Commit Graph

30739 Commits

Author SHA1 Message Date
Daniel Stenberg
08b9f246f4
RELEASE-NOTES: synced 2023-08-07 20:39:32 +02:00
Dan Fandrich
0092e77632 THANKS-filter: add a name typo 2023-08-07 09:12:42 -07:00
Stefan Eissing
199fb4b94a
http3/ngtcp2: shorten handshake, trace cleanup
- shorten handshake timing by delayed x509 store load (OpenSSL)
  as we do for HTTP/2
- cleanup of trace output, align with HTTP/2 output

Closes #11609
2023-08-07 17:13:52 +02:00
Daniel Stenberg
95ca3c53d3
headers: accept leading whitespaces on first response header
This is a bad header fold but since the popular browsers accept this
violation, so does curl now. Unless built with hyper.

Add test 1473 to verify and adjust test 2306.

Reported-by: junsik on github
Fixes #11605
Closes #11607
2023-08-07 12:45:45 +02:00
Daniel Stenberg
cfe85ca562
include/curl/mprintf.h: add __attribute__ for the prototypes
- if gcc or clang is used
- if __STDC_VERSION__ >= 199901L, which means greater than C90
- if not using mingw
- if CURL_NO_FMT_CHECKS is not defined

Closes #11589
2023-08-07 10:46:14 +02:00
Daniel Stenberg
51118ba84c
tests: fix bad printf format flags in test code 2023-08-07 10:46:14 +02:00
Daniel Stenberg
4f3d06ec39
tests: fix header scan tools for attribute edits in mprintf.h 2023-08-07 10:46:13 +02:00
Daniel Stenberg
80ea7f7fc2
cf-socket: log successful interface bind
When the setsockopt SO_BINDTODEVICE operation succeeds, output that in
the verbose output.

Ref: #11599
Closes #11608
2023-08-07 10:42:37 +02:00
Daniel Stenberg
90d0e0f83d
CURLOPT_SSL_VERIFYPEER.3: mention it does not load CA certs when disabled
Ref: #11457
Closes #11606
2023-08-07 10:40:19 +02:00
Daniel Stenberg
03c79448e0
CURLOPT_SSL_VERIFYPEER.3: add two more see also options
CURLINFO_CAINFO and CURLINFO_CAPATH

Closes #11603
2023-08-07 08:25:46 +02:00
Daniel Stenberg
bfc9d56a91
KNOWN_BUGS: aws-sigv4 does not behave well with AWS VPC Lattice
Closes #11007
2023-08-06 23:38:28 +02:00
Graham Campbell
8eda84bdc1
CI: use openssl 3.0.10+quic, nghttp3 0.14.0, ngtcp2 0.18.0
Closes #11585
2023-08-06 23:20:45 +02:00
Daniel Stenberg
8b12f9e203
TODO: add *5* entries for aws-sigv4
Closes #7559
Closes #8107
Closes #8810
Closes #9717
Closes #10129
2023-08-06 23:04:57 +02:00
Daniel Stenberg
26b437393e
TODO: LDAP Certificate-Based Authentication
Closes #9641
2023-08-06 22:58:42 +02:00
Stefan Eissing
fbacb14c4c
http2: cleanup trace messages
- more compact format with bracketed stream id
- all frames traced in and out

Closes #11592
2023-08-06 17:47:38 +02:00
Daniel Stenberg
03eba3c8b2
tests/tftpd+mqttd: make variables static to silence picky warnings
Closes #11594
2023-08-06 17:21:25 +02:00
Daniel Stenberg
c71ce0007e
docs/cmdline: remove repeated working for negotiate + ntlm
The extra wording is added automatically by the gen.pl tool

Closes #11597
2023-08-06 17:19:37 +02:00
Daniel Stenberg
efb594daac
docs/cmdline: add small "warning" to verbose options
"Note that verbose output of curl activities and network traffic might
contain sensitive data, including user names, credentials or secret data
content. Be aware and be careful when sharing trace logs with others."

Closes #11596
2023-08-06 17:17:27 +02:00
Daniel Stenberg
f308f65280
RELEASE-NOTES: synced 2023-08-04 16:00:08 +02:00
Daniel Stenberg
83319e0271
pingpong: don't use *bump_headersize
We use that for HTTP(S) only.

