Commit Graph

395 Commits

Author SHA1 Message Date
Viktor Szakats
c09466abff
egd: delete feature detection and related source code
EGD is Entropy Gathering Daemon, a socket-based entropy source supported
by pre-OpenSSL v1.1 versions and now deprecated. curl also deprecated it
a while ago.

Its detection in CMake was broken all along because OpenSSL libs were
not linked at the point of feature check.

Delete detection from both cmake and autotools, along with the related
source snippet, and the `--with-egd-socket=` `./configure` option.

Closes #11556
2023-08-01 21:58:56 +00:00
Daniel Stenberg
7c8bae0d9c
nss: remove support for this TLS library
Closes #11459
2023-07-29 23:44:28 +02:00
Ryan Schmidt
8b7cbe9dec
macOS: fix target detection more
Now SCDynamicStoreCopyProxies is called (and the required frameworks are
linked in) on all versions of macOS and only on macOS. Fixes crash due
to undefined symbol when built with the macOS 10.11 SDK or earlier.

CURL_OSX_CALL_COPYPROXIES is renamed to CURL_MACOS_CALL_COPYPROXIES and
is now only defined when SCDynamicStoreCopyProxies will actually be
called. Previously, it was defined when ENABLE_IPV6 was not defined but
SCDynamicStoreCopyProxies is not called in that case.

TARGET_OS_OSX is only defined in the macOS 10.12 SDK and later and only
when dynamic targets are enabled. TARGET_OS_MAC is always defined but
means any Mac OS or derivative including macOS, iOS, tvOS, and watchOS.
TARGET_OS_IPHONE means any Darwin OS other than macOS.

Follow-up to c73b2f82

Fixes #11502
Closes #11516
2023-07-29 23:42:53 +02:00
Futaura
6290bdf0ec
amissl: fix AmiSSL v5 detection
Due to changes in the AmiSSL SDK, the detection needed adjusting.

Closes #11477
2023-07-21 12:45:11 +02:00
Daniel Stenberg
127eb0d83a
misc: fix spelling mistakes
Reported-by: musvaage on github
Fixes #11171
Closes #11172
2023-05-23 10:42:09 +02:00
Daniel Stenberg
b78ca50cb3
configure: generate a script to run the compiler
in the CURL_RUN_IFELSE macro, with LD_LIBRARY_PATH set to the value of
the configure invoke, and not the value that might be used later,
intended for the execution of the output the compiler ouputs.

For example when the compiler uses the same library (like libz) that
configure checks for.

Reported-by: Jonas Bülow
Fixes #11114
Closes #11120
2023-05-18 20:57:11 +02:00
Viktor Szakats
81c9c8cd39
autotools: sync up clang picky warnings with cmake
Bringing missing options over from CMake.

Move around existing `-Wno-pointer-bool-conversion` option to come
_after_ `-Wconversion`.

Reviewed-by: Marcel Raad
Closes #10974
2023-04-17 11:35:56 +00:00
Jim King
34ef4fab22
openssl: interop with AWS-LC
* Configure changes to detect AWS-LC
* CMakeLists.txt changes to detect AWS-LC
* Compile-time branches needed to support AWS-LC
* Correctly set OSSL_VERSION and report AWS-LC release number
* GitHub Actions script to build with autoconf and cmake against AWS-LC

AWS-LC is a BoringSSL/OpenSSL derivative
For more information see https://github.com/awslabs/aws-lc/

Closes #10320
2023-03-30 10:56:14 +02:00
Jan Engelhardt
73e9e6d767
build: drop the use of XC_AMEND_DISTCLEAN
Because automake used to delete depdirs at once (.deps) and there was an issue
with portability, curl's XC_AMEND_DISTCLEAN greps the Makefiles in an attempt
to build a list of all depfiles and delete them individually instead.

Since commit 08849db866b44510f6b8fd49e313c91a43a3dfd3, automake switched from
deleting directories to individual files. curl's custom logic now finds a lot
more results with the grep (the filtering of these results isn't great), which
causes a massive bloating of the Makefile in the order of O(n^2).

