Theoretically, the oldest time could overflow an int. In practice that
won't happen, but let's do this to please analyzers.
Follow-up to 9ed7d56e04
Pointed out by Coverity.
Closes#11094
To reduce the damage an application can cause if using -1 or other
ridiculous timeout values and letting the cache live long times.
The maximum number of entries in the DNS cache is now totally
arbitrarily and hard-coded set to 29999.
Closes#11084
The code assumes that such a resume is wanting to continue an upload
using the read callback, and since POSTFIELDS is done without callback
libcurl will just misbehave.
This combo will make the transfer fail with CURLE_BAD_FUNCTION_ARGUMENT
with an explanation in the error message.
Reported-by: Smackd0wn on github
Fixes#11081Closes#11083
By insisting that the passed in handle is "good" (the magic number is
intact), this can limit the potential damage if a bad pointer is passed
in. Like when this function is called twice on the same handle pointer.
Ref: #10964Closes#11061
AmiSSL stores certificates in `AmiSSL:Certs` and MorphOS stores them in
`MOSSYS:Data/SSL/curl-ca-bundle.crt`.
Closes https://github.com/curl/curl/pull/11059
If the previous line starts with if/while/for AND ends with a closed
parenthesis and there's an equal number of open and closed parentheses
on that line, verify that this line is indented $indent more steps, if
not a cpp line.
Also adjust the fall-out from this fix.
Closes#11054
The multi-ignore logic that was previously applied to
curl_multi_perform() (#10750) is here applied to the loop within
curl_multi_socket_action() to make it use the same optimization: most
handles have the same signal-ignore option state so this drastically
reduces the number of ignore/unignore calls per libcurl function invoke.
Follow-up to bc90308328Closes#11045
- nghttp2 does not free connection level window flow for
aborted streams
- when closing transfers, make sure that any buffered
response data is "given back" to the flow control window
- add tests test_02_22 and test_02_23 to reproduce
Closes#11052
- fixes stalled connections
- Make the connection window large enough, so that there is
some room left should 99/100 streams be PAUSED by the application
Reported-by: Paweł Wegner
Fixes#10988Closes#11043
The open paren check wants to warn for spaces before open parenthesis
for if/while/for but also for any function call. In order to avoid
catching function pointer declarations, the logic allows a space if the
first character after the open parenthesis is an asterisk.
I also spotted what we did not include "switch" in the check but we should.
This check is a little lame, but we reduce this problem by not allowing
that space for if/while/for/switch.
Reported-by: Emanuele Torre
Closes#11044
- Makefile support for building test specific clients in tests/http/clients
- auto-make of clients when invoking pytest
- added test_09_02 for server PUSH_PROMISEs using clients/h2-serverpush
- added test_02_21 for lib based downloads and pausing/unpausing transfers
curl url parser:
- added internal method `curl_url_set_authority()` for setting the
authority part of a url (used for PUSH_PROMISE)
http2:
- made logging of PUSH_PROMISE handling nicer
Placing python test requirements in requirements.txt files
- separate files to base test suite and http tests since use
and module lists differ
- using the files in the gh workflows
websocket test cases, fixes for we and bufq
- bufq: account for spare chunks in space calculation
- bufq: reset chunks that are skipped empty
- ws: correctly encode frames with 126 bytes payload
- ws: update frame meta information on first call of collect
callback that fills user buffer
- test client ws-data: some test/reporting improvements
Closes#11006
- Always set the libssh2 'abstract' user-pointer to the libcurl easy
handle associated with the ssh session, so it is always passed to the
ssh keyboard callback.
Prior to this change and since 8b5f100 (precedes curl 8.0.0), if libcurl
was built without CURL_DEBUG then it could crash during the ssh auth
phase due to a null dereference in the ssh keyboard callback.
Reported-by: Andreas Falkenhahn
Fixes https://github.com/curl/curl/pull/11024
Closes https://github.com/curl/curl/pull/11026
libcurl used to do a directory listing for this case (even though the
documentation says a URL needs to end in a slash for this), but
4e2b52b5f7 modified the behavior.
