Commit Graph

32391 Commits

Author SHA1 Message Date
Andy Pan
f51fa8f169
tcpkeepalive: support setting TCP keep-alive parameters on Solaris <11.4
Solaris didn't support TCP_KEEPIDLE and TCP_KEEPINTVL until 11.4,
before that it use TCP_KEEPALIVE_THRESHOLD and TCP_KEEPALIVE_ABORT_THRESHOLD
as the substitute. Therefore, for Solaris <11.4 we need to use this substitute
for setting TCP keep-alive parameters.

Ref:
https://docs.oracle.com/cd/E86824_01/html/E54777/tcp-7p.html
https://docs.oracle.com/cd/E88353_01/html/E37851/tcp-4p.html

Closes #13864
2024-06-03 23:04:05 +02:00
Daniel Stenberg
4edbd52267
KNOWN_BUGS: quiche: QUIC connection is draining
Closes #12037
Closes #13867
2024-06-03 10:46:10 +02:00
Daniel Stenberg
8e5c5c1724
KNOWN_BUGS: aws-sigv4 has problems with particular URLs
Closes #13058
Closes #13866
2024-06-03 10:45:24 +02:00
Daniel Stenberg
2a053ca801
KNOWN_BUGS: aws-sigv4 does not handle multipart/form-data correctly
Closes #13351
Closes #13866
2024-06-03 10:45:16 +02:00
Daniel Stenberg
6c31c65a8c
RELEASE-NOTES: synced 2024-06-03 10:43:06 +02:00
Viktor Szakats
fd149601cc
GHA: fix old mingw-w64 32-bit job
This toolchain resides in the `mingw32` directory. Make sure to
configure `PATH` accordingly.

Before this patch, it pointed to a non-existing `mingw64` directory,
making the job use the wrong compiler (gcc 12, 64-bit).

Follow-up to e838b341a0 #12927
Closes #13863
2024-06-03 01:34:04 +02:00
Daniel Stenberg
c61f753881
tool_cb_hdr: return error for failed header writes
By checking that fflush() works.

Reported-by: Sebastian Andersson
Fixes #13836
Closes #13859
2024-06-02 23:24:19 +02:00
Viktor Szakats
464282ddfb
GHA: bump all build jobs to nproc+1
- bump rest of the workflows (windows, macos, distrocheck).

- non-native virtualized envs have 2 CPUs, bump down accordingly.
  (for `vmactions/omnios-vm` it's just a guess.)

- bump all to nproc + 1.

Follow-up to e838b341a0 #12927
Closes #13807
2024-06-02 21:39:49 +02:00
Viktor Szakats
03bd16e533
GHA: disable MQTT and WebSocket tests in Windows jobs
Trying to figure out which category is causing the remaining hangs.

Follow-up to def7d05382
Closes #13860
2024-06-02 20:29:46 +02:00
Viktor Szakats
0887297100
lib/v*: tidy up types and casts
Also add a couple of negative checks.

Cherry-picked from #13489
Closes #13622
2024-06-02 19:27:17 +02:00
Viktor Szakats
1d63e331de
GHA: fix caching old mingw-w64 toolchains in the Windows workflow
- stop altering the `PATH` via `GITHUB_ENV`. This confused the
  `actions/cache` post-job, which needs to run in the exact same
  environment as its pre-job, to have a consistent cache entry "version"
  hash. Altering the `PATH` via `GITHUB_ENV` spills into the the
  post-job and breaks this hash. GHA doesn't reset the env automatically
  and I have not found a way to do it manually.

- add double-quotes where missing.

- move cache directory under `USERPROFILE` to not rely on absolute
  paths.

- make cache directory flatter and versionless.

Follow-up to 0914d8aadd #13759
Closes #13856
2024-06-02 19:27:16 +02:00
renovate[bot]
7d7712166f
ci: pin actions/github-script action to 60a0d83
Closes #13846
2024-06-02 17:34:45 +02:00
Bo Anderson
eacec9a350
x509asn1: add some common ECDSA OIDs
Closes #13857
2024-06-02 17:30:09 +02:00
renovate[bot]
aa954f97f6
ci: update rojopolis/spellcheck-github-actions digest to e36f662
Closes #13852
2024-06-02 17:25:37 +02:00
Bo Anderson
9aa1d412b8
x509asn1: fallback to dotted OID representation
Reported-by: Luke Hamburg
Fixes #13845
Closes #13858
2024-06-02 17:23:50 +02:00
Lee Li
6a7ad8911d
request.md: language fix
improved for better readability and correctness

Closes #13854
2024-06-02 17:12:25 +02:00
MonkeybreadSoftware
810933d779
vtls: deprioritize Secure Transport
Moved Secure Transport behind OpenSSL, so we can build CURL with both
and prefer using OpenSSL over Secure Transport by default.

