When enabled in the build.
Update test2100: verify with HTTPS RR included
Adjust runtests and server/disabled.c to include "HTTPSRR" as a feature
in the test suite.
Also, decode the ALPN list in HTTPS records straight into IDs. There's
no point in storing everything in string format. Skip ALPNs we do not
support.
Closes#16007
This typically happens if CURL_CONNECT_ONLY is used and a second
curl_easy_perform() is attempted.
A connection "taken over" with CURL_CONNECT_ONLY cannot be ended any
other way than a curl_easy_cleanup() on the easy handle that holds it.
Add test 696 to verify.
Closes#16003
- Change setopt and pretransfer to always reset URL related variables
for a CURLU handle set CURLOPT_CURLU.
This change is to ensure we are in compliance with the doc which says
CURLU handles must be able to override a URL set via CURLOPT_URL and
that if the contents of the CURLU handle changes between transfers then
the updated contents must be used.
Prior to this change, although subsequent transfers appear to be
performed correctly in those cases, the work URL `data->state.url` was
not updated. CURLINFO_EFFECTIVE_URL returns data->state.url to the user
so it would return the URL from the initial transfer which was the wrong
URL. It's likely there are other cases as well.
Ref: https://curl.se/libcurl/c/CURLOPT_CURLU.html
Reported-by: Nicolás San Martín
Fixes https://github.com/curl/curl/issues/15984
Closes https://github.com/curl/curl/pull/15985
In the double output function when an extremely large width and
precision is set that reaches the libcurl maximum (325), the handling of
the precision part would do wrong which could lead to bad output.
Also: work-around for single-byte buffer snprintf overflow with mingw.
Extend test 557 to verify.
Coverity CID 1638751.
Closes#15988
Coverity CID 1638753 correctly identies this code misbehaved if the
passed in suboption is exactly one byte long by substracting two from
the unsigned size_t variable.
Closes#15987
The TLS session cache is now held by the multi handle unless it is
shared, so that all easy handles within a multi handle get the benefit
of sharing the same, larger, cache.
The multi handle session cache size is set to 25, unless it is the
internal one used for the easy interface - which still uses only 3.
Closes#15982
- cmake, config-*: drop unused `PACKAGE*`, `VERSION` variables.
- config-win32: indentation
- config-win32ce: drop mingw-specific code.
This header is not used with MinGW.
- config-win32ce: `_WIN64` is never true for Windows CE, drop.
Closes#15978
Delete the workaround added via a94a68a3c1
(2013-02-04). The commit message has no details. The comment mentions
"Dialog Hell", and seems to fix CMake missing to regenerate `CURL.sln`
with VS2010. It also added a FIXME saying the workaround can be deleted
with future versions of CMake.
At the time CMake's latest version was v2.8.10.
curl now requires v3.7 (2018) minimum, and v3.24 (2022) was the
latest CMake natively supporting VS2010. Assume this has since been
fixed.
Also: format an MSVC version reference in comment.
Closes#15973
Large file support requires `_fseeki64()`. This function is offered in
VS2005 and upper.
VS2003 has it in the static CRT only, with declaration missing from
headers, so it's not usable.
Ref: https://archive.org/details/X10-38445 (MS Visual Studio .NET 2003)
Ref: 8b76a8aeb2#15526Closes#15958
Build failed when both `ADDRESS_FAMILY` and `sockaddr_un` stuct were
missing from the Windows SDK, with UnixSockets enabled.
Seen with GNU 4.4.0 in CeGCC 0.59.1:
```
lib/curl_setup.h:983: error: expected specifier-qualifier-list before 'ADDRESS_FAMILY'
lib/curl_setup.h:985: warning: struct has no members
```
Also reported with VS2003:
https://datagirl.xyz/posts/wolfssl_curl_w2k.htmlCloses#15969
In effect it meant `_WIN32 && !USE_WIN32_LARGE_FILES`.
Replace it with these macros.
