Drop check for `SSL_set0_wbio`, `SSL_CTX_set_srp_username`.
The wolfSSL backend doesn't implement these features. The checks were
wrong, and also missing from `./configure`.
If they get implemented, the feature checks should use distinct macros
from OpenSSL; they should check for the `wolfSSL_`-prefixed APIs via
wolfSSL headers; and matching checks should be added to `./configure`.
Follow-up to 781242ffa4#11967#11964Closes#16339
Almost all feature detection results are pre-filled on Windows
for performance, so none of the issues fixed here affected builds.
For good measure, this patch add missing detections and fixes others
to make sure they work even when omitting the pre-fill.
It also fixes detecting IPv6 for MS-DOS.
- fix `HAVE_STRUCT_TIMEVAL` detection for MSVC.
Follow-up to c1bc090d65#12495
- add `HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID` detection for Windows.
- fix `HAVE_STRDUP` detection for MSVC.
- fix `HAVE_SNPRINTF` detection for Windows.
Regression from 8e34505776#15164
- fix `HAVE_IOCTLSOCKET` detection for non-UWP MSVC.
- exclude `if_nametoindex` detection for Windows.
Although it exists on Windows, detection, usage and availability is
complicated, and curl doesn't use it on this platform.
Regression from 8e34505776#15164
- move IPv6 detections so that pre-filling and MS-DOS Watt-32
configuration applies to them. This fixes
`HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID` detection with MS-DOS.
Ref: https://github.com/curl/curl/actions/runs/13260511764/job/37015877585#step:7:306
Follow-up to a3585c9576#15543
Also:
- add debug option to test without pre-filling.
- replace `NOT LESS` with `GREATER_EQUAL`
Closes#16278
Extend output filter to pick up backslashes. This makes them pass in CI
when run in the vcpkg MSVC job, for example.
Also:
- cmake: allow TrackMemory, aka `ENABLE_CURLDEBUG` again. Drop FIXME.
- cmake: drop stale TODO.
- runtests: include the word 'TrackMemory' in the message disabling it.
Follow-up to 9f23c8f201#14541
Follow-up to 94c596bbc5#16283Closes#16289
We set this macro to silence a warning inside `openldap.h`. With this
warning now silenced by using `-isystem`, we can drop it. Also it never
had to be set to `1`.
Also enable OpenLDAP in a CMake GHA/macos job.
Follow-up to 445fb81237#14763
Follow-up to 751e168d93#12024Closes#16146
This issue was not addressed with CMake builds so far. curl-for-win
worked thanks to its `-Wl,--start-group` workaround. It affects
binutils `ld` linking statically. Shared linking and llvm's `lld`
doesn't need strict lib order, and are not affected.
The solution is to pass libs in dependency order, with least dependent
(e.g. system) libs last. In case of cyclic dependency, may pass libs
twice.
Fix most issues by moving Windows system libs `ws2_32` and `bcrypt`
last, and move SSH libs first due to their dependence on crypto
backends and zlib compression.
Also:
- modify an existing Linux curl-for-win job to use gcc.
- add a specific Windows gcc job to test this. Make it use different
options than the default to extend build coverage too: `libssh`,
`zlib-ng`, 32-bit.
- prefer CMake imported targets for OpenSSL and ZLIB.