Closes #13547
2024-06-02 17:10:17 +02:00
Daniel Stenberg
655d44d139
urlapi: add CURLU_NO_GUESS_SCHEME
Used for extracting:

- when used asking for a scheme, it will return CURLUE_NO_SCHEME if the
  stored information was a guess

- when used asking for a URL, the URL is returned without a scheme, like
  when previously given to the URL parser when it was asked to guess

- as soon as the scheme is set explicitly, it is no longer internally
  marked as guessed

The idea being:

1. allow a user to figure out if a URL's scheme was set as a result of
  guessing

2. extract the URL without a guessed scheme

3. this makes it work similar to how we already deal with port numbers

Extend test 1560 to verify.

Closes #13616
2024-06-01 23:51:42 +02:00
Daniel Stenberg
80aa519545
wolfssl: support CA caching
As a bonus, add SSLSUPP_CA_CACHE to let TLS backends signal its support
for this so that *setopt() return error if there is no support.

Closes #13786
2024-06-01 23:50:36 +02:00
Andy Pan
6da320357f
socket: change TCP keepalive from ms to seconds on DragonFly BSD
DragonFly BSD changed the time unit for TCP keep-alive from milliseconds
to seconds since v5.8, thus setting the keepalive options with
milliseconds with curl/libcurl will result in unexpected behaviors on
DragonFlyBSD 5.8+

Distinguish the DragonFly BSD versions and use the proper time units
accordingly.

Ref:
  https://lists.dragonflybsd.org/pipermail/commits/2019-July/719125.html
  965b380e96/sys/sys/param.h (L207)

Fixes #13847
Closes #13848
2024-06-01 23:46:41 +02:00
Daniel Stenberg
47d930efae
curlver.h: aiming for 8.9.0 2024-06-01 12:26:20 +02:00
Daniel Stenberg
e78913e6b5
noproxy: patterns need to be comma separated
or they will not parse correctly.

Mentioned in DEPRECATED since Janurary 2023 (in 7ad8a7ba9e).

Closes #13789
2024-06-01 12:25:13 +02:00
Jan Venekamp
4e2c45110c
sectransp: remove large cipher table
Previously a large table of ciphers was used to determine the default
ciphers and to lookup manually selected ciphers names.

With the lookup of the manually selected cipher names moved to
Curl_cipher_suite_walk_str() the large table is no longer needed for
that purpose.

The list of manually selected cipher can now be intersected with the
ciphers supported by Secure Transport (SSLGetSupportedCiphers()),
instead of using the fixed table for that.

The other use of the table was to filter the list of all supported
ciphers offered by Secure Transport to create a list of ciphers to
use by default, excluding ciphers in the table marked as weak.

Instead of using a complement based approach (exclude weak), switch
to using an intersection with a smaller list of ciphers deemed
appropriate.

Closes #13823
2024-06-01 11:00:06 +02:00
Tatsuhiro Tsujikawa
a8174176b5
GHA: unify http3 workflows into one
This commit unifies the following http3 workflows into http3-linux.yml:

- ngtcp2-linux.yml
- osslq-linux.yml
- quiche-linux.yml

The idea is better use of the build cache. Previously, they
independently create caches with the same key. Some of the caches
include source code and intermediate object files, which makes cache
quite large. In this commit, only built artifacts are cached, which
drastically reduces the cache size. OpenSSL v3, mod_h2 and quiche caches
still include all stuff, but they are left for the later improvement.
Because the contents of the cache have been changed, the cache keys are
also changed to include the word "http3".

Closes #13841
2024-06-01 10:57:23 +02:00
Stephen Farrell
48292d8c93
openSSL: fix hostname handling when using ECH
Reported-by: vvb2060
Fixes #13818
Closes #13822
2024-06-01 10:48:23 +02:00
renovate[bot]
fee2e40ef6
ci: update github/codeql-action digest to f079b84
Closes #13837
2024-06-01 10:45:33 +02:00
Daniel Stenberg
361f4c65fb
RELEASE-NOTES: synced 2024-06-01 10:40:20 +02:00
Daniel Stenberg
8df910b79c
curl_multi_poll.md: expand the example with an custom file descriptor
Closes #13842
2024-06-01 00:24:55 +02:00
Christian Heusel
d6abd49df8
DISTROS: add a link to the list archive
Related to https://github.com/curl/curl/discussions/13833

Signed-off-by: Christian Heusel <christian@heusel.eu>
Closes #13843
2024-06-01 00:24:06 +02:00
Matt Jolly
beff006a8e
autoconf: remove 'deeper' checks for AC_CHECK_FUNCS
The net effect of the deeper checks is to raise implicit function decls
on modern compilers.

