Fix use of nghttpx fixture to be present even when h3 is not
available in curl. Fix TLS protocol versions expectations for
older openssl versions.
Closes#17538
impacket could not be used as it neeeds package six
- openbsd does not find python3, add package six
- http2-server.pl: only warn about unknown parameter if not empty string
Closes#17532
The ssh libraries do not reveal if they still have data buffered from
the peer. Only when their buffers are read empty can curl be sure that
it is safe to rely on socket polling.
This change adds detection of EGAIN on receive in the transfer loop and
allows SFTP/SCP transfers to avoid a busy loop in such a case (which
should happen often when CPU exceeds network bandwidth).
Closes#17533
Test1117 seems to verify that a response, incoming slowly, is read
completely before sending another request on the same connection.
The previsou write delay of 1000ms made the test last 23+ seconds.
A delay of 100ms seems to achieve the same test on modern machines, but
the overall run time is less than 3 seconds.
Closes#17530
Options marked ARG_NO should have their 'toggle' value reverted when the
short option is used as it implies using the --no- prefix.
-N happens be the only short option flag for a --no- long option.
Reported-by: Stefan Eissing
Closes#17527
To set `-D_GNU_SOURCE`.
Required to declare `accept4` on uclibc targets. `host_os` can have
the value `uclinux-uclibcgnueabi` in this case.
Fixing:
```
cf-socket.c: In function 'cf_tcp_accept_connect':
cf-socket.c:2141:18: error: implicit declaration of function 'accept4'; did you mean 'accept'? [-Werror=implicit-function-declaration]
2141 | s_accepted = accept4(ctx->sock, (struct sockaddr *) &add, &size,
```
Follow-up to 3d02872be7#16979
Reported-by: Kadambini Nema
Fixes#17512Closes#17524
In the documentation for the --continue-at and --range options.
A future version could implement support for the new standard HTTP resumed
uploads mechanism.
Ref: #17510Closes#17521
Improve the JSON result format to be more descriptive and
easier to parse.
Add --print option to scorecard.py that prints a saved JSON file
Add date field to score card.
Closes#17465
CURLOPT_NOPROGRESS is being set twice, if a file is uploaded from '.'.
Fix order of options so that '.' can override the global setting. Without
this, the `tool_readbusy_cb()` is never inoked and cannot unpause a
transfer waiting for more input.
Fixes#17513
Reported-by: denandz on github
Closes#17517
It was previously just ignored, now it triggers an error. It was never
documented (nor intended) to work.
Fixes#17508
Reported-by: Dan Fandrich
Closes#17511
This started out as regression tests for the `curl_ws_recv()` and
`curl_ws_send()` implementation and ended up with a bugfix, additional
protocol validation and minor logging improvements.
- Fix reset of fragmented message decoder state when a PING/PONG is
received in between message fragments.
- Fix undefined behavior (applying zero offset to null pointer) in
curl_ws_send() when the given buffer is NULL.
- Detect invalid overlong PING/PONG/CLOSE frames.
- Detect invalid fragmented PING/PONG/CLOSE frames.
- Detect invalid sequences of fragmented frames.
- a) A continuation frame (0x80...) is received without any ongoing
fragmented message.
- b) A new fragmented message is started (0x81/0x01/0x82/0x02...)
before the ongoing fragmented message has terminated.
- Made logs for invalid opcodes easier to understand.
- Moved noisy logs to the `CURL_TRC_WS` log level.
- Unified the prefixes for WebSocket log messages: `[WS] ...`
- Add env var `CURL_WS_FORCE_ZERO_MASK` in debug builds.
- If set, it forces the bit mask applied to outgoing payloads to
0x00000000, which effectively means the payload is not masked at
all. This drastically simplifies defining the expected `<protocol>`
data in test cases.
