Commit Graph

31999 Commits

Author SHA1 Message Date
Daniel Stenberg
20434a6aeb
RELEASE-NOTES: synced 2024-04-08 10:33:36 +02:00
Daniel Stenberg
bcc2e90e45
docs/cmdline-opts: invoke managen using a relative path
... no need to use an absolute path, that makes the build unncessarily
fail if invoked using a different mount point. managen now takes options
to find the input files.

Update test1478 to provide the dir arguments to managen

Closes #13281
2024-04-08 10:27:27 +02:00
Daniel Stenberg
a3b084b913
GHA: add valgrind to a wolfSSL build
Closes #13274
2024-04-08 09:39:16 +02:00
Viktor Szakats
860cd5fc2d
dist: set -eu, fix shellcheck, make reproducible and smaller tarballs
- set bash `-eu` and fix fallouts.
- fix shellcheck warnings.
- set and use `SOURCE_DATE_EPOCH` for reproducibility.
  Authored-by: Daniel J. H.
  Ref: #13280
- set `TZ=UTC` and `LC_ALL=C` for reproducibility.
- make file timestamps in tarball/zip reproducible.
- make directory timestamps in zip reproducible.
- make timestamps of tarballs/zip reproducible.
- make file order in tarball/zip reproducible.
- omit extra file metadata from zip for reproducibility.
- use maximum zip compression.
- use POSIX `ustar` tarball format to avoid supply chain vulnerability:
  https://seclists.org/oss-sec/2021/q4/0
- make uid/gid in tarball reproducible.
- omit owner user/group names from tarball for reproducibility and privacy.
- omit current timestamp from .gz header for reproducibility.
- display SHA-256 hashes of produced tarballs/zip.
- fix whitespace.

`.tar.gz` also became smaller in the process: 4,462,311 -> 4,148,249 bytes (8.7.1)

Requires GNU tar, GNU date, `sha256sum`.

Reviewed-by: Daniel Stenberg
Ref: #13250
Closes #13299
2024-04-07 22:28:42 +00:00
Gisle Vanem
a42de088a2 tests/http: fix compiler warning
- Init result code variable to fix clang warning that it may be used
  uninitialized.

Fixes https://github.com/curl/curl/issues/13301
Closes https://github.com/curl/curl/pull/13304
2024-04-07 14:21:31 -04:00
Stefan Eissing
9287563e86 vquic: use new curl_int64_t type
- add curl_int64_t signed 64-bit type for lib use

- define CURL_PRId64, CURL_PRIu64 format ids

- use curl_int64_t in vquic

curl_int64_t signed complements the existing curl_uint64_t unsigned.

Note that `curl_int64_t` and `int64_t` are assignable from each other
but not identical. Some platforms with 64 long type defint int64_t as
"long long" (staring at macOS) which messes up things like pointers and
format identifiers.

Closes https://github.com/curl/curl/pull/13293
2024-04-06 19:08:12 -04:00
Jay Satiro
bf567dd9f1 lib: use multi instead of multi_easy for the active multi
- Use data->multi and not data->multi_easy to refer to the active multi.

The easy handle's active multi is always data->multi.

This is a follow up to 757dfdf which changed curl so that an easy handle
used with the easy interface and then multi interface cannot have two
different multi handles associated with it at the same time
(data->multi_easy from the easy interface and data->multi from the multi
interface).

Closes https://github.com/curl/curl/pull/12665
2024-04-05 16:47:36 -04:00
Viktor Szakats
dc178faee9
tidy-up: whitespace [ci skip] 2024-04-05 15:50:07 +00:00
Daniel Stenberg
1ef4798756
makefile: remove the sorting from the vc-ide action
This target generates the MSVC project files. This change removes the
extra sorting and instead makes the script use the order of the files as
listed in the variables - which are mostly sorted anyway.

This is an attempt to make the project file generation more easily
reproducible.

