Added in 37eba37019 (2009-06-17) to help
detecting socket functions.
But, this `socket.h` isn't used in the source code since
90dd1fc664#8288 (2022-01-16).
Closes#15173
Before this patch they were detected via manual methods, then with
`AC_CHECK_FUNCS()`.
Delete the manual checks and keep the latter.
Also delete `CURL_INCLUDES_POLL()` which is no longer used after
the above.
Closes#15170
poll() on macOS 10.12 was deemed broken in 2016 when we discovered that
it misbehaves when provided with no sockets to wait for. The
HAVE_POLL_FINE is used to mark a poll() implementation that behaves
correctly: it *should* still wait the timeout time.
curl has therefore opted to use select() on Apple operating systems ever
since. To avoid the risk that this or other breakage cause problems.
However, using select() internally is also bad because it suffers from
problems when using file descriptors beyond 1024.
This change makes poll() used if it is present, but if there is no
sockets to wait for it avoids using poll() and instead falls back to
select() - but without any sockets to wait for there is no 1024 problem.
This removes all previous special-handling involving HAVE_POLL_FINE.
ref: https://daniel.haxx.se/blog/2016/10/11/poll-on-mac-10-12-is-broken/Closes#15096
Since it seems the _POSIX_C_SOURCE "trick" does not work there, the
check does not find poll().
Fixes#15013
Reported-by: vvb2060 on github
Closes#15037
- lib557: suppress `-Wformat-overflow` warning in source.
Fixes:
```
lib557.c: In function ‘test_float_formatting’:
lib557.c:1408:37: error: ‘%*f’ directive output of 2147483648 bytes exceeds ‘INT_MAX’ [-Werror=format-overflow=]
1408 | curl_msnprintf(buf, sizeof(buf), "%*f", INT_MIN, 9.1);
| ^~~
lib557.c:1408:3: note: ‘curl_msnprintf’ output 2147483649 bytes
1408 | curl_msnprintf(buf, sizeof(buf), "%*f", INT_MIN, 9.1);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
Ref: https://app.circleci.com/pipelines/github/curl/curl/10226/workflows/87642ee9-cda6-4916-8206-c82aac5f595e/jobs/107669?invite=true#step-106-40996_46
The root cause of why this option gets enabled remains undiscovered.
Reported-by: Daniel Stenberg
Fixes#15008
Follow-up to 71cf0d1fca#14772
- build: drop `-Wno-format-overflow` from picky warning list.
These options only get used with picky warnings enabled.
Follow-up to 145f87b9e8#14598
- unit1652: suppress in source (and not rely on picky warnings anymore.)
Closes#15012
Before this patch, only these triplets were considered Apple:
`<cpu>-apple-darwin`
After this patch, these are also considered Apple:
`<cpu>-apple-(ios*|tvos*|visionos*|watchos*|<ETC>)`
`$host_os` (the last third of the triplet) still has a valid use
to differentiate between OS flavours, though for now this isn't
used, aligning with CMake.
Closes#14728
- cmake: drop `configure.os`.
This also includes OS version, but thus far it's not important enough
to include it.
- autotools: drop redundant, autotools-only `{target|host}.vendor`.
(it's part of the triplet in `{target|host}`.)
- swap order to `*.cpu` -> `*.os` to match triplet-order.
- cmake: drop redundant `target`.
It's manually filled and only in a (so far) few CI jobs. Let's revisit
when this becomes useful.
- move `buildinfo.txt` to build root.
- dist: add `buildinfo.txt` to `DISTCLEANFILES`.
- autotools: detect human readable compiler version.
- autotools: replace `XXYY` `compiler.version` with "X.Y"-style.
(also to match cmake.)
- autotools: use distinct `compiler_id` for Apple clang: `APPLECLANG`.
To match cmake and also because the the "X.Y"-style version number
is the Apple version, while `XXYY` was a value roughly translated to
mainline llvm/clang version.
- show buildinfo at the end of the configure stage, when run in CI, or
when `CURL_BUILDINFO` or `CURL_CI` env is set.
Follow-up to 1fdea16846#14802
Assisted-by: Dan Fandrich
Ref: https://github.com/curl/curl/pull/14802#issuecomment-2334942991Closes#14822
It could previously be set with configure/cmake and used in rare cases
for reading randomness: with ancient mbedTLS or rustls without
arc4random.
