Changes to make a curl built with OpenSSL + GnuTLS to run successfully
in our pytests. Run
CURL_SSL_BACKEND=openssl pytest
to test a TLS backend other than the default.
Closes#15443
- renamed to url_proto_and_rewrite to better reveal what it does
- clarify the functionality in the top comment
- make it return CURLE_OUT_OF_MEMORY appropriately
- remove check for URL being set, use assert instead
Closes#15442
An overflow check for if the value of a curl_off_t is larger than a
size_t can hold, is only necessary if the two types are actually
differently sized, now checked by the preprocessor. To avoid
"Unreachable Conditional".
Closes#15439
Avoid the `curl.exe` wrapper binary created by libtool, and run the real
`curl.exe` directly for tests and version information.
This solution was used in Azure jobs. I missed it when migrating jobs
to GHA.
Applies to tests run in the `mingw, AM x86_64 c-ares U` job, which has
seen unexplained flakiness.
Ref: 354afc891d#6049
Follow-up to e53523fef0#14859Closes#15437
handle/handle64 requires a literal match with the filenames it's
listing.
Also:
- make handle64 log messages more unique to help text searches.
- update a comment with Windows Perl info.
Cherry-picked from #14949Closes#15436
That error code was introduced and has been used for OpenSSL ENGINE
things and not others, so switch the other use cases over to other TLS
related error codes.
Closes#15430
Add two test cases that connection using a hostname the server has no
certificate for. First, verify that the peer verification fail, as
expected. Second, provide '--insecure' to test that the connection
succeeded and returned some data.
Closes#15429
New args for scorecard.py:
* --remote ip:port to run tests against a remote server
* --start-only: to only start the servers, listing their ports
Start the server using "scorecard.py --start-only" on one machine and
then run the tests with "scorecard.py --remote ip:port" against that
machine.
Closes#15415
The second argument to curl_getdate() once took a time argument, but
that feature has been gone for decades, thus passing in a date there
makes no difference.
Closes#15420
Introduce five functions named after the state they serve:
- state_connect for MSTATE_CONNECT
- state_do for MSTATE_DO
- state_performing for MSTATE_PERFORMING
- state_ratelimiting for MSTATE_RATELIMITING
- state_resolving for MSTATE_RESOLVING
Closes#15418
Extend `INSTALL-CMAKE` document with the list of available options,
a short description and default values.
The list may not be 100% complete.
There are no component boundaries in CMake, so the line is blurry
between curl options, CMake options, CMake Find modules options.
I included certain CMake options that seemed useful, and/or have
dedicated use withing curl's CMake source. But, all CMake built-in
options are usable, as documented upstream in CMake.
The naming of the options has a heritage and the inconsistencies with
it, including a lack of clear namespace. This may be subject to future
updates, also after figuring out which name has special meaning within
CMake and/or CMake projects out of unwritten convention or something
more tangible.
CMake allows to initialize any internal variable via `-D`. This may be
useful to pre-initialize/override feature check results. The list
doesn't contain these, and they remain officially undocumented.
Also:
- make adjustments to keep the spellchecker happy.
- retrofit description changes to the cmake sources.
- stop documenting deprecated `Find*` variables.
Reported-by: Daniel Stenberg
Fixes https://github.com/curl/curl/discussions/14885Closes#15388
- drop redundant local variables.
- drop extra Intel C feature check that always returned success due
to not passing the tested compiler option. Nobody reported an issue
with this since 2016, suggesting the version check alone is enough.
Closes#15400
- use CMake 3.12 syntax when available, in clang-cl branch.
Follow-up to e89491e1f0#15337
- rename internal variables to underscore-lowercase.
Follow-up to d8de4806e1#14571
- update comment.
Closes#15404
Also drop `_curl` prefix, which isn't necessary for underscore variables
and wasn't used in most other cases.
Follow-up to d8de4806e1#14571Closes#15397
Initialization of `CURL_DISABLE_FORM_API` depends on another option.
Make sure the other option is initialized before this one.
Due to the defaults and logic this did not cause an issue.
Also fix the order of two other lines to match with the rest.
Closes#15394
- INSTALL-CMAKE: delete `Current flaws in the curl CMake build` section.
#1123 was fixed in 7e93637acd#2443
- TODO: delete item 3.2.
Follow-up to 1cb4f5d6e8#1879Closes#15405
Use session cache for QUIC when built with quictls or wolfSSL.
Add test_017_10 for verifying QUIC TLS session reuse when built with
quictls, gnutls or wolfssl.
Closes#15358
Add length to session saves, making it clear that we are storing a byte
blob and allowing memcmp() on sameness check.
Remove some pytest skips for bearssl to see if they now work properly in
CI.
Closes#15395
Use mbedtls_ssl_session_load() and mbedtls_ssl_session_save() to convert
TLS sessions to byte blobs for the session cache.
Fix a skip message to better indicate why the test is skipped for
mbedtls.
Closes#15398
- the specified URL can also get data sent to it
- rephrase the scheme guessing part
- mention target options for each URL for saving data
- mention --remote-name-all
- remove "warning" and make it into normal text
Closes#15396
- remove typecasts and parentheses in zstd_version()
- create and use oldap_version() for OpenLDAP
- create and use psl_version() for libpsl
- reduce the size of the 40 byte buffers to 30 bytes
- use the brotil/zstd like the others (add the lib name in the functions)
- create and use idn_version for IDN builds
- handle (unlikely) error from ldap_get_option
Closes#15393
- Create a new macro SCH_DEV() to manage verbose debug messages that are
only useful for debugging Schannel recv decryption.
schannel_recv contains a lot of useful debug messages to help debug the
function, however in practice they are not otherwise useful and showing
them in debug builds adds a lot of noise.
To show these messages curl must now be built with
CURL_SCHANNEL_DEV_DEBUG defined.
Prior to this change many, but not all, extra-verbose messages were
wrapped in DEBUGF() so they were only shown in debug builds.
Ref: https://github.com/curl/curl/issues/14807Closes#14826
When receiving data, schannel does a recv from the lower filters, e.g.
the socket, *before* it decrypts and analyses the buffered data it
already has. When that buffer contains a close-notify, e.g. the end of
the TLS stream, any error on the previous receive from the socket are
not applicable to its return codes.
Example from #153345: a server sends a close notify and closes its
connection. The encrypted data, including the close notify is received.
Another receive on the sockets gets a CONNABORTED which curl reports as
CURLE_RECV_ERROR. Schannel analyses its bufferi, sees the close notify
and early returns to the caller. On this return, the error on the
attempted receive does not apply.
Closes#15381