Also:
- configure: delete tautological check for small file support.
- configure: delete stray `_MSC_VER` reference. autotools does not
support MSVC.
- drop tautological checks for WinCE in `config-win32*.h` when setting
`USE_WIN32_LARGE_FILES`.
- merge related PP logic.
- prefer `#ifdef`, fix whitespace.
Suggested-by: Marcel Raad
Report: https://github.com/curl/curl/pull/15952#issuecomment-2580092328Closes#15968
- drop unused `LIBIDN_REQUIRED_VERSION` macro.
Unused since 9c91ec7781
- drop compatibility error for `CURL_WANTS_CA_BUNDLE_ENV`.
This macro was once set by `Makefile.mk` and Watcom makefiles.
They are no longer supported, making the compatibility message moot.
Follow-up to 7d7346519d#1542 (2017)
Follow-up to c2aeb1b3ba#1538 (2017)
- document last MSVC supporting the `!_MT` condition
Ref: https://stackoverflow.com/questions/2278919/are-the-time-functions-of-msvc-thread-safe
- flatten an `#if` tree, prefer `#ifdef`.
- fix/adjust indentation, whitespace.
Closes#15967
Dedupe and migrate MSVC-specific warning suppressions to `curl_setup.h`.
Make cmake set `_CRT_SECURE_NO_DEPRECATE` for examples and standalone
tests, and stop setting `_CRT_NONSTDC_NO_DEPRECATE` for them.
Details:
- drop version guards. On ancient MSVC version these macro are a no-op.
- move to `curl_setup.h` from `config-win32*.h`.
- sync macro values with CMake.
- cmake: stop setting them globally in favour of `curl_setup.h`.
- cmake: re-add these macros to `docs/examples` and `tests/http/clients`,
which do not use `curl_setup.h`.
- cmake: drop `_CRT_NONSTDC_NO_DEPRECATE` for examples and tests.
They build fine without.
- update comments.
Closes#15960
curl requires C compilers supporting 64-bit `curl_off_t` type since
835682661c#10597 (v8.0.0).
Assume the MSVC compiler offers the necessary support.
It makes curl require Visual Studio .NET 2003, v7.1 (`_MSC_VER = 1310`).
With the possibility that 1300 (Visual Studio .NET, v7.0, 2002), or 1200
(Visual C++, 32-bit, v6.0, 1998) may also work.
Follow-up to ca18198dd4#15952Closes#15955
The pending cookie RFC update (currently known as 6265bis draft-19) says
Let cookie-age-limit be the maximum age of the cookie (which name of
Max-Age and an attribute-value of expiry-time. SHOULD be 400 days or
less.
This change makes received cookies over the wire get capped to 400 days.
It does not cap the expiry date of cookies loaded from file.
It does this by rounding the expire time to a even minute. This, to
allow the test suite to do the same and have a chance to get the same
number for stable testing without requiring a debug build.
The test script generates TWO numbers in the output file for each
%days[] used in the input test file, and the function that subsequently
compares and verifies output is fine with *either* of the two numbers.
This is done so that if the test case is generated the second
immediately before curl runs, that updated expiry number is also deemed
okay. It still checks for an exact match of either number.
Closes#15937
When using early data with GnuTLS, the the timer `appconnect`
had the value from the "pretended" connect, not when the actual
TLS handshake was done.
Closes#15954
It's Visual C++, 32-bit, version 2.0, released in 1993. Used to verify
if `_INTEGRAL_MAX_BITS` is available.
After this patch we assume `_INTEGRAL_MAX_BITS` is always available in
MSVC.
Closes#15952
- drop version guard for `__inline`.
Supported since `_MSC_VER` 1000.
Visual C++, 32-bit, version 4.0 (1996)
- drop version guard for `__declspec(noreturn)` and `__forceinline`.
Supported since `_MSC_VER` 1200.
