Previously this cleared the receiving bit only but in some cases it is
also still sending (like a request-body) when disconnected and neither
direction can continue then.
Fixes#11769
Reported-by: Oleg Jukovec
Closes#11795
- added test cases for various code paths
- fixed handling of blocked write when stream had
been closed inbetween attempts
- re-enabled DEBUGASSERT on send with smaller data size
- in debug builds, environment variables can be set to simulate a slow
network when sending data. cf-socket.c and vquic.c support
* CURL_DBG_SOCK_WBLOCK: percentage of send() calls that should be
answered with a EAGAIN. TCP/UNIX sockets.
This is chosen randomly.
* CURL_DBG_SOCK_WPARTIAL: percentage of data that shall be written
to the network. TCP/UNIX sockets.
Example: 80 means a send with 1000 bytes would only send 800
This is applied to every send.
* CURL_DBG_QUIC_WBLOCK: percentage of send() calls that should be
answered with EAGAIN. QUIC only.
This is chosen randomly.
Closes#11756
`Curl_hyper_stream` needs to distinguish between two kinds of
`HYPER_TASK_EMPTY` tasks: (a) the `foreach` tasks it creates itself, and
(b) background tasks that hyper produces. It does this by recording the
address of any `foreach` task in `hyptransfer->endtask` before pushing
it into the executor, and then comparing that against the address of
tasks later polled out of the executor.
This works right now, but there is no guarantee from hyper that the
addresses are stable. `hyper_executor_push` says "The executor takes
ownership of the task, which should not be accessed again unless
returned back to the user with `hyper_executor_poll`". That wording is a
bit ambiguous but with my Rust programmer's hat on I read it as meaning
the task returned with `hyper_executor_poll` may be conceptually the
same as a task that was pushed, but that there are no other guarantees
and comparing addresses is a bad idea.
This commit instead uses `hyper_task_set_userdata` to mark the `foreach`
task with a `USERDATA_RESP_BODY` value which can then be checked for,
removing the need for `hyptransfer->endtask`. This makes the code look
more like that hyper C API examples, which use userdata for every task
and never look at task addresses.
Closes#11779
`Curl_pgrsSetUploadCounter` should be a passed a total count, not an
increment.
This changes the failing diff for test 579 with hyper from this:
```
Progress callback called with UL 0 out of 0[LF]
-Progress callback called with UL 8 out of 0[LF]
-Progress callback called with UL 16 out of 0[LF]
-Progress callback called with UL 26 out of 0[LF]
-Progress callback called with UL 61 out of 0[LF]
-Progress callback called with UL 66 out of 0[LF]
+Progress callback called with UL 29 out of 0[LF]
```
to this:
```
Progress callback called with UL 0 out of 0[LF]
-Progress callback called with UL 8 out of 0[LF]
-Progress callback called with UL 16 out of 0[LF]
-Progress callback called with UL 26 out of 0[LF]
-Progress callback called with UL 61 out of 0[LF]
-Progress callback called with UL 66 out of 0[LF]
+Progress callback called with UL 40 out of 0[LF]
```
Presumably a step in the right direction.
Closes#11780
Allow overriding the default TLS backend via a CMake setting.
E.g.:
`cmake [...] -DCURL_DEFAULT_SSL_BACKEND=mbedtls`
Accepted values: bearssl, gnutls, mbedtls, openssl, rustls,
schannel, secure-transport, wolfssl
The passed string is baked into the curl/libcurl binaries.
The value is case-insensitive.
We added a similar option to autotools in 2017 via
c7170e20d0.
TODO: Convert to lowercase to improve reproducibility.
Closes#11774
- delete completed TODO from `./CMakeLists.txt`.
- convert a C++ comment to C89 in `./CMake/CurlTests.c`.
- delete duplicate EOLs from EOF.
- add missing EOL at EOF.
- delete whitespace at EOL (except from expected test results).
- convert tabs to spaces.
- convert CRLF EOLs to LF in GHA yaml.
- text casing fixes in `./CMakeLists.txt`.
- fix a codespell typo in `packages/OS400/initscript.sh`.
Closes#11772
- During the check to differentiate between a port and IPv6 address
without brackets, write the binary IPv6 address to an in6_addr.
Prior to this change the binary IPv6 address was erroneously written to
a sockaddr_in6 'sa6' when it should have been written to its in6_addr
member 'sin6_addr'. There's no fallout because no members of 'sa6' are
accessed before it is later overwritten.
Closes https://github.com/curl/curl/pull/11747
When curl wants to connect to a host, it always has a TIMEOUT. The
maximum time it is allowed to spend until a connect is confirmed.
curl will try to connect to each of the IP adresses returned for the
host. Two loops, one for each IP family.
During the connect loop, while curl has more than one IP address left to
try within a single address family, curl has traditionally allowed (time
left/2) for *this* connect attempt. This, to not get stuck on the
initial addresses in case the timeout but still allow later addresses to
get attempted.
