Commit Graph

30344 Commits

Author SHA1 Message Date
Daniel Stenberg
9ed7d56e04
hostip: enforce a maximum DNS cache size independent of timeout value
To reduce the damage an application can cause if using -1 or other
ridiculous timeout values and letting the cache live long times.

The maximum number of entries in the DNS cache is now totally
arbitrarily and hard-coded set to 29999.

Closes #11084
2023-05-08 14:55:26 +02:00
Daniel Stenberg
f62557276a
hostip: store dns timeout as 'int'
... because it set and held as an 'int' elsewhere and can never be
larger.
2023-05-08 14:55:19 +02:00
Daniel Stenberg
86535e30af
RELEASE-NOTES: synced 2023-05-08 14:41:11 +02:00
Daniel Stenberg
39a33fcac0
tool_operate: refuse (--data or --form) and --continue-at combo
libcurl assumes that a --continue-at resumption is done to continue an
upload using the read callback and neither --data nor --form use
that and thus won't do what the user wants. Whatever the user wants
with this strange combination.

Add test 426 to verify.

Reported-by: Smackd0wn on github
Fixes #11081
Closes #11083
2023-05-08 14:10:44 +02:00
Daniel Stenberg
fb7886b9c9
transfer: refuse POSTFIELDS + RESUME_FROM combo
The code assumes that such a resume is wanting to continue an upload
using the read callback, and since POSTFIELDS is done without callback
libcurl will just misbehave.

This combo will make the transfer fail with CURLE_BAD_FUNCTION_ARGUMENT
with an explanation in the error message.

Reported-by: Smackd0wn on github
Fixes #11081
Closes #11083
2023-05-08 14:10:34 +02:00
Daniel Stenberg
39434db41f
ipv4.d/ipv6.d: they are "mutex", not "boolean"
... which for example means they do not have --no-* versions.

Reported-by: Harry Sintonen
Fixes #11085
Closes #11086
2023-05-08 14:09:40 +02:00
Daniel Stenberg
5a7ae421c5
docs/SECURITY-ADVISORY.md: how to write a curl security advisory
Closes #11080
2023-05-08 09:40:29 +02:00
nobedee on github
62ba84a2ab
MANUAL.md: add dict example for looking up a single definition
Closes #11077
2023-05-05 23:49:25 +02:00
Dan Fandrich
3d75029859 runtests: fix -c option when run with valgrind
The curl binary argument wasn't being quoted properly. This seems to
have broken at some point after quoting was added in commit 606b29fe.

Reported-by: Daniel Stenberg
Ref: #11073
Fixes #11074
Closes #11076
2023-05-05 09:52:38 -07:00
Dan Fandrich
faebcee349 runtests: support creating more than one runner process
The controller currently only creates and uses one, but more are now
possible.

Ref: #10818
2023-05-05 00:45:43 -07:00
Dan Fandrich
38465f9a55 runtests: spawn a new process for the test runner
When the -j option is given, a new process is spawned in which the test
programs are run and from which test servers are started. Only one
process can be started at once, but this is sufficient to test that the
infrastructure can isolate those functions in a new task. There should
be no visible difference between the two modes at the moment.

Ref: #10818
Closes #11064
2023-05-05 00:45:43 -07:00
Dan Fandrich
d4a1b5b60c runtests: turn singletest() into a state machine
This allows it to run in a non-blocking manner.

Ref: #10818
2023-05-05 00:45:43 -07:00
Dan Fandrich
a98277fcc7 runtests: change runner interface to be asynchronous
Program arguments are marshalled and then written to the end of a pipe
which is later read from and the arguments unmarshalled before the
desired function is called normally.  The function return values are
then marshalled and written into another pipe when is later read from
and unmarshalled before being returned to the caller.

The implementation is currently blocking but can be made non-blocking
without any changes to the API.  This allows calling multiple runners
without blocking in the future.

Ref: #10818
2023-05-05 00:45:43 -07:00
Dan Fandrich
0754de758a runtests: call citest_finishtest in singletest
This is where citest_starttest is called.