This change brings back a directory listing for SFTP paths that are
specified exactly as /~ in the URL.
Reported-by: Pavel Mayorov
Fixes#11001Closes#11023
The leftmost "label" of the host name can now only match against single
'*'. Like the browsers have worked for a long time.
- extended unit test 1397 for this
- move some SOURCE variables from unit/Makefile.am to unit/Makefile.inc
Reported-by: Hiroki Kurosawa
Closes#11018
- state is fully kept at connection, since curl_ws_send() and
curl_ws_rec() have lifetime beyond usual transfers
- no more limit on frame sizes
Reported-by: simplerobot on github
Fixes#10962Closes#10999
Prior to this change STRING_AWS_SIGV4 (CURLOPT_AWS_SIGV4) was wrongly
marked as binary data that could not be duplicated.
Without this fix, this option's value is not copied upon calling
curl_easy_duphandle().
Closes https://github.com/curl/curl/pull/11021
- just increasing the http/2 flow window does not necessarily
make a server send new data. It may already have exhausted
the window before
Closes#11005
- `drain` was used by http/2 and http/3 implementations to indicate
that the transfer requires send/recv independant from its socket
poll state. Intended as a counter, it was used as bool flag only.
- a similar mechanism exists on `connectdata->cselect_bits` where
specific protocols can indicate something similar, only for the
whole connection.
- `cselect_bits` are cleard in transfer.c on use and, importantly,
also set when the transfer loop expended its `maxloops` tries.
`drain` was not cleared by transfer and the http2/3 implementations
had to take care of that.
- `dselect_bits` is cleared *and* set by the transfer loop. http2/3
does no longer clear it, only set when new events happen.
This change unifies the handling of socket poll overrides, extending
`cselect_bits` by a easy handle specific value and a common treatment in
transfers.
Closes#11005
... instead of using the curl time struct, since it would use a few
uninitialized bytes and the sanitizers would complain. This is a neater
approach I think.
Reported-by: Boris Kuschel
Fixes#10993Closes#11015
By making sure we set state.upload based on the set.method value and not
independently as set.upload, we reduce confusion and mixup risks, both
internally and externally.
Closes#11017
- with `--proxy-http2` allow h2 ALPN negotiation to
forward proxies
- applies to http: requests against a https: proxy only,
as https: requests will auto-tunnel
- adding a HTTP/1 request parser in http1.c
- removed h2h3.c
- using new request parser in nghttp2 and all h3 backends
- adding test 2603 for request parser
- adding h2 proxy test cases to test_10_*
scorecard.py: request scoring accidentally always run curl
with '-v'. Removed that, expect double numbers.
labeller: added http1.* and h2-proxy sources to detection
Closes#10967
- expression 'hostptr' is always true
- a part of conditional expression is always true: proxypasswd
- expression 'proxyuser' is always true
- avoid multiple Curl_now() calls in allocate_conn
Ref: #10929Closes#10959
- Disable socket receive buffer unless USE_RECV_BEFORE_SEND_WORKAROUND
is in place.
While we would like to use the receive buffer, we have stalls in
parallel transfers where not all buffered data is consumed and no socket
events happen.
Note USE_RECV_BEFORE_SEND_WORKAROUND is a Windows sockets workaround
that has been disabled by default since b4b6e4f1, due to other bugs.
Closes https://github.com/curl/curl/pull/10961
- progress ingress stopped too early, causing data
from the underlying filters to not be processed and
report that no tunnel data was available
- this lead to "hangers" where no socket activity was
seen but data rested in buffers
Closes#10952
- callbacks and filter methods might be invoked at unexpected
times, e.g. when the transfer's stream_ctx has not been initialized
yet or, more likely, has already been taken down.
- check for existance of stream_ctx in such places and return
an error or silently succeed the call.
Closes#10951