This has the downside that when users set a very short timeout and the
host has a large number of IP addresses, the effective result might be
that every attempt gets a little too short time.
This change stop doing the divided-by-two if the total time left is
below a threshold. This threshold is 600 milliseconds.
Closes#11693
When UDP packets get lost this makes for slightly faster retries. This
lower timeout is used by @c-ares itself by default starting next
release.
Closes#11753
Store numerical IPv6 addresses in the alt-svc file with the brackets
present.
Verify with test 437 and 438
Fixes#11737
Reported-by: oliverpool on github
Closes#11743
Some of these changes come from comparing `Curl_http` and
`start_CONNECT`, which are similar, and adding things to them that are
present in one and missing in another.
The most important changes:
- In `start_CONNECT`, add a missing `hyper_clientconn_free` call on the
happy path.
- In `start_CONNECT`, add a missing `hyper_request_free` on the error
path.
- In `bodysend`, add a missing `hyper_body_free` on an early-exit path.
- In `bodysend`, remove an unnecessary `hyper_body_free` on a different
error path that would cause a double-free.
https://docs.rs/hyper/latest/hyper/ffi/fn.hyper_request_set_body.html
says of `hyper_request_set_body`: "This takes ownership of the
hyper_body *, you must not use it or free it after setting it on the
request." This is true even if `hyper_request_set_body` returns an
error; I confirmed this by looking at the hyper source code.
Other changes are minor but make things slightly nicer.
Closes#11745
We've seen errors left in the OpenSSL error queue (specifically,
"shutdown while in init") by adding some logging it revealed that the
source was this file.
Since we call SSL_read and SSL_shutdown here, but don't check the return
code for an error, we should clear the OpenSSL error queue in case one
was raised.
This didn't affect curl because we call ERR_clear_error before every
write operation (a0dd9df9ab), but when
libcurl is used in a process with other OpenSSL users, they may detect
an OpenSSL error pushed by libcurl's SSL_shutdown as if it was their
own.
Co-authored-by: Satana de Sant'Ana <satana@skylittlesystem.org>
Closes#11736
There is a `hyper_clientconn_free` call on the happy path, but not one
on the error path. This commit adds one.
Fixes the second memory leak reported by Valgrind in #10803.
Fixes#10803Closes#11729
A request created with `hyper_request_new` must be consumed by either
`hyper_clientconn_send` or `hyper_request_free`.
This is not terrifically clear from the hyper docs --
`hyper_request_free` is documented only with "Free an HTTP request if
not going to send it on a client" -- but a perusal of the hyper code
confirms it.
This commit adds a `hyper_request_free` to the `error:` path in
`Curl_http` so that the request is consumed when an error occurs after
the request is created but before it is sent.
Fixes the first memory leak reported by Valgrind in #10803.
Closes#11729
In this situation, only part of the data has been sent before aborting
so the connection is no longer usable.
Assisted-by: Jay Satiro
Fixes#11678Closes#11679
When the legacy CURLOPT_HTTPPOST option is used, it gets converted into
the modem mimpost struct at first use. This data is (now) kept for the
entire transfer and not only per single HTTP request. This re-enables
rewind in the beginning of the second request instead of in end of the
first, as brought by 1b39731.
The request struct is per-request data only.
Extend test 650 to verify.
Fixes#11680
Reported-by: yushicheng7788 on github
Closes#11682
- bring bearssl handshake times down from +200ms down to other TLS backends
- vtls: improve generic get_select_socks() implementation
- tests: provide Apache with a suitable ssl session cache
Closes#11675
In parallel with ngtcp2, quiche also offers the `quiche_conn_on_timeout`
interface for the application to invoke upon timer
expiration. Therefore, invoking the `on_timeout` function of the
Connection is crucial to ensure seamless functionality of quiche with
timeout events.
Closes#11654
In order to get Negotiate (SPNEGO) authentication to work in HTTP you
used to be required to provide a (fake) user name (this concerned both
curl and the lib) because the code wrongly only considered
authentication if there was a user name provided, as in:
curl -u : --negotiate https://example.com/
This commit leverages the `struct auth` want member to figure out if the
user enabled CURLAUTH_NEGOTIATE, effectively removing the requirement of
setting a user name both in curl and the lib.
Signed-off-by: Marin Hannache <git@mareo.fr>
Reported-by: Enrico Scholz
Fixes https://sourceforge.net/p/curl/bugs/440/Fixes#1161Closes#9047
2ebc74c36a#11546 introduced sharing
libcurl objects for shared and static targets.
The above automatically enabled for Windows builds, with an option to
disable with `SHARE_LIB_OBJECT=OFF`.
This patch extend this feature to all platforms as a manual option.
You can enable it by setting `SHARE_LIB_OBJECT=ON`. Then shared objects
are built in PIC mode, meaning the static lib will also have PIC code.
[EXPERIMENTAL]
Closes#11627