We now get randomness in this order:
1. The TLS library's way to provide random
2. On Windows: Curl_win32_random
3. if arc4random exists, use that
4. weak non-crytographically strong pseudo-random
Closes#14749
For cross-builds rely on `_POSIX_C_SOURCE` to decide if `poll()` is
supported, rather than just assuming it isn't.
This may still miss to detect `poll()` support, as seen for example with
Linux MUSL cross-builds.
Also:
- GHA/curl-for-win: enable RISC-V 64 cross-target for Linux MUSL.
(to test this case with cmake, with a false-negative.)
The first RISC-V 64 build in curl's CI.
- GHA/curl-for-win: add arm64/intel64 job for Linux glibc.
(to test this case with cmake, and succeed.)
- cmake: delete unnecessary `#include <sys/time.h>` from non-cross-build
`poll()` detection snippet.
Follow-up tp cc8b813765#14718Fixes#14714Closes#14734
Drop Apple-specific detection logic for `poll()`. This detection snippet
has been disabled for Apple in both configure and cmake, for `poll()`
being broken on Apple since 10.12 Sierra (2016).
Also replace `exit(1);` with `return 1;` in configure, to make the
snippets match.
Added in 9297ca49f5#1057 (2016-10-11).
Disabled for:
configure/darwin in a34c7ce754 (2016-10-18)
cmake/macOS in 825911be58#7619
cmake/iOS in d14831233d#8244
cmake/all Apple in a86254b393#12515Closes#14718
POSIX sed doesn't support extended regular expressions, so convert a
call to the basic format. This caused a problem on AIX. Also, use the
detected sed binary name instead of hard-coding one.
-Wformat-overflow is not a warning that we want enabled as it does not
help us. It can only bring us false positives since it warns on bad uses
of sprintf and vsprintf ("that might overflow the destination buffer").
Two functions we explicitly ban in curl code.
The only way this flag triggers warnings in curl code is false positives
for functions we have marked with the CURL_PRINTF() macro.
Further: it seems -Wformat-trunaction option might in turn also enable
-Wformat-overflow, so if this second option is used, we need to
explicitly set -Wno-format-overflow - not just skip setting
-Wformat-overflow.
Reported-by: Viktor Szakats
Fixes#14168Closes#14598
- sync cmake macOS `OS` value manually with the autotools one.
- stop exporting/subst-ing `HAVE_OPENSSL_QUIC` from autotools.
The variable was only used internally.
- exclude a dependency detection symbol.
- allow to run when the workflow itself was updated.
- simplify cmake command.
- fix indentation.
Closes#14546
Use these words and casing more consistently across text, comments and
one curl tool output:
AIX, ALPN, ANSI, BSD, Cygwin, Darwin, FreeBSD, GitHub, HP-UX, Linux,
macOS, MS-DOS, MSYS, MinGW, NTLM, POSIX, Solaris, UNIX, Unix, Unicode,
WINE, WebDAV, Win32, winbind, WinIDN, Windows, Windows CE, Winsock.
Mostly OS names and a few more.
Also a couple of other minor text fixups.
Closes#14360
`nettle` is a direct dependency of curl, when building with GnuTLS.
Add a new `Find` module to detect it.
Also:
- GHA/macos: drop `nettle` hack no longer necessary.
- add `nettle` to `libcurl.pc`.
- also add `nettle` to `libcurl.pc` in autotools builds.
Follow-up to 781242ffa4#11967Closes#14285
Before this patch, `SystemConfiguration` detection failed due to this
error when compiling the detection snippet:
```
/Applications/Xcode_15.3.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/TargetConditionals.h:140:50: error: missing binary operator before token "("
140 | #if !defined(__has_extension) || !__has_extension(define_target_os_macros)
| ^
```
Ref: https://github.com/curl/curl/actions/runs/9821817534/job/27117929218#step:6:1079
It occured with gcc-11 when combined with macOS SDK 14.4 and 14.5
(default SDKs in Xcode 15.3 and 15.4 respectively). It did not happen
with earlier releases.
