After this patch LDAPS is disabled by default when LDAP is manually
disabled.
This makes it unnecessary to disable them in sync manually just to avoid
a `CMakeLists.txt` warning.
Syncs behavior with `./configure`.
Closes#14758
It could previously be set with configure/cmake and used in rare cases
for reading randomness: with ancient mbedTLS or rustls without
arc4random.
We now get randomness in this order:
1. The TLS library's way to provide random
2. On Windows: Curl_win32_random
3. if arc4random exists, use that
4. weak non-crytographically strong pseudo-random
Closes#14749
Normally, when a connection's filters have all connected, the
multiplex status is determined. However, HTTP/2 Upgrade:
requests will only do this when the first server response
has been received.
The current connection reuse mechanism does not accomodate
that and when the time between connect and response is large
enough, connection reuse may not happen as desired.
See test case 2405 failures, such as in
https://github.com/curl/curl/actions/runs/10629497461/job/29467166451
Add 'conn->bits.asks_multiplex' as indicator that a connection is
still being evaluated for mulitplexing, so that new transfers
may wait on this to be cleared.
Closes#14739
The symbols have not been in use for 17+ years and they did not do
anything for several years before that, but apparently there are still
code using them.
Follow-up to 3b057d4b7aFixes#14747
Reported-by: Kai Pastor
Closes#14748
Existing C macro lacked build-level counterparts.
Add them in this patch.
- cmake: `-DCURL_DISABLE_SHA512_256=ON`
- autotools: `--disable-sha512-256`
Also drop the checker exception from `test1165.pl`.
Follow-up to cbe41d151d#12897Closes#14753
Also fix issues:
- cmake: fix `CURL_DISABLE_HTTP_AUTH` option
- cmake: fix `CURL_DISABLE_SHUFFLE_DNS` option
Fixes:
```
Present in CMakeLists.txt, not propagated via curl_config.h.cmake: CURL_DISABLE_HTTP_AUTH
Present in CMakeLists.txt, not propagated via curl_config.h.cmake: CURL_DISABLE_SHUFFLE_DNS
```
Ref: https://github.com/curl/curl/actions/runs/10655027540/job/29532054141?pr=14754#step:11:2090Closes#14754
Bring the option name style in sync with cmake and with other configure
options aiming to enable something unrelated to an optional package.
(I initially named this new option `--with-windows-unicode` within this
release cycle.)
Follow-up to 9e4a2187e7#14478Closes#14746
For recently added/updated options:
windows-unicode, winidn, apple-idn
It looks like the second `AS_HELP_STRING()` must start in the first
column, otherwise its indentation will appear in the `--help` output,
and break unalignment with the rest.
(There must be a better way to tackle this.)
- disable RTSP, ALTSVC, HSTS when HTTP is disabled.
(`./configure` warning deemed unnecessary and not replicated with
cmake.)
- disable HSTS when there is no TLS backend.
Tested via #14744Closes#14745
`./configure` allows `--random-file=no`. Allow this with CMake too,
using `-DRANDOM_FILE=OFF` (other boolean values work too: no, false, 0,
case insensitive.)
Also disable `RANDOM_FILE` detection for Windows.
Closes#14743
For cross-builds rely on `_POSIX_C_SOURCE` to decide if `poll()` is
supported, rather than just assuming it isn't.
This may still miss to detect `poll()` support, as seen for example with
Linux MUSL cross-builds.
Also:
- GHA/curl-for-win: enable RISC-V 64 cross-target for Linux MUSL.
(to test this case with cmake, with a false-negative.)
The first RISC-V 64 build in curl's CI.
- GHA/curl-for-win: add arm64/intel64 job for Linux glibc.
(to test this case with cmake, and succeed.)
- cmake: delete unnecessary `#include <sys/time.h>` from non-cross-build
`poll()` detection snippet.
Follow-up tp cc8b813765#14718Fixes#14714Closes#14734
Some POP3 commands are multi-line, e.g. have responses terminated by a
last line with '.', but some are not. Define the known command
properties and fix response handling.
Add test case for STAT.
Fixes#14677
Reported-by: ralfjunker on github
Closes#14707
Before this patch the targe OS was used, which prevented building
libcurl manpages in larger batches in cross-builds targeting e.g.
Windows.
Update the condition to use `CMAKE_HOST_UNIX` instead of `UNIX`.
This variable has been available since CMake 2.6.0:
176fe63d15
Follow-up to bb84f82476#13207Closes#14733
When a markdown quoted section using 4-space indentation was converted
to nroff, managen previously caused a newline to appear after the
leading .nf. This fix makes sure that newline is inserted *before* .nf
as intended.
This is perhaps most notable in the HTML version of rendered manpages if
the quoted sections use different colors or similar.
Closes#14732
All sections defined with the mode="text" attribute now get line endings
normalized so that comparisons become line ending agnostic. Removes the
previous problem of figuring out how exactly different Windows
environments should be treated in this regard.