Ref: #13250
Closes #13294
2024-04-05 16:18:31 +02:00
Gisle Vanem
59bfc53849
bearssl: fix compiler warnings
"variables may be uninitialized when used"

Fixes #13290
Closes #13297
2024-04-05 16:15:27 +02:00
Daniel Stenberg
995b42eb33
DISTROS: Cygwin updates
Brought-by: Brian Inglis
Fixes #13258
Co-authored-by: Viktor Szakats
Closes #13279
2024-04-05 16:09:15 +02:00
Stefan Eissing
0b28ece657
lib: add trace support for client reads and writes
- add `CURL_TRC_READ()` and `CURL_TRC_WRITE()`
- use in generic client writers and readers, as well
  as http headers, chunking and websockets

Closes #13223
2024-04-05 16:08:10 +02:00
MAntoniak
f46385d36d
urldata: remove fields not used depending on used features
Reduced size of dynamically_allocated_data structure.

Reduced number of stored values in enum dupstring and enum dupblob. This
affects the reduced array placed in the UserDefined structure.

Closes #13188
2024-04-05 16:06:22 +02:00
Viktor Szakats
11d27cf341
cmake: enable -pedantic-errors for clang when CURL_WERROR=ON
clang doesn't have the issues of GCC and old CMake versions.

Note: This introduces asymmetry with autotools, which only enables
this for GCC.

Reviewed-by: Daniel Stenberg
Closes #13286
2024-04-05 13:05:36 +00:00
Viktor Szakats
f43545e91b
cmake: fix CURL_WERROR=ON for old CMake and use it in GHA/linux-old
- cmake: fix `-pedantic-errors` for old CMake with `CURL_WERROR=ON` set.

  `-pedantic-errors` option throws a warning with GCC (all versions) and
  makes `check_symbol_exists()` fail in CMake versions older than
  v3.23.0 (2022-03-29), when CMake introduced a workaround:

  https://gitlab.kitware.com/cmake/cmake/-/issues/13208
  eeb4540116
  1ab7c3cd28

  Follow-up to 3829759bd0 #12489

- set `CURL_WERROR=ON` for the `linux-old` job in CI.

Closes #13282
2024-04-05 13:05:19 +00:00
Viktor Szakats
20c1b2d75e
lib: use #error instead of invalid syntax in curl_setup_once.h
Reviewed-by: Daniel Stenberg
Closes #13287
2024-04-05 09:24:05 +00:00
Daniel Stenberg
5ae72551d9
GHA: on macOS remove $HOME/.curlrc
A recent image upgrade added a $HOME/.curlrc by default using --ipv4.

Ref: https://github.com/actions/runner-images/pull/9586
Fixes #13284
Closes #13285
2024-04-05 08:31:35 +02:00
Viktor Szakats
2cac6a49b3
cmake: fixup DEPENDS filename
Fixing:
```
make[2]: Circular docs/curl-config.1 <- docs/curl-config.1 dependency dropped.
make[2]: Circular docs/mk-ca-bundle.1 <- docs/mk-ca-bundle.1 dependency dropped.
```
Ref: https://github.com/curl/curl/actions/runs/8559617487/job/23456740844?pr=13282#step:6:18

Follow-up to 5023ffad2c #13197
Closes #13283
2024-04-04 22:58:51 +00:00
Viktor Szakats
b6f2e33118
GHA: enable unity mode for cmake jobs + tidy-ups
Unity mode is not supported by CMake v3.7.2 used in linux-old, but
enable it anyway for consistency and to kick in automatically once
migrating to a newer old Linux in the future.

Also:
- replace `CMAKE_COMPILE_WARNING_AS_ERROR` with `CURL_WERROR`.
- delete default build option `PICKY_COMPILER=ON`.

Closes #13277
2024-04-04 22:58:50 +00:00
Dan Fandrich
376cd67035 CI: Add CI build on Debian stretch to test old support
This version still has ELTS support and contains some old versions of
key components like cmake to help prevent us from breaking that support.