- 2700: Frame types
- 2701: Invalid opcode 0x3
- 2702: Invalid opcode 0xB
- 2703: Invalid reserved bit RSV1 _(replaces 2310)_
- 2704: Invalid reserved bit RSV2
- 2705: Invalid reserved bit RSV3
- 2706: Invalid masked server message
- 2707: Peculiar frame sizes _(part. replaces 2311)_
- 2708: Automatic PONG
- 2709: No automatic PONG _(replaces 2312)_
- 2710: Unsolicited PONG
- 2711: Empty PING/PONG/CLOSE
- 2712: Max sized PING/PONG/CLOSE
- 2713: Invalid oversized PING _(replaces 2307)_
- 2714: Invalid oversized PONG
- 2715: Invalid oversized CLOSE
- 2716: Invalid fragmented PING
- 2717: Invalid fragmented PONG
- 2718: Invalid fragmented CLOSE
- 2719: Fragmented messages _(part. replaces 2311)_
- 2720: Fragmented messages with empty fragments
- 2721: Fragmented messages with interleaved pong
- 2722: Invalid fragmented message without initial frame
- 2723: Invalid fragmented message without final frame
- 2305: curl_ws_recv() loop reading three larger frames
- This test involuntarily sent an invalid sequence of opcodes (0x01...,0x01...,0x81...) , but neither libcurl nor the test caught this! The correct sequence was tested in 2311 (0x01...,0x00...,0x80...). See below for 2311.
- Validation of the opcode sequence was added to libcurl and is now tested in 2723.
- Superseded by 2719 (fragmented message) and 2707 (large frames).
- 2307: overlong PING payload
- The tested PING payload length check was actually missing, but the test didn't catch this since it involuntarily sent an invalid opcode (0x19... instead of 0x89...) so that the expected error occurred, but for the wrong reason.
- Superseded by 2713.
- 2310: unknown reserved bit set in frame header
- Superseded by 2703 and extended by 2704 and 2705.
- 2311: curl_ws_recv() read fragmented message
- Superseded by 2719 (fragmented message) and 2707 (large frames).
- 2312: WebSockets no auto ping
- Superseded by 2709.
- No tests for `CURLOPT_WRITEFUNCTION`.
- No tests for sending of invalid frames/fragments.
Closes#17136
Fix all lookups of the port a server is using by
- unlinking the portfile before the start
- waiting `timeout` seconds for the port file to exist
and contain a positive number
- check results and fail server start when port could
not be determined
Closes#17516
The test had `Closing connection 0` in its expectations, but a stripfile
expression that removes such lines. No recent changes, but started failing
this morning.
Too little coffee for me? Or what triggered this?
Closes#17515
- test1510: it was marked flaky, then disabled. Keep the flaky flag
and allow it to run again.
Ref: ef02da3156
Ref: 0110cced2a
- GHA/linux: extend information about the heimdal valgrind failures.
- GHA/macos: unignore 2037 2041 in torture tests. They no longer
appear flaky.
Follow-up to 4b791dca37#14667Closes#17462
Instead of curl.haxx.se
Also widen the .gitignore for libtest, since it missed libtest751,
so ignore three digit tests that start with 5-9 instead of just 5-6.
Closes#17502
It did not parse them correctly. Problem never shows before we don't run
torture tests with these functions - yet.
Seen when enabling torture tests with the threaded resolver.
Closes#17503
If there were two tests using the "https-mtls" server there was a perl
unbound variable error, since certfile wan't set. Additionally, once the
responsiveserver function was actually called, it failed finding a
responsiveness function. For now I made it use the `verifypid` function,
since the curl execution in `verifyhttp` doesn't know about client
certificates.
Closes#17493
When ftp_done() is called to terminate the transfer, it needs to tear
down any open SECONDARY filter chain. The condition on when to do that
was relying on there to be a valid socket. This is not sufficient as the
socket is only set *after* happy eyeballing has decided on one.
Instead of checking for a valid conn->sock, check if any connection
filter is installed.
Fixes#17482
Reported-by: Rasmus Melchior Jacobsen
Closes#17491
When running under load, a started server may not produce a valid portfile
before the runner starts reading it. If the read is not successful, wait
for 100ms and try again, timing out after 15 seconds.
Fixes#17492Closes#17495
With a dash, using two Ls. Also for different forms of the word.
Use NULL in all uppercase if it means a zero pointer.
Follow-up to 307b7543eaCloses#17489
Early data was reported as being sent, but was not. While everything was
aligned with the Gods and early data was reported as accepted, the
actual sending required another call to wolfSSL.
Fixes#17481
Reported-by: Ethan Everett
Closes#17488
Because by checking for NULL when the argument can never be NULL, they
mislead the static analyzers into thinking it *can* be NULL and then the
analyzers tend to warn about other places in the code *without* the
check!
Closes#17483
After Gmail called out the typo I fixed on
532d89a866, I've decided to paste the
whole man page into Google docs and check what other issues it would
spot.
I know, it sounds silly, but I've just spent the last hour and a half
going over each one of them and fixing everything which was a true
finding and non-controversial.
Closes#17480