Closes#14717
Previously this functionality was limited to platforms that not already
use CRLF as native line endings.
TODO: 4.5 ASCII support now considered fixed
Closes#14717
Extended the test format and runtest.pl so that the verify/upload part
can be marked using crlf newlines even when the client/file does not
have it.
Closes#14717
Drop Apple-specific detection logic for `poll()`. This detection snippet
has been disabled for Apple in both configure and cmake, for `poll()`
being broken on Apple since 10.12 Sierra (2016).
Also replace `exit(1);` with `return 1;` in configure, to make the
snippets match.
Added in 9297ca49f5#1057 (2016-10-11).
Disabled for:
configure/darwin in a34c7ce754 (2016-10-18)
cmake/macOS in 825911be58#7619
cmake/iOS in d14831233d#8244
cmake/all Apple in a86254b393#12515Closes#14718
When a OpenSSL quic connection filter is aborted early, as the
server was not responding, the ssl instances where not closed
as they should.
Fixes#14720
Reported-by: ralfjunker on github
Closes#14724
Turns out `gnutls_record_send()` does really what the name says: it
sends exactly one TLS record. If more than 16k are there to send, it
needs to be called again with new buffer offset and length.
Continue sending record until the input is all sent or a EAGAIN (or
fatal error) is returned by gnutls.
Closes#14722
Since the introduction of client writers, we check the body length in
the PROTOCOL phase and do FTP lineend conversions laster in the
CONTENT_DECODING phase. This means we no longer need to count the
conversions for length checks.
Closes#14709
Update the script for test 1013 and 1014 to require:
- case-sensitive match for the curl feature list.
(Continue to allow case-difference for protocols. They've always been
in uppercase within curl config.)
- matching order for the protocol list.
(Continue to allow any order for features. autotools builds on
platforms without `sort -f` need it. E.g. Old Linux CI)
Also:
- fix casing of the `gsasl` feature in `configure`, to match `curl -V`
and cmake.
- delete obsolete comment.
Closes#14706
Starting today vcpkg wants to rebuild GnuTLS but fails:
```
error: building shiftmedia-libgnutls:x64-windows failed with: BUILD_FAILED
```
Ref: https://github.com/curl/curl/actions/runs/10594890318/job/29359499149#step:5:144
Temporary solution:
- drop it from the MultiSSL job.
- replace with mbedTLS job. This job still tests libssh and I could
not find a better place for it right away.
GnuTLS to be restored once it builds again. Possibly when this hash
reaches the GHA `windows-latest` runner:
f5ec6f30ff
Also:
- switch to Debug for the mbedTLS job. Should also work now with
GnuTLS, once it's back:
Ref: https://github.com/microsoft/vcpkg/pull/40473Closes#14710
Adds test cases to check that plain http: with HTTP/2 works
via 'Upgrade: h2c' or --http2-prior-knowledge'.
Also added tests to check connection reused in these situations.
Closes#14694
Update IP related information at the connection and the transfer in two
places only: once the filter chain connects and when a transfer is added
to a connection. The latter only updates on reuse when the filters
already are connected.
The only user of that information before a full connect is the HAProxy
filter. Add cfilter CF_QUERY_IP_INFO query to let it find the
information from the filters "below".
This solves two issues with the previous version:
- updates where often done twice with the same info
- happy eyeballing filter "forks" could overwrite each others
updates before the full winner was determined.
Closes#14699
When we downloaded all we wanted, and we did not want a response body,
and no Trailer: has been announced, and the receive gives EAGAIN, do not
hang around unnecessarily.
Some servers are buggy in HEAD processing and fail to send the HTTP/2
EOS. Since we do not need any more data, end the request right there.
This will cause us to send a RST_STREAM to the server.
Fixes#14670
Reported-by: Gruber Glass
Closes#14685
This is a better match for what they do and the general "cpool"
var/function prefix works well.
The pool now handles very long hostnames correctly.
The following changes have been made:
* 'struct connectdata', e.g. connections, keep new members
named `destination` and ' destination_len' that fully specifies
interface+port+hostname of where the connection is going to.
This is used in the pool for "bundling" of connections with
the same destination. There is no limit on the length any more.
* Locking: all locks are done inside conncache.c when calling
into the pool and released on return. This eliminates hazards
of the callers keeping track.
* 'struct connectbundle' is now internal to the pool. It is no
longer referenced by a connection.
* 'bundle->multiuse' no longer exists. HTTP/2 and 3 and TLS filters
no longer need to set it. Instead, the multi checks on leaving
MSTATE_CONNECT or MSTATE_CONNECTING if the connection is now
multiplexed and new, e.g. not conn->bits.reuse. In that case
the processing of pending handles is triggered.
* The pool's init is provided with a callback to invoke on all
connections being discarded. This allows the cleanups in
`Curl_disconnect` to run, wherever it is decided to retire
a connection.
