-
-
Notifications
You must be signed in to change notification settings - Fork 407
/
CHANGES
9245 lines (5667 loc) · 243 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
_ _ ____ _
___| | | | _ \| |
/ __| | | | |_) | |
| (__| |_| | _ <| |___
\___|\___/|_| \_\_____|
Changelog
Version 8.1.2 (30 May 2023)
Daniel Stenberg (30 May 2023)
- RELEASE-NOTES: synced
8.1.2 release
- THANKS: contributors from 8.1.2
- lib1560: verify more scheme guessing
- on 2nd level domains
- on names without dots
As mentioned in #11161, "imap.com" will be guessed IMAP
Closes #11219
- page-header: minor wording polish in the URL segment
Closes #11217
- page-header: mention curl version and how to figure out current release
Closes #11216
- RELEASE-NOTES: synced
- configure: without pkg-config and no custom path, use -lnghttp2
Reported-by: correctmost on github
Fixes #11186
Closes #11210
Stefan Eissing (28 May 2023)
- curl: cache the --trace-time value for a second
- caches HH:MM:SS computed and reuses it for logging during
the same second.
- common function for plain log line start formatting
Closes #11211
Kev Jackson (28 May 2023)
- libcurl.m4: remove trailing 'dnl' that causes this to break autoconf
Closes #11212
Stefan Eissing (26 May 2023)
- http3: send EOF indicator early as possible
- ngtcp2 and quiche implementations relied on the DONE_SEND event
to forward the EOF for uploads to the libraries. This often
result in a last 0 length EOF data. Tracking the amount of
data left to upload allows EOF indication earlier.
- refs #11205 where CloudFlare DoH servers did not like to
receive the initial upload DATA without EOF and returned
a 400 Bad Request
Reported-by: Sergey Fionov
Fixes #11205
Closes #11207
Daniel Stenberg (26 May 2023)
- scripts/contri*sh: no longer grep -v ' '
Originally these scripts filtered out names that have no space so that
they better avoid nick names not intended for credits. Such names are
not too commonly used, plus we now give credit even to those.
Additionally: non-latin names, like Asian, don't have spaces at all so
they were also filtered out and had to be manually added which made it
an error-prone operation where Asian names eventually easily fell off by
mistake.
Closes #11206
- cf-socket: restore Curl_sock_assign_addr()
Regression since it was not private. Also used by msh3.c
Follow-up to 8e85764b7bd7f05f5
Reported-by: Gisle Vanem
Fixes #11202
Closes #11204
- RELEASE-NOTES: synced
Taken down to 8.1.2 now for pending patch release
- libssh: when keyboard-interactive auth fails, try password
The state machine had a mistake in that it would not carry on to that
next step.
This also adds a verbose output what methods that are available from the
server and renames the macros that change to the next auth methods to
try.
Reported-by: 左潇峰
Fixes #11196
Closes #11197
Emanuele Torre (25 May 2023)
- configure: fix build with arbitrary CC and LD_LIBRARY_PATH
Since ./configure and processes that inherit its environment variables
are the only callers of the run-compiler script, we can just save the
current value of the LD_LIBRARY_PATH and CC variables to another pair of
environment variables, and make run-compiler a static script that
simply restores CC and LD_LIBRARY_PATH to the saved value, and before
running the compiler.
This avoids having to inject the values of the variables in the script,
possibly causing problems if they contains spaces, quotes, and other
special characters.
Also add exports in the script just in case LD_LIBRARY_PATH and CC are
not already in the environment.
follow-up from 471dab2
Closes #11182
Daniel Stenberg (25 May 2023)
- urlapi: remove superfluous host name check
... as it is checked later more proper.
Closes #11195
Stefan Eissing (25 May 2023)
- http2: fix EOF handling on uploads with auth negotiation
- doing a POST with `--digest` does an override on the initial request
with `Content-Length: 0`, but the http2 filter was unaware of that
and expected the originally request body. It did therefore not
send a final DATA frame with EOF flag to the server.
- The fix overrides any initial notion of post size when the `done_send`
event is triggered by the transfer loop, leading to the EOF that
is necessary.
- refs #11194. The fault did not happen in testing, as Apache httpd
never tries to read the request body of the initial request,
sends the 401 reply and closes the stream. The server used in the
reported issue however tried to read the EOF and timed out on the
request.
Reported-by: Aleksander Mazur
Fixes #11194
Cloes #11200
Daniel Stenberg (23 May 2023)
- RELEASE-NOTES: synced
bump to 8.2.0
- lib: remove unused functions, make single-use static
Closes #11174
- scripts/singleuse.pl: add more API calls
Christian Hesse (23 May 2023)
- configure: quote the assignments for run-compiler
Building for multilib failed, as the compiler command contains an
extra argument. That needs quoting.
Regression from b78ca50cb3dda361f9c1
Fixes #11179
Closes #11180
Daniel Stenberg (23 May 2023)
- misc: fix spelling mistakes
Reported-by: musvaage on github
Fixes #11171
Closes #11172
Version 8.1.1 (23 May 2023)
Daniel Stenberg (23 May 2023)
- RELEASE-NOTES: synced
curl 8.1.1
- THANKS: contributors from the 8.1.1 release
Dan Fandrich (22 May 2023)
- docs: fix fuzzing documentation link
Follow-up to 4c712a1b
- CI: add an Alpine build with MUSL
MUSL is another libc implementation which has its own unique issues
worth testing.
