becomes useful.
- move `buildinfo.txt` to build root.
- dist: add `buildinfo.txt` to `DISTCLEANFILES`.
- autotools: detect human readable compiler version.
- autotools: replace `XXYY` `compiler.version` with "X.Y"-style.
(also to match cmake.)
- autotools: use distinct `compiler_id` for Apple clang: `APPLECLANG`.
To match cmake and also because the the "X.Y"-style version number
is the Apple version, while `XXYY` was a value roughly translated to
mainline llvm/clang version.
- show buildinfo at the end of the configure stage, when run in CI, or
when `CURL_BUILDINFO` or `CURL_CI` env is set.
Follow-up to 1fdea1684602a1ae2870c67b5f3e8fd34f63da95 #14802
Assisted-by: Dan Fandrich
Ref: https://github.com/curl/curl/pull/14802#issuecomment-2334942991Closes#14822
It could previously be set with configure/cmake and used in rare cases
for reading randomness: with ancient mbedTLS or rustls without
arc4random.
We now get randomness in this order:
1. The TLS library's way to provide random
2. On Windows: Curl_win32_random
3. if arc4random exists, use that
4. weak non-crytographically strong pseudo-random
Closes#14749