Ref: #10818
2023-05-05 00:45:43 -07:00
Dan Fandrich
d4d22adf40 runtests: add a runner initialization function
This sets up the runner environment to start running tests.

Ref: #10818
2023-05-05 00:45:43 -07:00
Dan Fandrich
82fa5ca836 runtests: remove directory from server filename variables
There will soon be multiple log directories so the paths will no longer
be static in runtests.pl. Also, get rid of $SERVER2IN which was not
used.

Ref: #10818
2023-05-05 00:45:43 -07:00
Dan Fandrich
b71a0c3ec9 runtests: reduce package exports after refactoring
Some recent refactoring made these export no longer necessary. Also,
stop displaying the Unix socket paths at startup since there will soon
be many of them and they're not that interesting.

Ref: #10818
2023-05-05 00:45:43 -07:00
Dan Fandrich
9fdad9dea1 runtests: use a function to obtain $LOGDIR for a test
This will no longer be static soon.

Ref: #10818
2023-05-05 00:45:43 -07:00
Jay Satiro
30ba26d9c3 tool_cb_hdr: Fix 'Location:' formatting for early VTE terminals
- Disable hyperlink formatting for the 'Location:' header value in VTE
  0.48.1 and earlier, since it is buggy in some of those versions.

Prior to this change those terminals may show the location header value
as gibberish or show it twice.

Ref: https://gist.github.com/egmontkob/eb114294efbcd5adb1944c9f3cb5feda#backward-compatibility

Fixes https://github.com/curl/curl/issues/10428
Closes https://github.com/curl/curl/pull/11071
2023-05-05 02:52:23 -04:00
François Michel
89f6fafedb
quiche: disable pacing while pacing is not actually performed
Closes #11068
2023-05-03 13:59:17 +02:00
Daniel Stenberg
d8df0d6db7
easy_cleanup: require a "good" handle to act
By insisting that the passed in handle is "good" (the magic number is
intact), this can limit the potential damage if a bad pointer is passed
in. Like when this function is called twice on the same handle pointer.

Ref: #10964
Closes #11061
2023-05-02 13:24:30 +02:00
Andreas Falkenhahn
b8d7746e3c amiga: Fix CA certificate paths for AmiSSL and MorphOS
AmiSSL stores certificates in `AmiSSL:Certs` and MorphOS stores them in
`MOSSYS:Data/SSL/curl-ca-bundle.crt`.

Closes https://github.com/curl/curl/pull/11059
2023-05-01 14:08:55 -04:00
Daniel Stenberg
b637166092
http2: (void)-mark when we explicitly ignore the return code
When h2_progress_egress() is called. Pointed out by Coverity.

Closes #11057
2023-04-30 11:26:07 +02:00
Daniel Stenberg
9ce7eee070
checksrc: find bad indentation in conditions without open brace
If the previous line starts with if/while/for AND ends with a closed
parenthesis and there's an equal number of open and closed parentheses
on that line, verify that this line is indented $indent more steps, if
not a cpp line.

Also adjust the fall-out from this fix.

Closes #11054
2023-04-28 23:11:00 +02:00
Diogo Teles Sant'Anna
31303c34e9 CI: Set minimal permissions on workflow ngtcp2-quictls.yml
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>

Closes #11055
2023-04-28 11:50:30 -07:00
Dan Fandrich
6cfa1a42eb CI: use another glob syntax for matching files on Appveyor
The previous globbing syntax was not matching files recursively in
directories, so try appending a /* to more closely match the examples at
https://www.appveyor.com/docs/how-to/filtering-commits/
2023-04-28 10:31:28 -07:00
Daniel Stenberg
da9d9c3d1c
multi: add multi-ignore logic to multi_socket_action
The multi-ignore logic that was previously applied to
curl_multi_perform() (#10750) is here applied to the loop within
curl_multi_socket_action() to make it use the same optimization: most
handles have the same signal-ignore option state so this drastically
reduces the number of ignore/unignore calls per libcurl function invoke.