Closes #13029
2024-04-04 09:23:15 -07:00
Stefan Eissing
cfc65fd1ee
request: paused upload on completed download, assess connection
A transfer with a completed download that is still uploading needs to
check the connection state when it is PAUSEd, since connection
close/errors would otherwise go unnoticed.

Reported-by: Sergey Bronnikov
Fixes #13260
Closes #13271
2024-04-04 11:45:19 +02:00
Daniel Stenberg
d5e83eb745
url: do not URL decode proxy crendentials
The two options CURLOPT_PROXYUSERNAME and CURLOPT_PROXYPASSWORD set the
actual names as-is, not URL encoded.

Modified test 503 to use percent-encoded strings in the credential
strings that should be passed on as-is.

Reported-by: Sergey Ogryzkov
Fixes #13265
Closes #13270
2024-04-04 11:35:19 +02:00
Viktor Szakats
29bfde9fea
appveyor: enable cmake unity mode by default
Leave one non-unity cmake job. This makes the jobs finish slightly
quicker, while giving more coverage for unity issues.

Before:
https://ci.appveyor.com/project/curlorg/curl/builds/49496977
https://ci.appveyor.com/project/curlorg/curl/builds/49500372
After:
https://ci.appveyor.com/project/curlorg/curl/builds/49500338

Also fixup unrelated whitespace.

Reviewed-by: Daniel Stenberg
Closes #13217
2024-04-04 09:31:11 +00:00
Daniel Stenberg
9496d1d678
RELEASE-NOTES: synced 2024-04-04 11:29:34 +02:00
Viktor Szakats
bb84f82476
cmake: speed up libcurl doc building again
This time limit the number of files per command to avoid exceeding
limitations of certain OS/shell envs.

Such known env is Windows with the `cmd.exe` shell, which features an
8K command-line length limit to this day.

Allowlisting `UNIX` to have no limit and using a limit of 200 for other
envs to be safe. If there is a way to detect `cmd.exe` and/or we know
which precise envs are sensitive to this, we can tweak these conditions
further.

Even with the low limit, this patch reduces external commands by 200x,
making builds much faster.

Ref: #12762 2620aa930b (initial)
Ref: #13047 f03c85635f (revert)

Reviewed-by: Daniel Stenberg
Closes #13207
2024-04-04 09:21:17 +00:00
Viktor Szakats
19f4263f26
cmake: tidy-up to use WORKING_DIRECTORY
Reviewed-by: Daniel Stenberg
Closes #13206
2024-04-04 09:21:17 +00:00
Viktor Szakats
5023ffad2c
cmake: generate misc manpages and install mk-ca-bundle.pl
- install `mk-ca-bundle.pl` like autotools does.

- generate and install `mk-ca-bundle.1` and `curl-config.1` like
  autotools. This fixes tests 1140 and 1173.

  Reported-by: Dan Fandrich
  Fixes #13194

- add option `BUILD_MISC_DOCS` to control building the above two
  manpages. Enabled by default.

- appveyor: stop disabling tests 1140 and 1173.

Reviewed-by: Daniel Stenberg
Closes #13197
2024-04-04 09:20:04 +00:00
Fabian Keil
a15342ddc0
wolfssl: plug memory leak in wolfssl_connect_step2()
Fixes:

     test 2034...[simple HTTPS GET with DER public key pinning]
     ==61829== 22,610 (3,744 direct, 18,866 indirect) bytes in 1 blocks are definitely lost in loss record 51 of 54
     ==61829==    at 0x484BB74: malloc (vg_replace_malloc.c:446)
     ==61829==    by 0x4B53A80: wolfSSL_Malloc (memory.c:344)
     ==61829==    by 0x4C1C8E1: wolfSSL_X509_new (x509.c:5326)
     ==61829==    by 0x4C3977D: d2i_X509orX509REQ (x509.c:3628)
     ==61829==    by 0x4C1D1F4: wolfSSL_X509_d2i (x509.c:3664)
     ==61829==    by 0x4C1C37B: wolfSSL_X509_dup (x509.c:13425)
     ==61829==    by 0x4C197DB: wolfSSL_get_peer_certificate (ssl.c:18765)
     ==61829==    by 0x33297C: wolfssl_connect_step2 (wolfssl.c:875)
     ==61829==    by 0x331669: wolfssl_connect_common (wolfssl.c:1287)
     ==61829==    by 0x3303E9: wolfssl_connect_nonblocking (wolfssl.c:1319)
     ==61829==    by 0x32FE89: ssl_connect_nonblocking (vtls.c:510)
     ==61829==    by 0x32DBE5: ssl_cf_connect (vtls.c:1679)
     ==61829==    by 0x27ABD7: Curl_conn_cf_connect (cfilters.c:307)
     ==61829==    by 0x27D9CF: cf_setup_connect (connect.c:1199)
     ==61829==    by 0x27ABD7: Curl_conn_cf_connect (cfilters.c:307)
     ==61829==    by 0x283CEA: cf_hc_baller_connect (cf-https-connect.c:135)

Closes #13272
2024-04-04 08:56:43 +02:00
Viktor Szakats
b62454a875
appveyor: OpenSSL 3 no longer found by CMake, revert to 1.1.1
OpenSSL moved directories, and bumped versions in AppVeyor CI.

Downgrading is not an ideal solution, but however trivial the solution
may be, I failed to come with anything that made CMake recognize either
OpenSSL 3.1 or 3.2.

Possibly caused by:
702e8cdca0
https://github.com/appveyor/build-images/pull/149

Closes #13266
2024-04-03 14:30:55 +00:00
hongfei.li
ffa8a385a0
winbuild: use $(RC) correctly
Cloes #13267
2024-04-03 14:45:42 +02:00
Daniel Stenberg
60971d665b
dist: remove the curl-config.1 from the tarball
The markdown file is already there and the .1 file gets generated in the
build.

Ref: #13250
Closes #13268
2024-04-03 13:16:39 +02:00
Daniel Stenberg
df3d5ef25e
curl_global_trace.md: shorten the description
Closes #13263
2024-04-02 23:39:39 +02:00
Daniel Stenberg
308cc482ef
test1901: verify chunked POST from callback with CURLOPT_POSTFIELDSIZE set
Follow-up to 721941aadf

Ref: #13257
Closes #13262
2024-04-02 23:38:35 +02:00
Stefan Eissing
721941aadf
http: with chunked POST forced, disable length check on read callback
- when an application forces HTTP/1.1 chunked transfer encoding
  by setting the corresponding header and instructs curl to use
  the CURLOPT_READFUNCTION, disregard any POST length information.
- this establishes backward compatibility with previous curl versions

Applications are encouraged to not force "chunked", but rather
set length information for a POST. By setting -1, curl will
auto-select chunked on HTTP/1.1 and work properly on other HTTP
versions.

Reported-by: Jeff King
Fixes #13229
Closes #13257
2024-04-02 08:41:44 +02:00
Jay Satiro
d36c1a7691 INSTALL-CMAKE.md: explain cmake -G <generator-name>
- Explain that CMake's -G option can be used to specify which build
  system to generate files for.

Example: cmake ../curl -G "MinGW Makefiles"

Ref: https://github.com/curl/curl/pull/12224#issuecomment-2026813645

Closes https://github.com/curl/curl/pull/13244
2024-04-01 18:51:06 -04:00
Daniel Stenberg
6afac4f992
libcurl-opts: mention pipelining less
libcurl has not supported HTTP pipelining since many years. Remove a few
(more) mentions of the feature.

