Bump the limit from 512K. There might be reasons for applications using
h3 to set larger buffers and there is no strong reason for curl to have
a very small maximum.
Ref: https://curl.se/mail/lib-2023-01/0026.htmlCloses#10256
- test 2500, single GET works
- test 2501, single POST stalls
- test 2502, multiple, sequential GETs each use a new connection since
MsH3ConnectionGetState(qconn) no longer reports CONNECTED after one
GET.
Closes#10204
Because only the libssh2 backend not supports it and thus this should
return error if this option is used other backends.
Reported-by: Harry Sintonen
Closes#10255
NSS currently uses the default Curl_none_data_pending() method which
always returns false, causing TLS buffered input data to be missed.
The current commit implements the nss_data_pending() method that properly
monitors the presence of available TLS data.
Ref:#10077
Closes#10225
- Warn that in Windows if libcurl is running from a DLL and if
CURLOPT_HEADERDATA is set then CURLOPT_WRITEFUNCTION or
CURLOPT_HEADERFUNCTION must be set as well, otherwise the user may
experience crashes.
We already have a similar warning in CURLOPT_WRITEDATA. Basically, in
Windows libcurl could crash writing a FILE pointer that was created by
a different C runtime. In Windows each DLL that is part of a program may
or may not have its own C runtime.
Ref: https://github.com/curl/curl/issues/10231
Closes https://github.com/curl/curl/pull/10233
Built-in TLS backends are detected at test time by scanning for their
names in the version string line returned by the cli tool: as this line
may also list the libssh configuration that mentions its own backend,
the curl backend may be wrongly determined.
In example, if the version line contains "libssh/0.10.4/openssl/zlib",
OpenSSL is detected as a curl-configured backend even if not.
This fix requires the backend names to appear as full words preceded by
spacing in the version line to be recognized as curl TLS backends.
Closes#10236
- quiche in debug mode did not build, fixed.
- moved all vquic implementation files to prefix curl_* to avoid
the potential mixups between provided .h files and our own.
- quich passes test 2500 and 2502. 2501, the POST, fail with
the body being rejected. Quich bug?
Closes#10242
SecureTransport expects result code errSSLWouldBlock when the requested
length could not be sent/recieved in full. The previous code returned
noErr, which let SecureTransport to believe that the IO had terminated
prematurely.
Fixes#10227Closes#10235
- Set all scripts +x, ie 644 => 755.
Prior to this change some scripts were not executable and therefore
could not be called directly.
~~~
git ls-files -s \*.{sh,pl,py} | grep -v 100755
~~~
Closes https://github.com/curl/curl/pull/10219
Do not rely on the first transfer started to be the first to get a
response (remember -Z). All transfers now write the headefile (-D) in
append mode, making sure that the order of transfer responses does not
lead to overwrites of previous data.
Closes#10224
- by using BIT() instead of bool
- imap: shrink struct
- ftp: make state 'unsigned char'
- ftp: sort ftp_conn struct entries on size
- urldata: use smaller fields for SSL version info storage
- pop3: reduce the pop3_conn struct size
- smtp: reduce the size of the smtp structs
Closes#10186
Prior to this change http2_cfilter_add could return an uninitialized
cfilter pointer in an OOM condition. In this case though, the pointer
is discarded and not dereferenced so there was no risk of a crash.
- copy `struct Curl_addrinfo` on filter setup into context
- remove `struct Curl_addrinfoi *` with `struct Curl_sockaddr_ex *` in
connectdata that is set and NULLed by the socket filter
- this means we have no reference to the resolver info in connectdata or
its filters
- trigger the CF_CTRL_CONN_INFO_UPDATE event when the complete filter
chain reaches connected status
- update easy handle connection information on CF_CTRL_DATA_SETUP event.
Closes#10213
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
checksrc is updated to allow non-year using copyright statements
Closes#10205
Ref: #10163
- This is a niche TLS library, only running on some IBM systems
- no regular curl contributors use this backend
- no CI builds use or verify this backend
- gskit, or the curl adaption for it, lacks many modern TLS features
making it an inferior solution
- build breakages in this code take weeks or more to get detected
- fixing gskit code is mostly done "flying blind"
Closes#10201
Otherwise data->conn is NULL and things go wrong.
This problem caused occastional failures in test 359, 1700 and more
depending on timing and the alignment of various planets.
Assisted-by: Stefan Eissing
Closes#10199
- it does not add a lot of value
- we do not test-build it to verify because of its dependencies
- unclear for what GTK versions it works or not
Reported-by: odek86 on github
Fixes#10197Closes#10198
The unencoding stack is added to as Transfer-Encoding and
Content-Encoding fields are encountered with no distinction between the
two, meaning the stack will be incorrect if, e.g., the message has both
fields and a non-chunked Transfer-Encoding comes first. This commit
fixes this by ordering the stack with transfer encodings first.
Reviewed-by: Patrick Monnerat
Closes#10187
stdint.h was only included in http.h when ENABLE_QUIC was defined, but
symbols from stdint.h are also used when USE_NGHTTP2 is defined. This
causes build errors when USE_NGHTTP2 is defined but ENABLE_QUIC is not.
Closes#10185
The only TLS auth type libcurl ever supported is SRP and that is the
default type. Since nobody ever sets any other type, there is no point
in wasting space to store the set type and code to check the type.
If TLS auth is used, SRP is now implied.
Closes#10181