Examples of issues fixed:
Windows LibreSSL, libpsl vs. ws2_32:
```
x86_64-w64-mingw32-ld: curl/libressl/lib/libcrypto.a(bss_sock.c.obj):bss_sock.c:(.text$sock_ctrl[sock_ctrl]+0x59): undefined reference to `__imp_shutdown'
x86_64-w64-mingw32-ld: curl/libressl/lib/libcrypto.a(gcm128.c.obj):gcm128.c:(.text$CRYPTO_gcm128_init[CRYPTO_gcm128_init]+0x65): undefined reference to `__imp_ntohl'
x86_64-w64-mingw32-ld: curl/libpsl/_x64-win-ucrt/usr/lib/libpsl.a(psl.o):(.text$psl_is_cookie_domain_acceptable+0xef): undefined reference to `__imp_WSAStringToAddressW'
```
Ref: https://github.com/curl/curl/actions/runs/13157579253/job/36718144881?pr=16182#step:3:5354
Linux libssh2 vs. zlib:
```
/usr/lib/gcc-cross/aarch64-linux-gnu/12/../../../../aarch64-linux-gnu/bin/ld: curl/libssh2/_a64-linux-gnu-libressl/usr/lib/libssh2.a(unity_0_c.c.o): in function `comp_method_zlib_dtor':
(.text.comp_method_zlib_dtor+0x8c): undefined reference to `deflateEnd'
/usr/lib/gcc-cross/aarch64-linux-gnu/12/../../../../aarch64-linux-gnu/bin/ld: curl/libssh2/_a64-linux-gnu-libressl/usr/lib/libssh2.a(unity_0_c.c.o): in function `comp_method_zlib_comp':
(.text.comp_method_zlib_comp+0x50): undefined reference to `deflate'
/usr/lib/gcc-cross/aarch64-linux-gnu/12/../../../../aarch64-linux-gnu/bin/ld: curl/libssh2/_a64-linux-gnu-libressl/usr/lib/libssh2.a(unity_0_c.c.o): in function `comp_method_zlib_init':
(.text.comp_method_zlib_init+0x8c): undefined reference to `deflateInit_'
```
Ref: https://github.com/curl/curl/actions/runs/13157270420/job/36717189086?pr=16182#step:3:5285
Windows libssh vs. ws2_32 and LibreSSL:
```
/usr/bin/i686-w64-mingw32-ld: curl/libssh/_x86-win-ucrt-libressl/usr/lib/libssh.a(connect.c.obj):(.text$ssh_connect_host_nonblocking+0x92): undefined reference to `WspiapiGetAddrInfo@16'
/usr/bin/i686-w64-mingw32-ld: curl/libssh/_x86-win-ucrt-libressl/usr/lib/libssh.a(connect.c.obj):(.text$ssh_connect_host_nonblocking+0x3d9): undefined reference to `gai_strerrorA'
/usr/bin/i686-w64-mingw32-ld: curl/libssh/_x86-win-ucrt-libressl/usr/lib/libssh.a(kex.c.obj):(.text$ssh_client_select_hostkeys+0xd2): undefined reference to `FIPS_mode'
/usr/bin/i686-w64-mingw32-ld: curl/libssh/_x86-win-ucrt-libressl/usr/lib/libssh.a(options.c.obj):(.text$ssh_options_set+0x942): undefined reference to `FIPS_mode'
```
Ref: https://github.com/curl/curl/actions/runs/13163986294/job/36739557888?pr=16182#step:3:5127
Ref: https://github.com/curl/curl/actions/runs/13163986294/job/36739557888?pr=16182#step:3:5121Closes#16182
Include `netinet/in.h` for FreeBSD/OpenBSD. Also include `sys/socket.h`
just in case, based on earlier code in `tests/libtest/lib1960.c`.
Also:
- document these in `CMakeLists.txt`.
- add a CI job testing FreeBSD with no unity and no test bundles.
(without running tests to keep it fast)
FreeBSD (autotools):
```
../../../tests/libtest/lib1960.c:66:22: error: variable has incomplete type 'struct sockaddr_in'
66 | struct sockaddr_in serv_addr;
| ^
../../../tests/libtest/lib1960.c:66:10: note: forward declaration of 'struct sockaddr_in'
66 | struct sockaddr_in serv_addr;
| ^
```
Ref: https://github.com/curl/curl/actions/runs/13159721509/job/36725114118?pr=16188#step:3:5289
OpenBSD (cmake):
```
/home/runner/work/curl/curl/tests/libtest/lib1960.c:66:22: error: variable has incomplete type 'struct sockaddr_in'
struct sockaddr_in serv_addr;
^
/home/runner/work/curl/curl/tests/libtest/lib1960.c:66:10: note: forward declaration of 'struct sockaddr_in'
struct sockaddr_in serv_addr;
^
1 error generated.
