CURLOPT_NOPROGRESS is being set twice, if a file is uploaded from '.'.
Fix order of options so that '.' can override the global setting. Without
this, the `tool_readbusy_cb()` is never inoked and cannot unpause a
transfer waiting for more input.
Fixes#17513
Reported-by: denandz on github
Closes#17517
It was previously just ignored, now it triggers an error. It was never
documented (nor intended) to work.
Fixes#17508
Reported-by: Dan Fandrich
Closes#17511
This started out as regression tests for the `curl_ws_recv()` and
`curl_ws_send()` implementation and ended up with a bugfix, additional
protocol validation and minor logging improvements.
- Fix reset of fragmented message decoder state when a PING/PONG is
received in between message fragments.
- Fix undefined behavior (applying zero offset to null pointer) in
curl_ws_send() when the given buffer is NULL.
- Detect invalid overlong PING/PONG/CLOSE frames.
- Detect invalid fragmented PING/PONG/CLOSE frames.
- Detect invalid sequences of fragmented frames.
- a) A continuation frame (0x80...) is received without any ongoing
fragmented message.
- b) A new fragmented message is started (0x81/0x01/0x82/0x02...)
before the ongoing fragmented message has terminated.
- Made logs for invalid opcodes easier to understand.
- Moved noisy logs to the `CURL_TRC_WS` log level.
- Unified the prefixes for WebSocket log messages: `[WS] ...`
- Add env var `CURL_WS_FORCE_ZERO_MASK` in debug builds.
- If set, it forces the bit mask applied to outgoing payloads to
0x00000000, which effectively means the payload is not masked at
all. This drastically simplifies defining the expected `<protocol>`
data in test cases.
- 2700: Frame types
- 2701: Invalid opcode 0x3
- 2702: Invalid opcode 0xB
- 2703: Invalid reserved bit RSV1 _(replaces 2310)_
- 2704: Invalid reserved bit RSV2
- 2705: Invalid reserved bit RSV3
- 2706: Invalid masked server message
- 2707: Peculiar frame sizes _(part. replaces 2311)_
- 2708: Automatic PONG
- 2709: No automatic PONG _(replaces 2312)_
- 2710: Unsolicited PONG
- 2711: Empty PING/PONG/CLOSE
- 2712: Max sized PING/PONG/CLOSE
- 2713: Invalid oversized PING _(replaces 2307)_
- 2714: Invalid oversized PONG
- 2715: Invalid oversized CLOSE
- 2716: Invalid fragmented PING
- 2717: Invalid fragmented PONG
- 2718: Invalid fragmented CLOSE
- 2719: Fragmented messages _(part. replaces 2311)_
- 2720: Fragmented messages with empty fragments
- 2721: Fragmented messages with interleaved pong
- 2722: Invalid fragmented message without initial frame
- 2723: Invalid fragmented message without final frame
- 2305: curl_ws_recv() loop reading three larger frames
- This test involuntarily sent an invalid sequence of opcodes (0x01...,0x01...,0x81...) , but neither libcurl nor the test caught this! The correct sequence was tested in 2311 (0x01...,0x00...,0x80...). See below for 2311.
- Validation of the opcode sequence was added to libcurl and is now tested in 2723.
- Superseded by 2719 (fragmented message) and 2707 (large frames).
- 2307: overlong PING payload
- The tested PING payload length check was actually missing, but the test didn't catch this since it involuntarily sent an invalid opcode (0x19... instead of 0x89...) so that the expected error occurred, but for the wrong reason.
- Superseded by 2713.
- 2310: unknown reserved bit set in frame header
- Superseded by 2703 and extended by 2704 and 2705.
- 2311: curl_ws_recv() read fragmented message
- Superseded by 2719 (fragmented message) and 2707 (large frames).
- 2312: WebSockets no auto ping
- Superseded by 2709.
- No tests for `CURLOPT_WRITEFUNCTION`.
- No tests for sending of invalid frames/fragments.
Closes#17136
Fix all lookups of the port a server is using by
- unlinking the portfile before the start
- waiting `timeout` seconds for the port file to exist
and contain a positive number
- check results and fail server start when port could
not be determined
Closes#17516
The test had `Closing connection 0` in its expectations, but a stripfile
expression that removes such lines. No recent changes, but started failing
this morning.
Too little coffee for me? Or what triggered this?
Closes#17515
- test1510: it was marked flaky, then disabled. Keep the flaky flag
and allow it to run again.
Ref: ef02da3156
Ref: 0110cced2a
- GHA/linux: extend information about the heimdal valgrind failures.
- GHA/macos: unignore 2037 2041 in torture tests. They no longer
appear flaky.