* Several pool operations can now be fully done with one call.
Pruning dead connections, upkeep and checks on pool limits
can now directly discard connections and need no longer return
those to the caller for doing that (as we have now the callback
described above).
* Finding a connection for reuse is now done via `Curl_cpool_find()`
and the caller provides callbacks to evaluate the connection
candidates.
* The 'Curl_cpool_check_limits()' now directly uses the max values
that may be set in the transfer's multi. No need to pass them
around. Curl_multi_max_host_connections() and
Curl_multi_max_total_connections() are gone.
* Add method 'Curl_node_llist()' to get the llist a node is in.
Used in cpool to verify connection are indeed in the list (or
not in any list) as they need to.
I left the conncache.[ch] as is for now and also did not touch the
documentation. If we update that outside the feature window, we can
do this in a separate PR.
Multi-thread safety is not achieved by this PR, but since more details
on how pools operate are now "internal" it is a better starting
point to go for this in the future.
Closes#14662
- GHA/macos: set timeout for test runs.
Double the value for autotools to fit torture tests.
- GHA/cygwin: reduce test run timeout for autotools.
- GHA/cygwin: enable building tests with cmake.
- GHA/windows: enable building tests with MSYS cmake.
- GHA/windows: enable building tests with MSVC UWP.
- appveyor: enable building tests with VS2008 x86 and VS2010 x64.
- tests: add workaround compiler warnings when building with VS2010:
```
tests\server\util.c(482): warning C4306: 'type cast' : conversion from 'int' to 'void (__cdecl *)(int)' of greater size
tests\server\util.c(486): warning C4306: 'type cast' : conversion from 'int' to 'void (__cdecl *)(int)' of greater size
tests\server\util.c(490): warning C4306: 'type cast' : conversion from 'int' to 'void (__cdecl *)(int)' of greater size
tests\server\util.c(720): warning C4306: 'type cast' : conversion from 'int' to 'void (__cdecl *)(int)' of greater size
tests\server\util.c(726): warning C4306: 'type cast' : conversion from 'int' to 'void (__cdecl *)(int)' of greater size
tests\server\util.c(732): warning C4306: 'type cast' : conversion from 'int' to 'void (__cdecl *)(int)' of greater size
tests\server\util.c(781): warning C4306: 'type cast' : conversion from 'int' to 'void (__cdecl *)(int)' of greater size
tests\server\util.c(785): warning C4306: 'type cast' : conversion from 'int' to 'void (__cdecl *)(int)' of greater size
tests\server\util.c(789): warning C4306: 'type cast' : conversion from 'int' to 'void (__cdecl *)(int)' of greater size
```
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/50485633/job/4ujlwxod3cexmn2q#L1535
With this, tests are built in all GHA cygwin/windows jobs.
Timeouts avoid long runs with runaway issues, example:
https://github.com/curl/curl/actions/runs/10575522173Closes#14700
1. GHA/windows: enable WinIDN in Linux cross-builds.
(to reveal the issue in CI.)
2. fix compiler warning when building with mingw-w64 supporting
WinIDN, while targeting pre-Vista Windows, with a `WINVER` set to
target Vista or newer. (Such was Ubuntu's mingw-w64 with the
classic-mingw-specific trick in point 3 of this PR.)
```
../../lib/idn.c:154:23: error: redundant redeclaration of ‘IdnToAscii’ [-Werror=redundant-decls]
154 | WINBASEAPI int WINAPI IdnToAscii(DWORD dwFlags,
| ^~~~~~~~~~
In file included from /usr/share/mingw-w64/include/windows.h:73,
from /usr/share/mingw-w64/include/winsock2.h:23,
from ../../lib/setup-win32.h:91,
from ../../lib/curl_setup.h:308,
from ../../lib/idn.c:29:
/usr/share/mingw-w64/include/winnls.h:1075:30: note: previous declaration of ‘IdnToAscii’ was here
1075 | WINNORMALIZEAPI int WINAPI IdnToAscii (DWORD dwFlags, LPCWSTR lpUnicodeCharStr, int cchUnicodeChar, LPWSTR lpASCIICharStr, int cchASCIIChar);
| ^~~~~~~~~~
[...same for IdnToUnicode...]
```
Ref: https://github.com/curl/curl/actions/runs/10542832783/job/29210098553#step:7:89
3. drop `WINVER` override for classic-mingw. curl no longer supports
building with classic-mingw.
Reverts 37f1c21cb9#7581
4. sync `if IdnToUnicode can be linked` detection snippet with the live
code in `lib/idn.c`. It fixes detection for the scenario in point 2.
5. delete unused `WINIDN_DIR` variable.
Bug: https://github.com/curl/curl/pull/12606#issuecomment-1885381038
Previous abandoned attempt: #12684
Reviewed-by: Jay Satiro
Closes#14680