Closes #13254
2024-04-01 14:41:52 +02:00
Daniel McCarney
5a50cb5a18
m4: reposition USE_RUSTLS="yes" for pkg-config
It's necessary to set this var to "yes" _after_ AC_DEFINE and AC_SUBST
in order for a later `test` to pass so that `check_for_ca_bundle=1` ends
up being set. This is in turn required for the default CA certificate
bundle to be set when building w/ rustls & pkg-config.

Reported-by: Matt Jolly
Fixes #13248
Closes #13251
2024-03-31 23:22:17 +02:00
Daniel Stenberg
5418812d34
maketgz: put docs/RELEASE-TOOL.md into the tarball
Generated with scripts/release-tools.sh

The script lists the exact Debian package names and version numbers for
the tools that are used to generate the tarball.

Closes #13239
2024-03-31 21:27:13 +02:00
Daniel Stenberg
afdd112916
cd2nroff/manage: use UTC when SOURCE_DATE_EPOCH is set
Make them independent of the TZ setting. Also set a date string like
YYYY-MM-DD to avoid a local month name in the date.

Reported-by: Carlos Henrique Lima Melara
Fixes #13242
Closes #13243
2024-03-31 21:25:44 +02:00
Daniel Stenberg
e7caf09c04
RELEASE-NOTES: synced 2024-03-31 16:35:08 +02:00
Daniel Stenberg
271896ab33
docs/MAIL-ETIQUETTE: convert to markdown
To render nicer. To get spellchecked.

Closes #13247
2024-03-31 15:32:27 +02:00
Daniel Stenberg
86d33001e4
reuse: add copyright + license info to individual docs/*.md files
Instead of use 'docs/*.md' in dep5. For clarity and avoiding a wide-
matching wildcard.

+ Remove mention of old files from .reuse/dep5
+ add info to .github/dependabot.yml
+ make scripts/copyright.pl warn on non-matching patterns

Closes #13245
2024-03-31 12:01:18 +02:00
Daniel Stenberg
315373334b
test470: warn about unicode quote character read from config file
Idea-by: Emanuele Torre
2024-03-31 12:00:03 +02:00
Daniel Stenberg
95af421b78
test469: verify warning when argument has unicode quote 2024-03-31 12:00:03 +02:00
Daniel Stenberg
94db8e5c27
tool_getparam: output warning for leading unicode quote character
... in the option argument.

Typically this is a mistake done when copying example command lines from
online documentation using the wrong quote character.

Presumably there are also other potential quote characters that might be
used, and this check is done without even knowing that unicode is used!

Reported-by: Sanjay Pujare
Fixes #13214
Closes #13215
2024-03-31 11:59:54 +02:00
Daniel Stenberg
aba8043075
tool: follow-up getenv fix
Remove a double free. Change the IPFS env use to a plain getenv() simply
because coverity gets confused.

Follow-up to 9126b141c9
Closes #13241
2024-03-31 11:04:00 +02:00
Daniel Stenberg
6a43d0d742
idn: make Curl_idnconvert_hostname() use Curl_idn_decode()
In the name of less code duplication

Closes #13236
2024-03-31 11:02:44 +02:00
Daniel Stenberg
e54a66aa6c
curl-confopts.m4: define CARES_NO_DEPRECATED when c-ares is used
Starting in 1.28.0 c-ares added deprecation warnings for some API calls
libcurl uses.

Closes #13240
2024-03-31 11:01:28 +02:00
Daniel Stenberg
3208360845
vquic: use CURL_FORMAT_CURL_OFF_T for 64 bit printf output
Reported-by: Keitagit-kun on github
Fixes #13224
Closes #13231
2024-03-31 10:59:55 +02:00
Daniel Stenberg
56935a7dad
openldap: create ldap URLs correctly for IPv6 addresses
Reported-by: Sergio Durigan Junior
Fixes #13228
Closes #13235
2024-03-30 22:50:26 +01:00