Follow-up to 3ee79c1674

Closes #11590
2023-08-04 11:06:39 +02:00
Daniel Stenberg
8a9f4d481a
urldata: remove spurious parenthesis to unbreak no-proxy build
Follow-up to e12b39e133

Closes #11591
2023-08-04 11:04:24 +02:00
Daniel Stenberg
c15569bb41
easy: don't call Curl_trc_opt() in disabled-verbose builds
Follow-up to e12b39e133

Closes #11588
2023-08-04 10:07:57 +02:00
Daniel Stenberg
a2a894f550
http: use %u for printfing int
Follow-up to 3ee79c1674

Closes #11587
2023-08-04 09:34:44 +02:00
Goro FUJI
ae91bb7e1a
vquic: show stringified messages for errno
Closes #11584
2023-08-03 22:44:36 +02:00
Stefan Eissing
e12b39e133
trace: make tracing available in non-debug builds
Add --trace-config to curl

Add curl_global_trace() to libcurl

Closes #11421
2023-08-03 17:32:25 +02:00
Daniel Stenberg
0f49b5bacb
TODO: remove "Support intermediate & root pinning for PINNEDPUBLICKEY"
See also https://github.com/curl/curl/pull/7507
2023-08-03 17:28:27 +02:00
Daniel Stenberg
16d077330b
TODO: add "WebSocket read callback"
remove "Upgrade to websockets" as we already have this

Closes #11402
2023-08-03 17:21:38 +02:00
Daniel Stenberg
260f51ae8b
test497: verify rejecting too large incoming headers 2023-08-03 17:08:56 +02:00
Daniel Stenberg
3ee79c1674
http: return error when receiving too large header set
To avoid abuse. The limit is set to 300 KB for the accumulated size of
all received HTTP headers for a single response. Incomplete research
suggests that Chrome uses a 256-300 KB limit, while Firefox allows up to
1MB.

Closes #11582
2023-08-03 17:08:13 +02:00
Stefan Eissing
944e219f10
http2: upgrade tests and add fix for non-existing stream
- check in h2 filter recv that stream actually exists
  and return error if not
- add test for parallel, extreme h2 upgrades that fail if
  connections get reused before fully switched
- add h2 upgrade upload test just for completeness

Closes #11563
2023-08-03 17:05:13 +02:00
Viktor Szakats
db70846e2e
tests: ensure libcurl.def contains all exports
Add `test1279` to verify that `libcurl.def` lists all exported API
functions found in libcurl headers.

Also:

- extend test suite XML `stdout` tag with the `loadfile` attribute.

- fix `tests/extern-scan.pl` and `test1135` to include websocket API.

- use all headers (sorted) in `test1135` instead of a manual list.

- add options `--sort`, `--heading=` to `tests/extern-scan.pl`.

- add `libcurl.def` to the auto-labeler GHA task.

Follow-up to 2ebc74c36a

Closes #11570
2023-08-03 11:07:47 +00:00
Daniel Stenberg
d135d040df
url: change default value for CURLOPT_MAXREDIRS to 30
It was previously unlimited by default, but that's not a sensible
default. While changing this has a remote risk of breaking an existing
use case, I figure it is more likely to actually save users from loops.

Closes #11581
2023-08-02 23:59:59 +02:00
Daniel Stenberg
367a66b130
lib: fix a few *printf() flag mistakes
Reported-by: Gisle Vanem
Ref: #11574
Closes #11579
2023-08-02 23:11:09 +02:00
Samuel Chiang
20f4e94eeb
openssl: make aws-lc version support OCSP
And bump version in CI

Closes #11568
2023-08-02 16:23:45 +02:00
Daniel Stenberg
ce1fc742c1
tool: make the length argument an int for printf()-.* flags
Closes #11578
2023-08-02 16:11:55 +02:00
Daniel Stenberg
139ecfb869
tool_operate: fix memory leak when SSL_CERT_DIR is used
Detected by Coverity

Follow-up to 29bce9857a

Closes #11577
2023-08-02 16:10:49 +02:00
Daniel Stenberg
c17bf311f1
tool/var: free memory on OOM
Coverity detected this memory leak in OOM situation

Follow-up to 2e160c9c65

Closes #11575
2023-08-02 16:09:43 +02:00
Viktor Szakats
ddb179586f
gha: bump libressl and mbedtls versions
Closes #11573
2023-08-02 10:39:01 +00:00
Jay Satiro
b4f9ae5126 schannel: fix user-set legacy algorithms in Windows 10 & 11
- If the user set a legacy algorithm list (CURLOPT_SSL_CIPHER_LIST) then
  use the SCHANNEL_CRED legacy structure to pass the list to Schannel.