Also remove now-unused XC_AMEND_DISTCLEAN macro group

References: https://github.com/curl/curl/issues/9843
References: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=59288

Reported-by: Ilmari Lauhakangas
Fixes #9843
Closes #10661
2023-03-03 09:54:44 +01:00
Jay Satiro
cab040248d curl_setup: Suppress OpenSSL 3 deprecation warnings
- Define OPENSSL_SUPPRESS_DEPRECATED.

OpenSSL 3 has deprecated some of the functions libcurl uses such as
those with DES, MD5 and ENGINE prefix. We don't have replacements for
those functions so the warnings were disabled in autotools and cmake
builds, but still showed in other builds.

Closes https://github.com/curl/curl/pull/10543
2023-02-18 19:02:37 -05:00
Daniel Stenberg
2bc1d775f5
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING

checksrc is updated to allow non-year using copyright statements

Closes #10205
2023-01-03 09:19:21 +01:00
Daniel Stenberg
42aa4e1a70
curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS
As OpenSSL's include files are all included using <openssl/*.h> in curl
source code, we just risk that existing openssl files will "shadow"
include files without path if that path is provided.

Fixes #9989
Closes #9988
2022-11-28 17:27:27 +01:00
Stefan Eissing
55807e6c05
tls: backends use connection filters for IO, enabling HTTPS-proxy
- OpenSSL (and compatible)
 - BearSSL
 - gnutls
 - mbedtls
 - rustls
 - schannel
 - secure-transport
 - wolfSSL (v5.0.0 and newer)

 This leaves only the following without HTTPS-proxy support:
 - gskit
 - nss
 - wolfSSL (versions earlier than v5.0.0)

Closes #9962
2022-11-28 13:56:23 +01:00
Stefan Eissing
89ee5cfb38
curl-rustls.m4: on macOS, rustls also needs the Security framework
Closes #9883
2022-11-10 17:50:51 +01:00
Daniel Stenberg
592107fa16
configure: require fork for NTLM-WB
Reported-by: ウさん

Fixes #9847
Closes #9856
2022-11-06 00:04:47 +01:00
Petr Štetiar
8af6b087e0
curl-wolfssl.m4: error out if wolfSSL is not usable
When I explicitly declare, that I would like to have curl built with
wolfSSL support using `--with-wolfssl` configure option, then I would
expect, that either I endup with curl having that support, for example
in form of https support or it wouldn't be available at all.

Downstream projects like for example OpenWrt build curl wolfSSL variant
with `--with-wolfssl` already, but in certain corner cases it does fail:

  configure:25299: checking for wolfSSL_Init in -lwolfssl
  configure:25321: x86_64-openwrt-linux-musl-gcc -o conftest [snip]
  In file included from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/dsa.h:33,
                   from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/asn_public.h:35,
                  from target-x86_64_musl/usr/include/wolfssl/ssl.h:35,
                   from conftest.c:47:
  target-x86_64_musl/usr/include/wolfssl/wolfcrypt/integer.h:37:14: fatal error: wolfssl/wolfcrypt/sp_int.h: No such file or directory
       #include <wolfssl/wolfcrypt/sp_int.h>
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
  compilation terminated.

and in the end thus produces curl without https support:

 curl: (1) Protocol "https" not supported or disabled in libcurl

So fix it, by making the working wolfSSL mandatory and error out in
configure step when that's not the case:

 checking for wolfSSL_Init in -lwolfssl... no
 configure: error: --with-wolfssl but wolfSSL was not found or doesn't work

References: https://github.com/openwrt/packages/issues/19005
References: https://github.com/openwrt/packages/issues/19547
Signed-off-by: Petr Štetiar <ynezz@true.cz>

Closes #9682
2022-10-10 11:17:53 +02:00
Viktor Szakats
61c7ccab83
autotools: allow --enable-symbol-hiding with windows
This local autotools logic was put in place in
9e24b9c7af (in 2012) which disabled it for
Windows unconditionally. Testing reveals that it actually works with
tested toolchains (mingw-w64 and CI ones), so let's allow this build
feature on that platform. Bringing this in sync with CMake, which already
supported this.