Follow-up to bc90308328

Closes #11045
2023-04-28 16:27:45 +02:00
Stefan Eissing
a9b7f72bc9
http2: do flow window accounting for cancelled streams
- nghttp2 does not free connection level window flow for
  aborted streams
- when closing transfers, make sure that any buffered
  response data is "given back" to the flow control window
- add tests test_02_22 and test_02_23 to reproduce

Closes #11052
2023-04-28 13:55:39 +02:00
Stefan Eissing
b0edf0b7da
pingpong: fix compiler warning "assigning an enum to unsigned char"
Closes #11050
2023-04-28 13:38:21 +02:00
Daniel Stenberg
2541231639
configure: fix detection of apxs (for httpd)
The condition check was turned the wrong way around!

Closes #11051
2023-04-28 13:37:13 +02:00
Viktor Szakats
b1ad4f1d5f
ci: -Wno-vla no longer necessary
We handle this issue in the source now.

Follow-up to b725fe1944

Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes #11048
2023-04-28 11:02:33 +00:00
Marcel Raad
da2470de96
tests/http: make curl_setup.h the first include
This is required for the macros there to take effect for system
libraries. Specifically, including the system libraries first led to
warnings about `_FILE_OFFSET_BITS` being redefined in curl_config.h on
the Solaris autobuilds for ws-data.c and ws-pingpong.c.
Also make the curl includes come first for the other source files here
for consistency.

Closes https://github.com/curl/curl/pull/11046
2023-04-28 11:29:19 +02:00
Emanuele Torre
7f712399d5
checksrc: check for spaces before the colon of switch labels
Closes #11047
2023-04-27 23:26:50 +02:00
Daniel Stenberg
5cdff4f5a9
RELEASE-NOTES: synced 2023-04-27 18:03:44 +02:00
Daniel Stenberg
ff67da58c4
libssh: tell it to use SFTP non-blocking
Reported-by: Andreas Huebner
Fixes #11020
Closes #11039
2023-04-27 17:59:56 +02:00
Stefan Eissing
de4b0164f2
http2: enlarge the connection window
- fixes stalled connections

- Make the connection window large enough, so that there is
  some room left should 99/100 streams be PAUSED by the application

Reported-by: Paweł Wegner
Fixes #10988
Closes #11043
2023-04-27 17:44:55 +02:00
Daniel Stenberg
d567cca1de
checksrc: fix SPACEBEFOREPAREN for conditions starting with "*"
The open paren check wants to warn for spaces before open parenthesis
for if/while/for but also for any function call. In order to avoid
catching function pointer declarations, the logic allows a space if the
first character after the open parenthesis is an asterisk.

I also spotted what we did not include "switch" in the check but we should.

This check is a little lame, but we reduce this problem by not allowing
that space for if/while/for/switch.

Reported-by: Emanuele Torre
Closes #11044
2023-04-27 17:24:47 +02:00
Daniel Stenberg
4578ada4a0
docs: minor polish
- "an HTTP*" (not "a")
- remove a few contractions
- remove a spurious "a"
- reduce use of "I" in texts

Closes #11040
2023-04-27 13:23:01 +02:00
Daniel Stenberg
bb0b245cc1
ws: fix CONT opcode check
Detected by Coverity. Follow-up to 930c00c259

Closes #11037
2023-04-27 11:08:48 +02:00
Dan Fandrich
9f241a85dc CI: switch the awslc builds to build out-of-tree
This is a common configuration that should be tested to avoid
regressions. The awsls cmake build was already out-of-tree so the
automake build now joins it.

Ref: #11006
2023-04-27 00:15:41 -07:00
Dan Fandrich
2572e1333e tests/http: fix out-of-tree builds
Add both lib/ directories (src & build) to the search path so
curl_setup.h and its dependencies can be found.

Followup-to acd82c8b

Ref: #11006
Closes #11036
2023-04-27 00:15:41 -07:00
Daniel Stenberg
b7b1846275
urlapi: make internal function start with Curl_
Curl_url_set_authority() it is.

