- circleci: pipe to tar.
- use long options uniformly.
- sync option order.
- set timeout where missing.
- set retry where missing.
- set `--retry-connrefused` where missing.
- set `--disable` where missing.
- lower 999s timeouts to 120s.
Closes#17851
It could previously cause a memory-leak when the cleanup was not
performed because it was not set.
Reported-by: albrechtd on github
Fixes#17819Closes#17837
This was spotted by Debian's lintian tool. It adds an informational
warning at every run, so my OCD was kicking in and I had to fix it :-)
Closes#17787
Replace the old Curl_ssl_get_internals() with a new connection filter
query to retrieve the information. Implement that filter query for TCP
and QUIC TLS filter types.
Add tests in client tls_session_reuse to use the info option and check
that pointers are returned.
Reported-by: Larry Campbell
Fixes#17801Closes#17809
This test makes sure that a number of internal and public structs are
within their maximum allowed size limits.
The public structs can only grow in controlled ways, while the internal
ones may be allowed to grow if deemed right.
The idea here is to control, to know and make sure all important struct
growth is intentional.
Closes#17823
Fixing:
- a raw `free()` in ECH code that's malloced in lib code, causing
an invalid free, also reported by valgrind (in non-unity builds).
And in unity builds adjusted to behave like non-unity via #17827:
Ref: https://github.com/curl/curl/actions/runs/16093372427/job/45421778472?pr=17827#step:39:3321
- a local pair of `malloc()`/`free()` to use curl's memory allocators,
and participate in memory tracking when enabled.
Cherry-picked from #17827Closes#17830
- simplify gathering header directories and compiler definitions
recursively.
- handle the case when the cmake directory object doesn't define header
directories or compiler definitions.
- honor more corners cases:
- `INTERFACE_INCLUDE_DIRECTORIES` of the initial target.
- handle no header directory for initial target.
- de-duplicate header directories and compiler redefinitions to mimic
CMake.
- drop unnecessary `unset()`s.
Note that the order of header directories remains different compared to
how CMake passes them to the compiler when building tests. The order is
already different in the test target `INCLUDE_DIRECTORIES` property,
preventing to reproduce the exact CMake order. The distinction between
`-I` and `-isystem` is also missing from target properties.
Cherry-picked from #17768Closes#17814
- hostip: fix unused variable with `CURL_DISABLE_SHUFFLE_DNS`
```
lib/hostip.c: In function 'Curl_dnscache_mk_entry':
lib/hostip.c:490:42: warning: unused parameter 'data' [-Wunused-parameter]
490 | Curl_dnscache_mk_entry(struct Curl_easy *data,
| ~~~~~~~~~~~~~~~~~~^~~~
```
- setopt: fix unused function with `CURL_DISABLE_HTTP`
```
lib/setopt.c:214:17: warning: 'httpauth' defined but not used [-Wunused-function]
214 | static CURLcode httpauth(struct Curl_easy *data, bool proxy,
| ^~~~~~~~
```
- url: fix unused function with `CURL_DISABLE_NETRC`
```
lib/url.c:2760:13: warning: 'str_has_ctrl' defined but not used [-Wunused-function]
2760 | static bool str_has_ctrl(const char *input)
| ^~~~~~~~~~~~
```
Seen with a minimal curl-for-win build:
```
CW_CONFIG=dev-x64-zero-osnotls-osnoidn-nohttp-nocurltool-linux-unity
```
Closes#17818
Callback and data set via CURLOPT_CLOSESOCKETFUNCTION and
CURLOPT_CLOSESOCKETDATA may get used after the easy handle has been
cleaned up. Inform about that.
Closes#17816
Commit f2ce6c46 among other things added the use of own library context
instead of the default context. Default context has access to OpenSSL
configuration file, own context doesn't have it.
Therefore if a pkcs11 provider is loaded via config file, the function
OSSL_PROVIDER_available() incorrectly detects the provider as
unavailable.
Fix this by loading the OpenSSL config to the library context according
to OpenSSL documentation:
"OSSL_LIB_CTX_load_config() loads a configuration file using the given
ctx. This can be used to associate a library context with providers that
are loaded from a configuration."
Moreover use the provider_loaded flag instead of provider pointer to
determine if a provider is available, as the latter is not set when the
provider is loaded from a configuration.
Closes#17804
Fix `curl_add_clang_tidy_test_target` generating an invalid option for
`clang-tidy` if the tested target has no custom macro definition.
Current build doesn't hit this case, but a pending PR does.
Fixing:
```
[...] -Ilib -Itests/client -DCURL_HIDDEN_SYMBOLS -DHAVE_CONFIG_H -D_definitions_t-NOTFOUND
```
error: ISO C99 requires whitespace after the macro name [clang-diagnostic-c99-extensions,-warnings-as-errors]
Cherry-picked from #17768Closes#17813
To make `ninja units-clang-tidy` target work without manually building
core components first.
Also rename the clang-tidy test target generator macro to align its name
with the built-in `add_custom_target()` function.