Follow-up to 4b791dca37#14667Closes#17462
Instead of curl.haxx.se
Also widen the .gitignore for libtest, since it missed libtest751,
so ignore three digit tests that start with 5-9 instead of just 5-6.
Closes#17502
It did not parse them correctly. Problem never shows before we don't run
torture tests with these functions - yet.
Seen when enabling torture tests with the threaded resolver.
Closes#17503
If there were two tests using the "https-mtls" server there was a perl
unbound variable error, since certfile wan't set. Additionally, once the
responsiveserver function was actually called, it failed finding a
responsiveness function. For now I made it use the `verifypid` function,
since the curl execution in `verifyhttp` doesn't know about client
certificates.
Closes#17493
When ftp_done() is called to terminate the transfer, it needs to tear
down any open SECONDARY filter chain. The condition on when to do that
was relying on there to be a valid socket. This is not sufficient as the
socket is only set *after* happy eyeballing has decided on one.
Instead of checking for a valid conn->sock, check if any connection
filter is installed.
Fixes#17482
Reported-by: Rasmus Melchior Jacobsen
Closes#17491
When running under load, a started server may not produce a valid portfile
before the runner starts reading it. If the read is not successful, wait
for 100ms and try again, timing out after 15 seconds.
Fixes#17492Closes#17495
With a dash, using two Ls. Also for different forms of the word.
Use NULL in all uppercase if it means a zero pointer.
Follow-up to 307b7543eaCloses#17489
Early data was reported as being sent, but was not. While everything was
aligned with the Gods and early data was reported as accepted, the
actual sending required another call to wolfSSL.
Fixes#17481
Reported-by: Ethan Everett
Closes#17488
Because by checking for NULL when the argument can never be NULL, they
mislead the static analyzers into thinking it *can* be NULL and then the
analyzers tend to warn about other places in the code *without* the
check!
Closes#17483
After Gmail called out the typo I fixed on
532d89a866, I've decided to paste the
whole man page into Google docs and check what other issues it would
spot.
I know, it sounds silly, but I've just spent the last hour and a half
going over each one of them and fixing everything which was a true
finding and non-controversial.
Closes#17480
It broke cmake builds with OpenSSL 3.5.0 and ngtcp2 1.12.0 or newer,
when detected via `pkg-config`.
For brotli, mbedtls, LDAP, ngtcp2 builds, it caused their version
numbers missing from the configure log when detected via `pkg-config`.
Regression from 01e45f81bd#16980
Regression from 3b501976a9#16479
Bug: https://github.com/curl/curl/pull/16980#issuecomment-2916811388
Reported-by: x-xiang on github
Closes#17476
In an attempt to make them easier to find.
The man pages runtests.md and testcurl.md are in /docs
The rest of the test documentation is in /docs/tests
Closes#17463
When inspecting a possible follow HTTP request, the result of a rewind
of the upload data was ignored as it was not clear at that point in time
if the request would become a GET.
This initiated the followup, rewound again, which failed again and
terminated the follow up.
This was confusing to users as it was not clear of the follow up was
done or not.
Fix: fail the early rewind when the request is not converted to GET.
Fixes#17472Closes#17474
Reported-by: Jeroen Ooms
Due to someone being stupid, the resizing of the multi's transfer
table was actually shrinking it. Oh my.
Add test751 to reproduce, add code assertion.
Fixes#17473
Reported-by: Jeroen Ooms
Closes#17475
- add dedicated option functions for bools/none/strings
- simplify clearing (some) arguments, use '*' instead of ' '
- scripts/top-complexity: remove getparameter from whitelist
- handle --help separately
- getstr and getstrn do not allow a NULL input
- improve the ;auto check, it needs to be trailing
- add toggle bit helper function
- unify an error message for bad --no- use
- introduce generic handling of deprecated options: ARG_DEPR
- handle --no- prefix on more booleans:
--cert-status
--doh-cert-status
--false-start
--mptcp
--ssl-no-revoke
--ssl-revoke-best-effort
--tcp-fastopen
Closes#17448
This release fixes a small issue with the retry strategy:
* Increase number of retries to 5 (32 sec total time), fixing the
problem with misleading output. Previously, it was showing a higher
number of retries than what would be done and it always did only 3.
Closes#17461
7bf576064c moved local_ip6 from the parameter list to the actual
implementation of Curl_async_ares_set_dns_local_ip6. The no-op code for
!( defined(HAVE_CARES_SET_LOCAL) && defined(USE_IPV6) ) still had an
reference which is removed by this change.
Closes#17450
When TYPE was skipped for an immediate STORE command and the server
replied fast and the EPRT data connection was not ready, the transfer
was not initated, leading to no upload.
Fixes#17394Closes#17428
Reported-by: JoelAtWisetech on github