Follow-up to acd82c8bfd

Closes #11035
2023-04-27 08:36:51 +02:00
YX Hao
ca3f6decb9
cf-socket: turn off IPV6_V6ONLY on Windows if it is supported
IPV6_V6ONLY refs:
https://en.wikipedia.org/wiki/IPv6#IPv4-mapped_IPv6_addresses
https://github.com/golang/go/blob/master/src/net/ipsock_posix.go
https://en.wikipedia.org/wiki/Unix-like
https://learn.microsoft.com/en-us/windows/win32/winsock/ipproto-ipv6-socket-options

default value refs:
https://datatracker.ietf.org/doc/html/rfc3493#section-5.3
https://www.kernel.org/doc/html/latest/networking/ip-sysctl.html#proc-sys-net-ipv6-variables

Closes #10975
2023-04-26 23:39:57 +02:00
Daniel Stenberg
65f03e507f
urldata: shrink *select_bits int => unsigned char
- dselect_bits
- cselect_bits

... are using less than 8 bits. Changed types and moved them towards
the end of the structs to fit better.

Closes #11025
2023-04-26 23:36:45 +02:00
Stefan Eissing
acd82c8bfd
tests/http: more tests with specific clients
- Makefile support for building test specific clients in tests/http/clients
- auto-make of clients when invoking pytest
- added test_09_02 for server PUSH_PROMISEs using clients/h2-serverpush
- added test_02_21 for lib based downloads and pausing/unpausing transfers

curl url parser:
- added internal method `curl_url_set_authority()` for setting the
  authority part of a url (used for PUSH_PROMISE)

http2:
- made logging of PUSH_PROMISE handling nicer

Placing python test requirements in requirements.txt files
- separate files to base test suite and http tests since use
  and module lists differ
- using the files in the gh workflows

websocket test cases, fixes for we and bufq
- bufq: account for spare chunks in space calculation
- bufq: reset chunks that are skipped empty
- ws: correctly encode frames with 126 bytes payload
- ws: update frame meta information on first call of collect
  callback that fills user buffer
- test client ws-data: some test/reporting improvements

Closes #11006
2023-04-26 23:24:46 +02:00
Jay Satiro
21575b26fe libssh2: fix crash in keyboard callback
- Always set the libssh2 'abstract' user-pointer to the libcurl easy
  handle associated with the ssh session, so it is always passed to the
  ssh keyboard callback.

Prior to this change and since 8b5f100 (precedes curl 8.0.0), if libcurl
was built without CURL_DEBUG then it could crash during the ssh auth
phase due to a null dereference in the ssh keyboard callback.

Reported-by: Andreas Falkenhahn

Fixes https://github.com/curl/curl/pull/11024
Closes https://github.com/curl/curl/pull/11026
2023-04-26 15:04:29 -04:00
Daniel Stenberg
53523d7dcc
docs: clarify that more backends have HTTPS proxy support
Closes #11033
2023-04-26 16:28:12 +02:00
Daniel Stenberg
442355f8db
KNOWN_BUGS: remove two not-bugs
- 11.7 signal-based resolver timeouts

Not considered a bug anymore but just implementation details. People
should avoid using timeouts with the synchronous name resolver.

- 11.16 libcurl uses renames instead of locking for atomic operations

Not a bug, just a description of how it works

Closes #11032
2023-04-26 15:40:54 +02:00
Harry Sintonen
13718030ad
hostip: add locks around use of global buffer for alarm()
When building with the sync name resolver and timeout ability we now
require thread-safety to be present to enable it.

Closes #11030
2023-04-26 15:40:07 +02:00
Daniel Stenberg
91b53efa4b
curl_path: bring back support for SFTP path ending in /~
libcurl used to do a directory listing for this case (even though the
documentation says a URL needs to end in a slash for this), but
4e2b52b5f7 modified the behavior.

This change brings back a directory listing for SFTP paths that are
specified exactly as /~ in the URL.

Reported-by: Pavel Mayorov
Fixes #11001
Closes #11023
2023-04-26 11:26:35 +02:00