These checks appear to have been added ~20 years ago, relating to an
unverifiable claim about HP-UX. Autoconf support for the platform has
grown in leaps and bounds since.

It didn't cause a real problem here, but when investigating a FP this
came up. No evidence has been identified that this was actually broken
in the past, and there is no evidence that this is necessary now.

`-Werror=implicit-function-declarations` is enabled for both checks;
without a working prototype they will both fail regardless. In the
second case there will in fact never be a working prototype and
therefore it will always fail unconditionally.

`AC_CHECK_FUNCS` does effectively the same thing as the removed checks,
except it actually defines a dummy prototype to see if it links.

If `AC_CHECK_FUNCS` is broken on a given platform we have bigger
problems than trying to build cURL. This should also be faster.

Bug: https://bugs.gentoo.org/932827
Reviewed-By: Eli Schwartz <eschwartz93@gmail.com>
Closes #13830
2024-05-31 14:33:05 +02:00
Jay Satiro
acb9effcdd cf-socket: improve SO_SNDBUF update for Winsock
- Rename: Curl_sndbufset => Curl_sndbuf_init

- Rename: win_update_buffer_size => win_update_sndbuf_size

- Save the last set SO_SNDBUF size to compare against so that we can
  avoid setsockopt calls every second.

This is a follow-up to 0b520e12 which moved the SO_SNDBUF update check
into cf-socket. This change improves it further by making the function
names easier to understand and reducing the amount of setsockopt calls.

Closes https://github.com/curl/curl/pull/13827
2024-05-30 13:56:37 -04:00
Viktor Szakats
dace891e38
tidy-up: use consistent casing for Windows directories
C:\Windows\System32

Closes #13832
2024-05-30 14:40:12 +02:00
Viktor Szakats
30c235f395
GHA: use ubuntu-latest with OmniOS job
It's the same as ubuntu-22.04.

Also update OmniOS package search link.

Closes #13831
2024-05-30 12:10:55 +02:00
Ayesh Karunaratne
e838b341a0
GHA: adjust parallel job counts
Adjusts the `make -j` flag to match the latest GitHub-hosted runner
hardware specs[^1]:

 - `ubuntu-latest` on 4 CPU cores
 - `macos-latest` on 3 CPU cores

The processor count is ideally obtained from `nproc`, but setting env
vars from the current CI yaml files is not possible because they expect
literal strings.

[^1]: https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners#standard-github-hosted-runners-for-public-repositories

Closes #12927
2024-05-30 09:57:50 +02:00
pszlazak
7d5b0ba3ff
get.d: clarify the explanation
Closes #13706
2024-05-30 08:33:33 +02:00
Daniel Stenberg
abff12c5a9
curl_url_set.md: libcurl only parses :// URLs
Make it clearer in the documentation.

Closes #13821
2024-05-30 08:30:17 +02:00
Stefan Eissing
c8096668ae
multi: fix multi_wait() timeout handling
- determine the actual poll timeout *after* all sockets
  have been collected. Protocols and connection filters may
  install new timeouts during collection.
- add debug logging to test1533 where the mistake was noticed

Reported-by: Matt Jolly
Fixes #13782
Closes #13825
2024-05-30 08:29:00 +02:00
Viktor Szakats
3b9569c3e2
lib: prefer var = time(NULL) over time(&var)
Following up on previous occurrences showing up as gcc warnings, replace
the remaining `time(&var)` calls with `var = time(NULL)`, though these
aren't specifically causing compiler warnings. These are in the TFTP
client code (`lib/tftp.c`), except one which is in a debug branch in
`lib/http_aws_sigv4.c`.

What's unexplainable is that this patch seems to mitigate TFTP tests
often hanging or going into an infinite loop on GHA windows workflows
with MSYS2, mingw-w64 and MSVC (Cygwin is unaffected):
  https://github.com/curl/curl/pull/13599#issuecomment-2119372376
TFTP hangs did not entirely disappear though, so could be unrelated.

`time()` docs:
https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/time-time32-time64
https://manpages.debian.org/bookworm/manpages-dev/time.2.en.html

Follow-up to 58ca0a2f07 #13800
Follow-up to d0728c9109 #13643
Closes #13815
2024-05-29 21:45:28 +02:00
Stefan Eissing
0b520e1250 winsock: move SO_SNDBUF update into cf-socket
- Move the code that updates the SO_SNDBUF size for Windows to
  cf_socket_send.