```
Ref: https://github.com/curl/curl/actions/runs/13159721509/job/36725102004?pr=16188#step:3:2166
Reported-by: CueXXIII on Github
Fixes#16184
Follow-up to a3585c9576#15543Closes#16188
- replace deprecated `ares_init()` call with `ares_init_options()`.
Follow-up to 0d4fdbf15d#16054
- dedupe `CARES_STATICLIB` initalizations into `curl_setup.h`, to
ensure it's defined before the first (and every) `ares.h` include and
avoid a potential confusion.
- move `CARES_NO_DEPRECATED` from build level to `curl_setup.h`.
To work regardless of build system.
It is necessary because curl calls `ares_getsock()` from two places,
of which one feeds a chain of wrappers: `Curl_ares_getsock()`,
`Curl_resolver_getsock()`, `Curl_resolv_getsock()`.
Closes#16131
It had shorthand aliases to launch `./configure` and
`./configure --with-openssl`. The former hasn't worked for a long while
because of missing TLS.
Its `ca-bundle` and `ca-firefox` targets have been broken for 2.5 years
till recently. These targets also exist in `./configure` and have been
working all along.
Also:
- cmake: add support `curl-ca-bundle` and `curl-ca-firefox` targets.
- tests/testcurl.pl: drop obsolete build logic.
Closes#16094
Works better if we later introduce another way to do the asynch RR
resolves (together with the threaded resolver) that does not use c-ares.
Closes#16090
Allow building with c-ares and yet use threaded resolver for the main
host A/AAAA resolving:
`--with-ares` provides the c-ares install path and defaults to use
c-ares for name resolving
`--with-threaded-resolver` still uses c-ares in the build (for HTTPS)
but uses the threaded resolver for "normal" resolves.
It works similarly for cmake: ENABLE_ARES enables ares, and if
ENABLE_THREADED_RESOLVER also is set, c-ares is used for HTTPS RR and
the threaded resolver for "normal" resolves.
HTTPSRR and c-ares-rr are new features return by curl_version_info() and
thus shown by curl -V.
The c-ares-rr feature bit is there to make it possible to distinguish
between builds using c-ares for all name resolves and builds that use
the threaded resolves for the regular name resolves and c-ares for
HTTPSRR only. "c-ares-rr" means it does not use c-ares for "plain" name
resolves.
HTTPSRR support is EXPERIMENTAL only.
Closes#16054
This variable was meant to be used by curl Find modules, but it turns
out it makes no sense to use those from `curl-config.cmake.in`. It means
this variable was not used before and will not be used in the future,
and therefore safe to delete.
Also add missing macros passed to `curl-config.cmake` to comment.
Ref: https://github.com/curl/curl/pull/14930#discussion_r1929537797Closes#16087
They play better with Unixy shells. The compiler has been supporting
dash options since its early versions.
Also fix to detect warnings options passed in dash-style.
Closes#16063
iOS:
- add jobs with autotools, CMake, CMake Xcode generator.
The Xcode generator is >10x slower than Unix Makefiles. Keep it
because it's the one recommended by CMake and for having its own
quirks we may want to know about.
- build, cache and use LibreSSL for these jobs.
With workaround for an iOS build issue fixed in master.
- make Xcode generator work by explicitly disabling code signing.
- make tests and examples build with the Xcode generator by setting
`-DMACOSX_BUNDLE_GUI_IDENTIFIER=se.curl`, to avoid
"Bundle identifier is missing" errors.
- cmake: disable `CURL_USE_PKGCONFIG` by default for Apple device.
- cmake: add `stdc++` library for BoringSSL and AWS-LC, with
`OPENSSL_USE_STATIC_LIBS=ON` set.
- cmake: add workaround for Xcode generator issue, where it cannot
handle two targets depending on one custom command. A better fix may
be dropping `tool_hugehelp.c` and `tool_ca_embed.c` from curltool
library. For a future PR.
Android:
- add vcpkg to Android jobs, enable dependencies.
Assisted-by: Tal Regev via #16045
- make vcpkg work with autotools.