Despite the failure in `./configure`, `lib/macos.c` compiled with
Apple's `TargetConditionals.h` just fine.
Turns out that including the `sys/types.h` header before the SDK
header fixes the error and makes the detection snippet compile.
Cherry-picked from #14097Closes#14130
- cmake: enable Apple-specific `-Werror=partial-availability` to match
autotools.
- autotools: enable `-pedantic-errors` with llvm/clang to match gcc and
CMake.
- autotools: enable `-Werror-implicit-function-declaration` for
llvm/clang to match gcc.
- cmake: enable `-Werror-implicit-function-declaration` to match
autotools.
- move `-Wpointer-bool-conversion` from autotools to the local file
(`sectransp.c`) it was meant to apply. This way it applies to all
build methods.
- autotoos: show `CURL_CFLAG_EXTRAS` in the `./configure` summary.
(it may contain `-Werror` and/or `-pedentic-errors`.)
Cherry-picked from #14097Closes#14128
- sort features case-insensitively to match `curl -V` and cmake.
`sort -f` is POSIX, but check if it's available anyway.
- make protocols lowercase to match `curl -V` and cmake.
- replace two outlier `$()` with backticks.
Closes#14117
Also:
- remove stray `ECH` and `HTTPSRR` from cmake protocol list.
- stop excluding `Debug` and `TrackMemory` in `test1013.pl`.
- configure: delete `CURL_CHECK_CURLDEBUG` check.
Ref: 065047dc62
This check was effectively doing nothing, except disabling
`--enable-curldebug` in `curl-config` for
Cygwin/MSYS/cegcc/OS2/AIX targets with c-ares enabled.
Closes#14096
- when checking for QUIC support in OpenSSL, also check
for it being at least 3.3.0
- remove workarounds for features buggy or missing in 3.2
Closes#14026
- no longer warns for mbedtls
- warns for each item on individual lines
- no longer shows irrelevant TLS libraries when multiple are selected
- removes ech repetition
Closes#13941
- cmake: populate for dependencies.
- autotools: populate for dependencies.
(including mbedtls, though the script does not detect
mbedtls through pkgconfig. mbedtls 3.6.0 now supports it.)
Skip dealing with gssapi in this patch.
Fixes#864Closes#13911
MIPSPro and the predecessor compiler which was part of the IDO (IRIS
Development Option) were only ever shipped on the SGI IRIX operating
system (with MIPSPro on 6.0+ which was released in 1994). Limit the
autoconf check to IRIX when probing for these compilers to save some
cycles on other platforms.
Closes: #13611
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
It's necessary to set this var to "yes" _after_ AC_DEFINE and AC_SUBST
in order for a later `test` to pass so that `check_for_ca_bundle=1` ends
up being set. This is in turn required for the default CA certificate
bundle to be set when building w/ rustls & pkg-config.
Reported-by: Matt Jolly
Fixes#13248Closes#13251
The previous pkg-config code would successfully detect rustls but did
not set all appropriate variables and call the right macros to properly
configure cURL.
Reported-by: kpcyrd on github
Fixes#13200Closes#13202
Based on the existing openssl pkg-config detection, this commit tries to
use pkg-config to find `rustls` then falls back to the current approach
if that fails.
We use the following logic:
- if no path is provided, just use pkg-config, if it's not there we have
a problem!
- if a path is provided, try pkg-config
+ if pkg-config fails, try and find rustls directly
Closes#13179
If OpenSSL is found to be BoringSSL or AWS-LC, and ngtcp2 is requested,
try to detect libngtcp2_crypto_boringssl.
Reported-by: ウさん
Fixes#12724Closes#12769
- HTTP/3 for curl using OpenSSL's own QUIC stack together
with nghttp3
- configure with `--with-openssl-quic` to enable curl to
build this. This requires the nghttp3 library
- implementation with the following restrictions:
* macOS has to use an unconnected UDP socket due to an
issue in OpenSSL's datagram implementation
See https://github.com/openssl/openssl/issues/23251
This makes connections to non-reponsive servers hang.
* GET requests will send the indicator that they have
no body in a separate QUIC packet. This may result
in processing delays or Transfer-Encodings on proxied
requests
* uploads that encounter blocks will use 100% cpu as
detection of these flow control issue is not working
(we have not figured out to pry that from OpenSSL).
