- `-D_AMD64_` has not been necessary for mingw-w64 builds for a long time now.
- `-fno-strict-aliasing` is mentioned for Intel C compiler in autotools, and
I used this with VxWorks in another project, but otherwise this isn't
necessary anymore as a default. If a target still needs it, it can be
added with `CURL_CFLAG_EXTRAS=-fno-strict-aliasing`
- bump up default optimization level to `-O3` (from `-O2`), and also rearrange
option order so the default can now be overridden via
`CURL_CFLAG_EXTRAS`.
- delete `-g` (generate debug info) from `CFLAGS` and `-s` from `LDFLAGS`
(strip debug info). They were working against each other. Now, if someone
needs debug info, it can be enabled via `CURL_CFLAG_EXTRAS=-g`
Closes#8904
The UNITTEST macro is defined by curl_setup.h so there is no use in
carry a local copy of the logic.
Closes: #8902
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Prior to this change the doc said --max-time set the maximum time of the
'whole operation' which is not accurate. The option maps to
CURLOPT_TIMEOUT_MS which sets maximum transfer time.
For example, the maximum time on a transfer is reset if the transfer is
retried (--retry).
Reported-by: Nuru@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/8877Closes#8879
Commit 709ae2454f added a fake hostname to avoid leaking the local
hostname, but omitted copying it to the host buffer. Fix by copying
and adjust the test fallout.
Closes: #8895Fixes: #8893
Reported-by: Patrick Monnerat <patrick@monnerat.net>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Rather than assuming sed in PATH, use the resolved $SED variable
like in all other invocations of sed in configure.
Closes: #8891
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
Allow curl to send larger UDP datagram if Path MTU Discovery finds the
availability of larger path MTU. To make it work and not to send
fragmented packet, we need to set DF bit. That makes send(2) fail with
EMSGSIZE if UDP datagram is too large. In that case, just let it be
lost. This patch enables DF bit for Linux only.
Closes#8883
The NTLM protocol includes providing the local host name, but apparently
other implementations already provide a fixed fake name instead to avoid
leaking the real local name.
The exact name used is 'WORKSTATION', because Firefox uses that.
The change is written to allow someone to "back-pedal" fairly easy in
case of need.
Reported-by: Carlo Alberto
Fixes#8859Closes#8889
yassl was added in commit 9d904ee41b but is no longer available
and is thus not a library to use for NTLM. This aligns the FEATURES
doc with the FAQ.
Closes: #8886
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
The empty left-behind footnote confused the website rendering into
creating a nested emoty list, making the resulting page look quite
odd. Remove and re-order the remaining ones to avoid a gap in the
sequence.
Closes: #8886
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
curl is a tool that support many different things, and it doesn't
really seem like our job to tell other what to use (as they might
not have much say in the matter even). Also tidy up wording.
Closes: #8886
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
This will omit two spaces of indentation from lines with no content,
thus avoiding 'spaces @ EOL'.
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Closes#8887
- -DOPENSSL_NO_KRB5: No longer used by OpenSSL 1.1.x, 3.x, or
LibreSSL 3.5.x, yet it collides with the latter, which defines
it unconditionally, resulting in this warning:
../../libressl/include/openssl/opensslfeatures.h:14:9: warning: 'OPENSSL_NO_KRB5' macro redefined [-Wmacro-redefined]
It was originally added to curl in 2004.
- -DHAVE_OPENSSL_PKCS12_H: No longer used by OpenSSL 1.1.x, 3.x, or
LibreSSL back to at least 2.5.5. Originally added in the same
commit as the above, in 2004.
Closes#8884
Commit a04f0b9613 made me notice that
there is a portability issue in curl's top-level Makefile.am.
$< can only be used in rules that deal with .SUFFIXES. Its use
for general prerequisites is a GNU make extension.
$< could be replaced by $?, but I think in an autotools context,
something like this is better:
Bug: https://curl.se/mail/lib-2022-05/0024.htmlCloses#8861
Usage:
curl -x "socks5h://localhost/run/tor/socks" "https://example.com"
Updated runtests.pl to run a socksd server listening on unix socket
Added tests test1467 test1468
Added documentation for proxy command line option and socks proxy
options
Closes#8668
Lookup tables for toupper() and tolower() make Curl_strcasecompare()
about 1.5 times faster. Reorganising Curl_strcasecompare() to fully exit
early then also allows simplifying the check at the end, for another
15%. In total, the changes make Curl_strcasecompare() around 1.6 to 1.7
times faster.
Note that these optimisation assume ASCII. The original
Curl_raw_toupper() and raw_tolower() look like they already made that
assumption.
Closes#8875
Dedicated - paid for - security audits that are performed in
collaboration with curl developers are not eligible for bounties.
(plus I changed the sub-titles to use ## instead of # in the markdown)
Closes#8880
This change removes adding an include `$prefix/wolfssl` or similar to
allow for openssl include aliasing. Include paths of `wolfssl/openssl/`
are used to explicitly use wolfSSL includes. This fixes cmake builds as
well as avoiding potentially using openSSL headers since include path
order is not guaranteed.
Closes#8864
These two options were only ever used for the OpenSSL backend for
versions before 1.1.0. They were never used for other backends and they
are not used with recent OpenSSL versions. They were never used much by
applications.
The defines RANDOM_FILE and EGD_SOCKET can still be set at build-time
for ancient EOL OpenSSL versions.
Closes#8670
Earlier if CURLOPT_LOCALPORT + CURLOPT_LOCALPORTRANGE would go past port
65535 the code would fall back to random port rather than giving up.
Closes#8862
Commit 0ef54abf52 accidentally used the conn variable before the
assertion for it being NULL. Fix by moving the assignment which use
conn to after the assertion.
Closes: #8857
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
The API documentation for the MIME functions specify that the parts
can be set twice, with the last call winning. While true, the user
can set the parts n times for n > 2, reword to specify multiple API
calls instead.
Closes: #8860
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Add Curl_quic_idle which is called when no HTTP level read or write is
performed. It is a good place to handle timer expiry for QUIC transport
(.e.g, retransmission).
Closes#8698
SecTrustEvaluateAsync() is defined in the macOS 10.7 SDK, but it
requires Grand Central Dispatch to be supported by the compiler, and
some third-party macOS compilers do not support Grand Central Dispatch.
SecTrustCopyPublicKey() is not present in macOS 10.6, so this shouldn't
adversely affect anything.
Fixes#8846
Reported-by: Egor Pugin
Closes#8854
Commit 46d45ea3a incorrectly hardcoded the User-Agent in the test
output file which breaks when curlver is updated. Shift to using
the %VERSION macro instead.
Closes: #8856
The support for compiling on Mac OS 9 hasn't been modified since 2001
and has no active maintainer or packager, so it's time to remove it as
it's incredibly unlikely to work. If a maintainer re-emerges it can be
resurrected from Git history.
Closes: #8836
Reviewed-by: Daniel Stenberg <daniel@haxx.se>