Reviewed-by: Jay Satiro

Closes #9586
2022-09-25 22:19:13 +00:00
Daniel Stenberg
b23ce2cee7
curl-compilers.m4: for gcc + want warnings, set gnu89 standard
To better verify that the code is C89

Closes #9542
2022-09-23 08:27:43 +02:00
Daniel Stenberg
51083a197c
curl-compilers.m4: use -O2 as default optimize for clang
Not -Os

Closes #9444
2022-09-06 18:47:48 +02:00
Viktor Szakats
c9061f242b
misc: spelling fixes
Found using codespell 2.2.1.

Also delete the redundant protocol designator from an archive.org URL.

Reviewed-by: Daniel Stenberg
Closes #9403
2022-08-31 14:31:01 +00:00
Daniel Stenberg
9e11c2791f
configure: introduce CURL_SIZEOF
This is a rewrite of the previously used GPLv3+exception licensed
file. With this change, there is no more reference to GPL so we can
remove that from LICENSES/.

Ref: #9220
Closes #9291
2022-08-11 09:07:02 +02:00
Futaura
c6631e827d
configure: fixup bsdsocket detection code for AmigaOS 4.x
The code that detects bsdsocket.library for AmigaOS did not work
for AmigaOS 4.x. This has been fixed and also cleaned up a little
to reduce duplication. Wasn't technically necessary before, but is
required when building with AmiSSL instead of OpenSSL.

Closes #9268
2022-08-08 15:49:28 +02:00
Futaura
e1acfafa49
amissl: make AmiSSL v5 a minimum requirement
AmiSSL v5 is the latest version, featuring a port of OpenSSL 3.0.
Support for previous OpenSSL 1.1.x versions has been dropped, so
makes sense to enforce v5 as the minimum requirement. This also
allows all the AmiSSL stub workarounds to be removed as they are
now provided in a link library in the AmiSSL SDK.

Closes #9267
2022-08-08 09:16:01 +02:00
Daniel Stenberg
3f5b66c13d
curl-compilers.m4: make icc use -diag* options and disable two warnings
-wd and -we are deprecated and are now -diag-disable and -diag-error

Disable warning 1024 and 2259

Closes #9179
2022-07-23 13:38:24 +02:00
Daniel Katz
e7511f853a
curl-functions.m4: check whether atomics can link rather than just compile
Some build toolchains support C11 atomics (i.e., _Atomic types), but
will not link the associated atomics runtime unless a flag is passed. In
such an environment, linking an application with libcurl.a can fail due
to undefined symbols for atomic load/store functions.

I encountered this behavior when upgrading curl to 7.84.0 and attempting
to build with Solaris Studio 12.6. Solaris provides the flag
-xatomic=[gcc | studio], allowing users to link to one of two atomics
runtime implementations. However, if the user does not provide this
flag, then neither runtime is linked. This led to builds failing in CI.

Closes #9190
2022-07-21 16:30:19 +02:00
Rosen Penev
6657602f50
curl-wolfssl.m4: add options header when building test code
Needed for certain configurations of wolfSSL. Otherwise, missing header
error may occur.

Tested with OpenWrt.

Closes #9187
2022-07-20 10:18:05 +02:00
Daniel Stenberg
24694cb3ea
curl-confopts: remove leftover AC_REQUIREs
configure.ac:3488: warning: CURL_CHECK_FUNC_IOCTL is m4_require'd but not m4_defun'd
configure.ac:3488: warning: CURL_CHECK_FUNC_SETSOCKOPT is m4_require'd but not m4_defun'd

follow-up from 4d73854462

Closes #9183
2022-07-19 21:05:25 +02:00
Viktor Szakats
4d73854462
tidy-up: delete unused build configuration macros
Most of them feature guards:

- `CURL_INCLUDES_SYS_UIO` [1]
- `HAVE_ALLOCA_H` [2]
- `HAVE_CRYPTO_CLEANUP_ALL_EX_DATA` (unused since de71e68000)
- `HAVE_DLFCN_H`
- `HAVE_DLOPEN`
- `HAVE_DOPRNT`
- `HAVE_FCNTL`
- `HAVE_GETHOSTBYNAME` [3]
- `HAVE_GETOPT_H`
- `HAVE_GETPASS`
- `HAVE_GETPROTOBYNAME`
- `HAVE_GETSERVBYNAME`
- `HAVE_IDN_FREE*`
- `HAVE_INET_ADDR`
- `HAVE_IOCTL`
- `HAVE_KRB4`
- `HAVE_KRB_GET_OUR_IP_FOR_REALM`
- `HAVE_KRB_H`
- `HAVE_LDAPSSL_H`
- `HAVE_LDAP_INIT_FD`
- `HAVE_LIBDL`
- `HAVE_LIBNSL`
- `HAVE_LIBRESOLV*`
- `HAVE_LIBUCB`
- `HAVE_LL`
- `HAVE_LOCALTIME_R`
- `HAVE_MALLOC_H`
- `HAVE_MEMCPY`
- `HAVE_MEMORY_H`
- `HAVE_NETINET_IF_ETHER_H`
- `HAVE_NI_WITHSCOPEID`
- `HAVE_OPENSSL_CRYPTO_H`
- `HAVE_OPENSSL_ERR_H`
- `HAVE_OPENSSL_PEM_H`
- `HAVE_OPENSSL_PKCS12_H`
- `HAVE_OPENSSL_RAND_H`
- `HAVE_OPENSSL_RSA_H`
- `HAVE_OPENSSL_SSL_H`
- `HAVE_OPENSSL_X509_H`
- `HAVE_PEM_H`
- `HAVE_POLL`
- `HAVE_RAND_SCREEN`
- `HAVE_RAND_STATUS`
- `HAVE_RECVFROM`
- `HAVE_SETSOCKOPT`
- `HAVE_SETVBUF`
- `HAVE_SIZEOF_LONG_DOUBLE`
- `HAVE_SOCKIO_H`
- `HAVE_SOCK_OPTS`
- `HAVE_STDIO_H`
- `HAVE_STRCASESTR`
- `HAVE_STRFTIME`
- `HAVE_STRLCAT`
- `HAVE_STRNCMPI`
- `HAVE_STRNICMP`
- `HAVE_STRSTR`
- `HAVE_STRUCT_IN6_ADDR`
- `HAVE_TLD_H`
- `HAVE_TLD_STRERROR`
- `HAVE_UNAME`
- `HAVE_USLEEP`
- `HAVE_WINBER_H`
- `HAVE_WRITEV`
- `HAVE_X509_H`
- `LT_OBJDIR`
- `NEED_BASENAME_PROTO`
- `NOT_NEED_LIBNSL`
- `OPENSSL_NO_KRB5`
- `RECVFROM_TYPE*`
- `SIZEOF_LONG_DOUBLE`
- `STRERROR_R_TYPE_ARG3`
- `USE_YASSLEMUL`
- `_USRDLL` (from CMake) [4]

[1] Related parts in `m4/curl-functions.m4` and `configure.ac` might
    also be deleted.

[2] Related comment can possibly be deleted in
    `packages/vms/generate_config_vms_h_curl.com`.

[3] There are more instances of this in autotools, but I did not dare to
    touch those. Looked like it's used to detect socket support.

[4] This is necessary for MFC (Microsoft Foundation Class) DLLs to
    force linking MFC components statically to the DLL. `libcurl.dll`
    does not use MFC, so we can delete this define.
    Ref: https://docs.microsoft.com/cpp/build/regular-dlls-statically-linked-to-mfc