Closes#12734
Most importantly perhaps is when using OpenSSL that the used
build/flavor has the QUIC API: the vanilla OpenSSL does not, only
BoringSSL, libressl, AWS-LC and quictls do.
Ref: 5d044ad948 (r136780413)Closes#12683
- enable `-Wsign-conversion` warnings, but also setting them to not
raise errors.
- fix `-Warith-conversion` warnings seen in CI.
These are triggered by `-Wsign-converion` and causing errors unless
explicitly silenced. It makes more sense to fix them, there just a few
of them.
- fix some `-Wsign-conversion` warnings.
- hide `-Wsign-conversion` warnings with a `#pragma`.
- add macro `CURL_WARN_SIGN_CONVERSION` to unhide them on a per-build
basis.
- update a CI job to unhide them with the above macro:
https://github.com/curl/curl/actions/workflows/linux.yml -> OpenSSL -O3
Closes#12492
`winsock2.h` pulls in `windows.h`. `ws2tcpip.h` pulls in `winsock2.h`.
`winsock2.h` and `ws2tcpip.h` are also pulled by `curl/curl.h`.
Keep only those headers that are not already included, or the code under
it uses something from that specific header.
Closes#12539
- autotools, cmake: assume that if we detect Windows, `windows.h`,
`winsock2.h` and `ws2tcpip.h` do exist.
- lib: fix 3 outlier `#if` conditions to use `USE_WINSOCK` instead of
looking for `winsock2.h`.
- autotools: merge 3 Windows check methods into one.
- move Watt-32 and lwIP socket support to `setup-win32.h` from
`config-win32.h`. It opens up using these with all build tools. Also
merge logic with Windows Sockets.
- fix to assume Windows sockets with the mingw32ce toolchain.
Follow-up to: 2748c64d60
- cmake: delete unused variable `signature_call_conv` since
eb33ccd533.
- autotools: simplify `CURL_CHECK_WIN32_LARGEFILE` detection.
- examples/externalsocket: fix header order.
- cmake/OtherTests.cmake: delete Windows-specific `_source_epilogue`
that wasn't used anymore.
- cmake/OtherTests.cmake: set `WIN32_LEAN_AND_MEAN` for test
`SIZEOF_STRUCT_SOCKADDR_STORAGE`.
After this patch curl universally uses `_WIN32` to guard
Windows-specific logic. It guards Windows Sockets-specific logic with
`USE_WINSOCK` (this might need further work).
Reviewed-by: Jay Satiro
Closes#12495
https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
as of 2023-11-29 [1].
Enable new recommended warnings (except `-Wsign-conversion`):
- enable `-Wformat=2` for clang (in both cmake and autotools).
- add `CURL_PRINTF()` internal attribute and mark functions accepting
printf arguments with it. This is a copy of existing
`CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible
with redefinting the `printf` symbol:
https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94
- fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for
mingw-w64 and enable it on this platform.
- enable `-Wimplicit-fallthrough`.
- enable `-Wtrampolines`.
- add `-Wsign-conversion` commented with a FIXME.
- cmake: enable `-pedantic-errors` the way we do it with autotools.
Follow-up to d5c0351055#2747
- lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format
checks. Previously it was always disabled due to the internal `printf`
macro.
Fix them:
- fix bug where an `set_ipv6_v6only()` call was missed in builds with
`--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`.
- add internal `FALLTHROUGH()` macro.
- replace obsolete fall-through comments with `FALLTHROUGH()`.
- fix fallthrough markups: Delete redundant ones (showing up as
warnings in most cases). Add missing ones. Fix indentation.
- silence `-Wformat-nonliteral` warnings with llvm/clang.
- fix one `-Wformat-nonliteral` warning.
- fix new `-Wformat` and `-Wformat-security` warnings.
- fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its
definition to `lib/curl_setup.h` allowing use in `tests/server`.
- lib: fix two wrongly passed string arguments in log outputs.
Co-authored-by: Jay Satiro
- fix new `-Wformat` warnings on mingw-w64.
[1] 56c0fde389/docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C%2B%2B.mdCloses#12489