- If the user set both a legacy algorithm list and a TLS 1.3 cipher list
  then abort.

Although MS doesn't document it, Schannel will not negotiate TLS 1.3
when SCHANNEL_CRED is used. That means setting a legacy algorithm list
limits the user to earlier versions of TLS.

Prior to this change, since 8beff435 (precedes 7.85.0), libcurl would
ignore legacy algorithms in Windows 10 1809 and later.

Reported-by: zhihaoy@users.noreply.github.com

Fixes https://github.com/curl/curl/pull/10741
Closes https://github.com/curl/curl/pull/10746
2023-08-02 03:43:13 -04:00
Daniel Stenberg
4169943d15
variable.d: setting a variable again overwrites it
Reported-by: Niall McGee
Bug: https://twitter.com/niallmcgee/status/1686523075423322113
Closes #11571
2023-08-02 09:32:08 +02:00
Jay Satiro
783e4714d9 CURLOPT_PROXY_SSL_OPTIONS.3: sync formatting
- Re-wrap CURLSSLOPT_ALLOW_BEAST description.
2023-08-02 03:19:29 -04:00
Daniel Stenberg
8c5f117882
RELEASE-NOTES: synced 2023-08-02 08:37:42 +02:00
Daniel Stenberg
d3142b5729
resolve: use PF_INET6 family lookups when CURL_IPRESOLVE_V6 is set
Previously it would always do PF_UNSPEC if CURL_IPRESOLVE_V4 is not
used, thus unnecessarily asking for addresses that will not be used.

Reported-by: Joseph Tharayil
Fixes #11564
Closes #11565
2023-08-02 00:49:16 +02:00
Daniel Stenberg
fc1e42190f
docs: link to the website versions instead of markdowns
... to make the links work when the markdown is converted to webpages on
https://curl.se

Reported-by: Maurício Meneghini Fauth
Fixes https://github.com/curl/curl-www/issues/272
Closes #11569
2023-08-02 00:47:41 +02:00
Viktor Szakats
00f8f9c22b
cmake: cache more config and delete unused ones
- cache more Windows config results for faster initialization.

- delete unused config macros `HAVE_SYS_UTSNAME_H`, `HAVE_SSL_H`.

- delete dead references to `sys/utsname.h`.

Closes #11551
2023-08-01 21:59:00 +00:00
Viktor Szakats
c09466abff
egd: delete feature detection and related source code
EGD is Entropy Gathering Daemon, a socket-based entropy source supported
by pre-OpenSSL v1.1 versions and now deprecated. curl also deprecated it
a while ago.

Its detection in CMake was broken all along because OpenSSL libs were
not linked at the point of feature check.

Delete detection from both cmake and autotools, along with the related
source snippet, and the `--with-egd-socket=` `./configure` option.

Closes #11556
2023-08-01 21:58:56 +00:00
Stefan Eissing
bb07240263
tests: fix h3 server check and parallel instances
- fix check for availability of nghttpx server
- add `tcp` frontend config for same port as quic, as
  without this, port 3000 is bound which clashes for parallel
  testing

Closes #11553
2023-08-01 16:11:48 +02:00
Daniel Stenberg
f4ff8072f2
docs/cmdline-opts: spellfixes, typos and polish
To make them accepted by the spell checker

Closes #11562
2023-08-01 14:12:22 +02:00
Daniel Stenberg
6b11d9d86b
CI/spellcheck: build curl.1 and spellcheck it
Added acceptable words

Closes #11562
2023-08-01 14:12:03 +02:00
Alexander Jaeger
959e613e7c
misc: fix various typos
Closes #11561
2023-08-01 14:09:32 +02:00