Script that can help finding unused settings like above:
```shell

autoheader configure.ac  # generate lib/curl_config.h.in

{
  grep -o -E    'set\([A-Z][A-Z0-9_]{3,}'          CMake/Platforms/WindowsCache.cmake | sed -E 's|set\(||g'
  grep -o -E -h '#define +[A-Z][A-Z0-9_]{3,}'      lib/config-*.h                     | sed -E 's|#define +||g'
  grep -o -E    '#cmakedefine +[A-Z][A-Z0-9_]{3,}' lib/curl_config.h.cmake            | sed -E 's|#cmakedefine +||g'
  grep -o -E    '#undef +[A-Z][A-Z0-9_]{3,}'       lib/curl_config.h.in               | sed -E 's|#undef +||g'
} | sort -u | grep -v -F 'HEADER_CURL_' | while read -r def; do
  c="$(git grep -w -F "${def}" | grep -v -E -c '(/libcurl\.tmpl|^lib/config-|^lib/curl_config\.h\.cmake|^CMakeLists\.txt|^CMake/Platforms/WindowsCache\.cmake|^packages/vms/config_h\.com|^m4/curl-functions\.m4|^acinclude\.m4|^configure\.ac)')"
  if [ "${c}" = '0' ]; then
    echo "${def}"
  fi
done
```

Reviewed-by: Daniel Stenberg
Closes #9044
2022-07-19 15:12:19 +00:00
Daniel Stenberg
a68074b5db
configure: check for the stdatomic.h header in configure
... and only set HAVE_ATOMIC if that header exists since we use
typedefes set in it.

Reported-by: Ryan Schmidt
Fixes #9059
Closes #9060
2022-06-28 16:58:12 +02:00
max.mehl
ad9bc5976d
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.

This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.

Closes #8869
2022-06-13 09:13:00 +02:00
Thomas Guillem
23af112f55
lib: make curl_global_init() threadsafe when possible
Use a posix pthread or a Windows SRWLOCK to lock curl_global_init*() and
curl_global_cleanup().

Closes #8680
2022-06-07 13:34:03 +02:00
Elms
835a205370
wolfSSL: explicitly use compatibility layer
This change removes adding an include `$prefix/wolfssl` or similar to
allow for openssl include aliasing. Include paths of `wolfssl/openssl/`
are used to explicitly use wolfSSL includes. This fixes cmake builds as
well as avoiding potentially using openSSL headers since include path
order is not guaranteed.

Closes #8864
2022-05-17 16:58:03 +02:00
gaoxingwang on github
053c27c184
configure: fix '--enable-code-coverage' typo
Fixes #8425
Closes #8426
2022-02-10 16:13:43 +01:00
Daniel Stenberg
ff4bf6bfb5
configure: remove support for "embedded ares"
In March 2010 (commit 4259d2df7d) we removed the embedded 'ares'
directory from the curl source tree but we have since supported
especially detecting and using that build directory. The time has come
to remove that kludge and ask users to specify the c-ares dir correctly
with --enable-ares.

Closes #8397
2022-02-07 23:27:57 +01:00
Marcel Raad
fe9440fa72
curl-openssl: fix SRP check for OpenSSL 3.0
When OpenSSL 3.0 is built with `--api=3.0` and `no-deprecated`, the SRP
functions exist in the library, but are disabled for user code. Check
if they are actually usable instead of only if they exist. Also, check
for the functions actually required for TLS-SRP.

TLS-SRP support is still enabled if OpenSSL is configured with just
`--api=3.0` or with `--api=1.1.1 no-deprecated`.

Closes https://github.com/curl/curl/pull/8394
2022-02-07 15:20:02 +01:00
Daniel Stenberg
f6088822ce
misc: remove the final watcom references
Follow-up to bbf8cae44d

We removed support for the watcom builds files back in September
2020. This removes all remaining watcom references and ifdefs.

Closes #8287
2022-01-17 08:49:25 +01:00
Daniel Stenberg
90dd1fc664
misc: remove BeOS code and references
There has not been a mention of this OS in any commit since December
2004 (58f4af7973). The OS is also long gone.

Closes #8288
2022-01-17 08:47:23 +01:00
Daniel Stenberg
66250c4d51
curl-openssl: remove the OpenSSL headers and library versions check
It is more work to maintain that check than the (any?) benefit it
brings.

Fixes #8279
Reported-by: Satadru Pramanik
Closes #8280
2022-01-15 16:02:23 +01:00
Marcel Raad
7740600015 build: enable -Warith-conversion
This makes the behavior consistent between GCC 10 and earlier versions.