Visual C++, 32-bit, version 6.0 (1998)
For ancient versions, it's possible to override the default behaviour
by setting these macros via `CPPFLAGS`: `CURL_NORETURN`, `CURL_INLINE`,
`CURL_FORCEINLINE`
Closes#15946
We decided last year not to pursue avoiding this warning, because it
adds noise and friction, while in most cases not revealing actual code
issues. We fixed the interesting portion of them throughout mid-2024.
Conclude this effort by deleting related FIXMEs and temporary comments.
Follow-up to 3829759bd0#12489Closes#15939
This discussion:
https://github.com/openssl/openssl/discussions/23339#discussion-6094341
Specifically item number 2 (Send Blocking) was raised by the curl team,
noting that SSL_want_write returning false was not a good indicator of
when a stream is writeable. The suggestion in that discussion was to use
SSL_poll with an SSL_POLL_EVENT_W flag instead, as that is a proper
indication of when an SSL_object will allow writing without blocking.
While ssl_want_write updates its state based on the last error
encountered (implying a need to retry an operation to update the
last_error state again), SSL_poll checks stream buffer status during the
call, giving it more up to date information on request. This is the
method used by our guide demos (quic-hq-interop specifically), and it
works well.
This change has been run through the curl test suite, and shown to pass
all tests. However, given the initial problem description I'm not sure
if there is a test case that explicitly checks for blocking and
unblocking of streams. As such some additional testing may be warranted.
Closes#15909
The TE request header field is invalid in HTTP/2. Since clients may not
know in advance if a connection negotiates HTTP/2, automatically strip
such a header when h2 is in play.
Add test_01_10 to verify.
Reported-by: Jiri Stary
Fixes#15941Closes#15943
Adds the experimental feature `ssls-export` to libcurl and curl for
importing and exporting SSL sessions from/to a file.
* add functions to libcurl API
* add command line option `--ssl-sessions <filename>` to curl
* add documenation
* add support in configure
* add support in cmake
+ add pytest case
Closes#15924
- bump cookie counter and "creation time" to use 'unsigned int'
- use BIT() for single-bit struct field
- make invalid_octets() return bool properly
Closes#15921
MSVC 1900 and older is missing a `const` specifier in the `inet_ntop()`
declaration for the second argument. A workaround was in place for it
in cmake, but it didn't cover all necessary versions.
Replace the workaround with a different one, move it to `lib/inet_ntop.c`
and extend to all necessary MSVC versions.
Also add CI jobs for the older MSVC versions: 2013, 2015, 2017.
Closes#15923
Count connections to a host against a possibly configured destination
limit. Trigger multi `connchange` when a connection has been shutdown,
so pending transfers can try to get a connection once again.
Reported-by: baranyaib90 on github
Fixes#15857Closes#15879
Subparts may have been previously used as a top-level mime structure and
thus not rewound.
New test 695 checks the proper functioning in these particular conditions.
Reported-by: Qriist on github
Fixes#15842Closes#15911
This just adds a precaution and shows a clear intention in the code.
Added because CodeSonar is reporting a false positive Use After Free on
this function.
Closes#15889
curl_multi_waitfds(m, NULL, ...);
=> Curl_waitfds_init(&cwfds, ufds, size);
=> Curl_waitfds_add_ps(&cwfds);
=> cwfds_add_sock(cwfds, ...);
Would then try to use the ->wfds array while set to NULL previously.
This should not happen, which this is now also protected with an assert
to trigger debug builds if it happens.
Caught by CodeSonar
Assisted-by: Jay Satiro
Closes#15881
In OpenSSL < 3.0, the modularity was provided by mechanism called
"engines". This is supported in curl, but the engines got deprecated
with OpenSSL 3.0 in favor of more versatile providers.
This adds a support for OpenSSL Providers, to use PKCS#11 keys, namely
through the pkcs11 provider. This is done using similar approach as the
engines and this is automatically built in when the OpenSSL 3 and newer
is used.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Closes#15587