Prior to this change the code was in readwrite_upload but the socket
filter is the more appropriate place because it applies to all sends.

Background:

For Windows users SO_SNDBUF (the total per-socket buffer size reserved
by Winsock for sends) is updated dynamically by libcurl during the
transfer. This is because Windows does not do it automatically for
non-blocking sockets and without it the performance of large transfers
may suffer.

Closes https://github.com/curl/curl/pull/13763
2024-05-29 13:23:15 -04:00
Jan Venekamp
2b52fe4115
sectransp: use common code for cipher suite lookup
Take advantage of the Curl_cipher_suite_walk_str() and
Curl_cipher_suite_get_str() functions introduced in commit fba9afe.

Closes #13521
2024-05-29 13:08:14 +02:00
Matthias Gatto
768909d89c
aws-sigv4: url encode the canonical path
Refactors canon_query, so it could use the encoding part of the function
to use it in the path.

As the path doesn't encode '/', but encode '=', I had to add some
conditions to know If I was doing the query or path encoding.

Also, instead of adding a `bool in_path` variable, I use `bool
*found_equals` to know if the function was called for the query or path,
as found_equals is used only in query_encoding.

Test 472 verifies.

Reported-by: Alexander Shtuchkin
Fixes #13754
Closes #13814

Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
2024-05-29 13:02:52 +02:00
Daniel Stenberg
24b66a1de3
cd2nroff: use an empty "##" to signal end of .IP sequence
Like when we list a series of options and then want to add "normal" text
again afterwards.

Without this, the indentation level wrongly continues even after the
final "##" header, making following text wrongly appear to belong to the
header above.

Adjusted several curldown files to use this.

Fixes #13803
Reported-by: Jay Satiro
Closes #13806
2024-05-29 12:49:40 +02:00
vvb2060
f284289720
openssl: fix %-specifier in infof() call
Closes #13816
2024-05-28 23:14:24 +02:00
Daniel Stenberg
6946b3a799
curl: make warnings and other messages aware of terminal width
This removes unnecessary line wraps when the terminal is wider than 79
columns and it also makes messages look better in narrower terminals.

The get_terminal_columns() function is not split out into its own source
file.

Suggested-by: Elliott Balsley
Fixes #13804
Closes #13808
2024-05-28 23:12:32 +02:00
Viktor Szakats
67b0692f09
GHA: enable tests 1139, 1177, 1477 on Windows
These exclusions came from the AppVeyor CI config, but they do pass now
and they are static tests with no flakiness risk.

Follow-up to 0914d8aadd #13759
Closes #13817
2024-05-28 21:20:12 +02:00
Dan Fandrich
2368e22373 CI: Improve labeler tag detection
Also, simplify patterns with a single glob.
2024-05-28 11:49:31 -07:00
Viktor Szakats
def7d05382
GHA: disable TFTP tests in Windows jobs
Shot in the dark trying to find out which tests are
hanging / going to an infinite loop.

The ones failing after 45 minutes (mingw-w64) or 30 minutes (MSVC).

Ref: https://github.com/curl/curl/pull/13599#issuecomment-2119372376
2024-05-28 13:13:40 +02:00
renovate[bot]
bb9110a997
ci: update vmactions/omnios-vm digest to a61ca1e
Closes #13801
2024-05-28 10:41:23 +02:00
Daniel Stenberg
582743f2e7
openssl/gnutls: rectify the TLS version checks for QUIC
The versions check wrongly complained and return error if the *minimum*
version was set to something less than 1.3. QUIC is always TLS 1.3, but
that means minimum 1.2 is still fine to ask for.

This also renames the local variable to make the mistake harder to make
in the future.

Regression shipped in 8.8.0

Follow-up to 3210101088

Reported-by: fds242 on github
Fixes #13799
Closes #13802
2024-05-28 10:39:02 +02:00
Stefan Eissing
7bbad0c033
gnutls: improve TLS shutdown
local ftp upload tests sometimes failed with an invalid TLS record being
reported by gnutls. vsftp did log that the shutdown was not regarded as
clean, failing the control connection thereafter.

These changes make test_31_05 work reliable locally.

- on closing the SSL filter, shutdown READ *and* WRITE
- on closing, try a receive after shutdown is sent
- convert to DEBUGF to CURL_TRC_CF

Closes #13790
2024-05-28 10:37:52 +02:00