Closes https://github.com/curl/curl/pull/8271
2022-01-13 16:23:07 +01:00
Marcel Raad
813c984962 build: fix -Wenum-conversion handling
Don't enable that warning when warnings are disabled.
Also add it to CMake.

Closes https://github.com/curl/curl/pull/8271
2022-01-13 16:23:03 +01:00
Daniel Stenberg
cefc2e6897
curl-functions.m4: revert DYLD_LIBRARY_PATH tricks in CURL_RUN_IFELSE
Mostly reverts ba0657c343, but now instead just run the plain macro on
darwin. The approach as used on other platforms is simply not necessary
on macOS.

Fixes #8229
Reported-by: Ryan Schmidt
Closes #8247
2022-01-12 09:03:01 +01:00
Daniel Stenberg
223f26c28a
mesalink: remove support
Mesalink has ceased development. We can no longer encourage use of it.
It seems to be continued under the name TabbySSL, but no attempts have
(yet) been to make curl support it.

Fixes #8188
Closes #8191
2022-01-10 11:27:59 +01:00
Satadru Pramanik
e39421cef3
curl-functions.m4: fix LIBRARY_PATH adjustment to avoid eval
$$ usage in a m4 file introduces the PID in linux.
Instead, just duplicate previous working code with a case switch.

Fixes #8229
Closes #8230
2022-01-05 22:41:37 +01:00
Daniel Stenberg
e9021838db
m4/curl-compilers: tell clang -Wno-pointer-bool-conversion
To hush compiler warnings we don't care for: error: address of function
'X' will always evaluate to 'true'

Fixes #8197
Closes #8198
2021-12-29 23:20:57 +01:00
Jay Satiro
79d6057f1b openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+
Prior to this change OpenSSL_version was only detected in configure
builds. For other builds the old version parsing code was used which
would result in incorrect versioning for OpenSSL 3:

Before:

curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.0a zlib/1.2.11
WinIDN libssh2/1.9.0

After:

curl 7.80.0 (i386-pc-win32) libcurl/7.80.0 OpenSSL/3.0.1 zlib/1.2.11
WinIDN libssh2/1.9.0

Reported-by: lllaffer@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/8154
Closes https://github.com/curl/curl/pull/8155
2021-12-16 13:49:52 -05:00
Bernhard Walle
ba0657c343
configure: fix runtime-lib detection on macOS
With a non-standard installation of openssl we get this error:

    checking run-time libs availability... failed
    configure: error: one or more libs available at link-time are not available run-time. Libs used at link-time: -lnghttp2 -lssl -lcrypto -lssl -lcrypto -lz

There's already code to set LD_LIBRARY_PATH on Linux, so set
DYLD_LIBRARY_PATH equivalent on macOS.

Closes #8028
2021-11-18 11:27:48 +01:00
Jacob Hoffman-Andrews
72a63aa466
configure: add -lm to configure for rustls build.
Note: The list of libraries that rustc tells us we need to include is
longer, but also includes some more platform-specific libraries that I
am not sure how to effectively incorporate. Adding just -lm seems to
solve an immediate problem, so I'm adding just that.

Closes #8002
2021-11-13 11:14:00 +01:00
Kevin Burke
b7757c2b81
vtls/rustls: update to compile with rustls-ffi v0.8.0
Some method names, as well as the generated library name, were changed
in a recent refactoring.

Further, change the default configuration instructions to check for
Hyper in either "target/debug" or "target/release" - the latter
contains an optimized build configuration.

Fixes #7947
Closes #7948
2021-11-11 13:47:25 +01:00
Daniel Stenberg
0c2d3118aa
curl-confopts.m4: remove --enable/disable-hidden-symbols
These configure options have been saying "deprecated" since 9e24b9c7af
(April 2012). It was about time we remove them.

Closes #7891
2021-10-22 12:55:43 +02:00
Daniel Stenberg
ccb466fd36
misc: update copyright years 2021-10-15 17:07:19 +02:00