- pass `--with-brotli` to autotools to detect the vcpkg-supplied brotli.
- enable BoringSSL for Android and add a job with it.
- silence 457 CMake configure warnings about the Android NDK CMake
scripts targeting freshly deprecated CMake versions.
These were much more involved than imagined. Basically nothing works out
of the box, and when combined, everything becomes a unique edge case.
autotools builds were a much easier to make work than CMake ones.
Also:
- GHA/non-native: re-sync names to be shorter and more aligned with
other workflows.
- GHA: add `persist-credentials: false` where missing.
Unresolved issues:
- `OPENSSL_ROOT_DIR` ignored/mis-used when pointing it to LibreSSL.
CMake seems to prepend the sysroot to the passed absolute directory.
Found no workaround.
- CMake when combined with Android, both the Google-recommended method
and the built-in CMake method fail to provide a way to avoid
`pkg-config` packages at system directories. Failed to find a knob
that can remove `/usr/include` from the search path. The workaround is
to disable zstd. (I enabled it by default in this release, maybe
premature?: f2adb3b6d7#15431)
Disabling `pkg-config` doesn't work because vcpkg dependencies do not
link without it.
- CMake's Xcode generator is slow because each `try_compile()` feature
check springs a new CMake + Xcode project taking a long time to run,
just to compile single-liner C files. A known issue, with no solution.
`-DCMAKE_MACOSX_BUNDLE=OFF` did not help, limiting build types to
a single one (e.g. `Debug`) also had no effect.
make | Xcode | GHA run
:---- | :---- | :--------------------------------------------------------------------
16s | 2m57s | https://github.com/curl/curl/actions/runs/12866334102/job/35868712426
23s | 4m13s | https://github.com/curl/curl/actions/runs/12868128013/job/35874212461
16s | 3m39s | https://github.com/curl/curl/actions/runs/12859073531/job/35849041880
14s | 2m23s | https://github.com/curl/curl/actions/runs/12858298423/job/35847201313
15s | 2m36s | https://github.com/curl/curl/actions/runs/12858058492/job/35846669761
19s | 3m19s | https://github.com/curl/curl/actions/runs/12868919430/job/35876601168Closes#16043
On Windows a successful `sched_yield()` detection requires mingw-w64
built with POSIX threads (not Win32 threads) and GCC (not llvm/clang).
(linking to `winpthread` via custom options may also work.)
In CMake builds, it was pre-cached as unavailable before this patch.
When detected (via autotools), it got only used for Windows XP or older
targets combined with a non-GCC, non-clang compiler that doesn't support
`__builtin_ia32_pause()`, or with the Intel C compiler. According to
`lib/easy_lock.h`.
mingw-w64 only supports GCC and clang, leaving a very narrow chance when
`shed_yield()` gets called on Windows. Even then, `sched_yield()` is
implemented in `winpthread` as `Sleep(0)`, which may or not be a useful.
It's also trivial to implement locally if it is, and such rare build
combination is also deemed useful.
Thus, this patch marks `sched_yields()` permanently unavailable on the
Windows platform also with autotools, and instead of pre-caching, skip
this feature check with CMake.
This syncs `HAVE_SCHED_YIELDS` between builds methods on Windows.
Follow-up to 9b517c8b69#11973
Follow-up to 23af112f55#8680Closes#16037
Replace `strtok_r()` detection with detection mingw-w64 version.
The use this version to pre-fill `HAVE_STRTOK_R`.
This gives use mingw-w64 version information for free.
Closes#16022
- GHA/non-native: add Android builds, both cmake and autotools,
both NDK 21 (oldest available) and 35 (newest available)
https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2404-Readme.md
It comes with a maintenance burden to bump the oldest/latest values
with CI runner updates.
- cmake: disable `CURL_USE_PKGCONFIG` by default for Android.
To avoid picking up system package by default.
- build: add `ANDROID-<NDK-LEVEL>` flag to `buildinfo.txt`.
Also detect NDK level with the CMake built-in build method:
https://cmake.org/cmake/help/latest/manual/cmake-toolchains.7.html#cross-compiling-for-android
- INSTALL.md: add CMake build instructions for Android.