Follow-up to c9bb9cd165#17750Closes#17810
When processing `--cflags` received from `krb5-config` for `gssapi`:
- fix to not break on multiple `-I` options. Before this patch only
the first `-I` option was processed as a header directory, subsequent
ones ended up in C flags as a raw directory, without the `-I` arg.
Follow-up to 558814e16d
- fix to not duplicate C flags.
Regression from 146759716c#14430
- drop local variable `_val` by re-using `_flag`.
- tidy up comments.
Ref: https://github.com/curl/curl/issues/17802#issuecomment-3029455984Closes#17805
It became flaky today, possible due to an upstream issue. Drop this CI job
also because VS2008 is going to be deprecated soon.
Example:
```
1>------ Build started: Project: curlu, Configuration: Debug Win32 ------
1>Compiling...
1>Project : error PRJ0003 : Error spawning 'cl.exe'.
1>Build log was saved at "file://c:\projects\curl\_bld\lib\curlu.dir\Debug\BuildLog.htm"
1>curlu - 1 error(s), 0 warning(s)
[...]
8>Linking...
8>LINK : fatal error LNK1104: cannot open file '..\..\lib\Debug\curlu-d.lib'
8>Build log was saved at "file://c:\projects\curl\_bld\tests\unit\units.dir\Debug\BuildLog.htm"
8>Test units - 1 error(s), 0 warning(s)
[...]
========== Build: 7 succeeded, 2 failed, 5 up-to-date, 0 skipped ==========
[...]
Command exited with code 1
```
Other times with no visible error all:
```
========== Build: 9 succeeded, 0 failed, 5 up-to-date, 0 skipped ==========
[...]
Command exited with code 1
```
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/52330703/job/ooqxq0b8ftbsv640#L413
Follow-up to 8c9a9b87c2#17725
Follow-up to 63e513b106#17380Closes#17798
... since the tests check for the feature using this name, we
accidentally had lots tests not run because this provided the
`digest-auth` feature that was not checked for.
Closes#17786
Replace the `libstubgss.so`-based overload solution with one built into
libcurl at compile-time.
The previous, `LD_PRELOAD`-based, solution was non-portable, allowlisted
for Linux, BSD and Solaris. It also required non-debug builds, which
turned out to be an accidental condition:
7d342c723c. It also required a curl tool
built against a shared libcurl. Detecting this condition wasn't always
accurate, e.g. with certain cmake configurations.
The overload solution also didn't work on macOS, though it theoretically
should have:
- #17653
- #2394
Experiments on making the overload solution work in more envs:
- #17759
That revealed that it also did not work on NetBSD, in CI.
The replacement solution is overloading the necessary GSS-API functions
for test 2056 and 2057 at compile time. It requires a debug-enabled curl
build (due to its insecure nature).
This makes these tests run on all platforms. Including most GSS jobs in
CI, that are running tests. (the exception is old-linux, non-debug jobs,
where it felt overkill to enable debug for this.)
The refactored GSS stub code needs to overload less than before because
it's free to use the official GSS API. (This didn't work with
the overload solution on Alpine for example). It can also use libcurl
functions, allowing to replace `snprintf()` with `msnprintf()`.
OS/400 is also overloading GSS API functions. I haven't tested how this
works after this PR. In theory it should, because this PR doesn't rely
on preprocessor overrides.
Note that for future GSS tests, it may be necessary to stub these GSS
API functions: `gss_inquire_context()`, `gss_unwrap()`, `gss_wrap()`.
They are on codepaths not (yet) touched by tests.
Also:
- stub-gss: check for token buffer overrun.
- stub-gss: replace size macros with `sizeof()`.
- GHA: enable debug for some jobs with GSS.
- GHA/linux: ignore results for 2056 and 2057 in the valgrind job.
They leak the same way as seen with 2077 and 2078.
Ref: 7020ba7979#17462
Ref: 146759716c#14430
- GHA/linux: fix to ignore `gss_import_name()` leaks in valgrind builds.
only.
- lib/vauth/krb5_gssapi: reduce variable scope.
- lib/vauth/spnego_gssapi: reduce variable scope.
- tests/libtest: drop code and build logic dealing with `libstubgss`.
- runtests:
- drop `ld_preload` feature.
- drop special handling of `LD_PRELOAD` env in tests.
- drop logic dealing with shared curl tool detection.
- drop `LD_PRELOAD` envs from tests.
Follow-up to 56d949d31a#1687Closes#17752
In order to do unit tests for private functions, functions that are
marked UNITTEST but without a global scope in the library, functions
that do not have prototypes in their corresponding header file, unit
tests previously brought their own private prototype *copy* into the
unit test.
This was error-prone when the internal function changes but the change
might be missed in the unit test which then uses an outdated prototype
copy for testing.
This change removes the private prototypes from unit tests and instead
introduces a C file parser that parses the specific C files and extracts
the necessary unit test prototypes into a generated header file for unit
tests to use. This geneated lib/unitprotos.h header is then included by
unit tests that need private prototypes.
Assisted-by: Viktor Szakats
Closes#17750