- INSTALL.md: make NDK levels consistent in `./configure` example.
Closes#16014
CMake (as of 3.31.2) doesn't fully recognize mingw-w64 with
`CMAKE_SYSTEM_NAME=WindowsStore`.
The manual logic works around it.
Also move existing DJGPP workaround to the same block.
Closes#16019
Before this patch it used `ENABLE_IPV6`, the configuration intent.
Replace with `USE_IPV6` which is the actual setting passed to C.
The two can be different for targets without IPv6 support.
Closes#15980
Delete the workaround added via a94a68a3c1
(2013-02-04). The commit message has no details. The comment mentions
"Dialog Hell", and seems to fix CMake missing to regenerate `CURL.sln`
with VS2010. It also added a FIXME saying the workaround can be deleted
with future versions of CMake.
At the time CMake's latest version was v2.8.10.
curl now requires v3.7 (2018) minimum, and v3.24 (2022) was the
latest CMake natively supporting VS2010. Assume this has since been
fixed.
Also: format an MSVC version reference in comment.
Closes#15973
Large file support requires `_fseeki64()`. This function is offered in
VS2005 and upper.
VS2003 has it in the static CRT only, with declaration missing from
headers, so it's not usable.
Ref: https://archive.org/details/X10-38445 (MS Visual Studio .NET 2003)
Ref: 8b76a8aeb2#15526Closes#15958
Dedupe and migrate MSVC-specific warning suppressions to `curl_setup.h`.
Make cmake set `_CRT_SECURE_NO_DEPRECATE` for examples and standalone
tests, and stop setting `_CRT_NONSTDC_NO_DEPRECATE` for them.
Details:
- drop version guards. On ancient MSVC version these macro are a no-op.
- move to `curl_setup.h` from `config-win32*.h`.
- sync macro values with CMake.
- cmake: stop setting them globally in favour of `curl_setup.h`.
- cmake: re-add these macros to `docs/examples` and `tests/http/clients`,
which do not use `curl_setup.h`.
- cmake: drop `_CRT_NONSTDC_NO_DEPRECATE` for examples and tests.
They build fine without.
- update comments.
Closes#15960
Adds the experimental feature `ssls-export` to libcurl and curl for
importing and exporting SSL sessions from/to a file.
* add functions to libcurl API
* add command line option `--ssl-sessions <filename>` to curl
* add documenation
* add support in configure
* add support in cmake
+ add pytest case
Closes#15924
MSVC 1900 and older is missing a `const` specifier in the `inet_ntop()`
declaration for the second argument. A workaround was in place for it
in cmake, but it didn't cover all necessary versions.
Replace the workaround with a different one, move it to `lib/inet_ntop.c`
and extend to all necessary MSVC versions.
Also add CI jobs for the older MSVC versions: 2013, 2015, 2017.
Closes#15923
Via these variables, as lists:
- `CURL_SUPPORTED_PROTOCOLS`
- `CURL_SUPPORTED_FEATURES`
As individual flags:
- `CURL_SUPPORTS_<protocol/feature>` = `TRUE`
Also:
- set `CURL_VERSION_STRING` which was missing when using
`find_package(CURL CONFIG)` or
`find_package(CURL NO_MODULE)`.
- set `CURL_<prototol/feature>_FOUND` for compatibility.
- show full list of missing but required `COMPONENTS`.
Assisted-by: Derek Huang
Fixes#15854Closes#15858
via `DL_LIBRARY`, `MATH_LIBRARY`, `PTHREAD_LIBRARY` variables.
They are used in Rustls, wolfSSL Find modules.
Also:
- always use `NAMES` keyword in `find_library()` calls.
- respect `find_library()` results for `dl`, `m`, `pthread`.
- formatting.
Closes#15892
- cmake: add auto-detection. Sync this with autotools.
- enable for MS-DOS and AmigaOS builds.
(auto-detection doesn't work for cross-builds.)
- tidy up detection snippet.
- fix comment.
Closes#15868