Ref: #11140
Closes #11178
- runtests: add a missing \n at the end of a log message
correctmost on github (22 May 2023)
- SECURITY-PROCESS.md: link security advisory doc and fix typo
Closes #11177
Daniel Stenberg (22 May 2023)
- TODO: build curl with Windows Unicode support
Closes #7229
- KNOWN_BUGS: hyper memory-leaks
Closes #10803
Stefan Eissing (22 May 2023)
- http/2: unstick uploads
- refs #11157 and #11175 where uploads get stuck or lead to RST streams
- fixes our h2 send behaviour to continue sending in the nghttp2 session
as long as it wants to. This will empty our send buffer as long as
the remote stream/connection window allows.
- in case the window is exhausted, the data remaining in the send buffer
will wait for a WINDOW_UPDATE from the server. Which is a socket event
that engages our transfer loop again
- the problem in the issue was that we did not exhaust the window, but
left data in the sendbuffer and no further socket events did happen.
The server was just waiting for us to send more.
- relatedly, there was an issue fixed that closing a stream with KEEP_HOLD
set kept the transfer from shutting down - as it should have - leading
to a timeout.
Closes #11176
Daniel Stenberg (21 May 2023)
- workflows/macos: add a job using gcc + debug + secure transport
Jay Satiro (21 May 2023)
- lib: fix conversion warnings with gcc on macOS
Daniel Stenberg (21 May 2023)
- sectransp.c: make the code c89 compatible
Follow-up to dd2bb485521c2ec713001b3a
Reported-by: FeignClaims on github
Fixes #11155
Closes #11159
Emanuele Torre (21 May 2023)
- Revert "urlapi: respect CURLU_ALLOW_SPACE and CURLU_NO_AUTHORITY for redirect
s"
This reverts commit df6c2f7b544f1f35f2a3e0be11f345affeb6fe9c.
(It only keep the test case that checks redirection to an absolute URL
without hostname and CURLU_NO_AUTHORITY).
I originally wanted to make CURLU_ALLOW_SPACE accept spaces in the
hostname only because I thought
curl_url_set(CURLUPART_URL, CURLU_ALLOW_SPACE) was already accepting
them, and they were only not being accepted in the hostname when
curl_url_set(CURLUPART_URL) was used for a redirection.
That is not actually the case, urlapi never accepted hostnames with
spaces, and a hostname with a space in it never makes sense.
I probably misread the output of my original test when I they were
normally accepted when using CURLU_ALLOW_SPACE, and not redirecting.
Some other URL parsers seems to allow space in the host part of the URL,
e.g. both python3's urllib.parse module, and Chromium's javascript URL
object allow spaces (chromium percent escapes the spaces with %20),
(they also both ignore TABs, and other whitespace characters), but those
URLs with spaces in the hostname are useless, neither python3's requests
module nor Chromium's window.location can actually use them.
There is no reason to add support for URLs with spaces in the host,
since it was not a inconsistency bug; let's revert that patch before it
makes it into release. Sorry about that.
I also reverted the extra check for CURLU_NO_AUTHORITY since that does
not seem to be necessary, CURLU_NO_AUTHORITY already worked for
redirects.
Closes #11169
Dan Fandrich (20 May 2023)
- runtests: use the correct fd after select
The code was using the wrong fd when determining which runner was ready
with a response.
Ref: #10818
Closes #11160
- test425: fix the log directory for the upload
This must be %LOGDIR to let it work with parallel tests.
Ref: #10969
- runtests: handle interrupted reads from IPC pipes
These can be interrupted by signals, especially SIGINT to shut down, and
must be restarted so the IPC call arrives correctly. If the read just
returns an error instead, the IPC calling state will go out of sync and
a proper shutdown won't happen.
Ref: #10818
Stefan Eissing (20 May 2023)
- http2: upload improvements
Make send buffer smaller to have progress and "upload done" reporting
closer to reality. Fix handling of send "drain" condition to no longer
trigger once the transfer loop reports it is done sending. Also do not
trigger the send "drain" on RST streams.
Background:
- a upload stall was reported in #11157 that timed out
- test_07_33a reproduces a problem with such a stall if the
server 404s the request and RSTs the stream.
- test_07_33b verifies a successful PUT, using the parameters
from #11157 and checks success
Ref: #11157
Closes #11165
- http2: increase stream window size to 10 MB
Reported-by: pandada8 on github
Fixes #11162
Closes #11167
Daniel Stenberg (20 May 2023)
- lib: rename struct 'http_req' to 'httpreq'
Because FreeBSD 14 kidnapped the name.
Ref: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271526
Fixes #11163
Closes #11164
Viktor Szakats (20 May 2023)
- cmake: avoid `list(PREPEND)` for compatibility
`list(PREPEND)` requires CMake v3.15, our minimum is v3.7.
Ref: https://cmake.org/cmake/help/latest/command/list.html#prepend
Regression from 1e3319a167d2f32d295603167486e9e88af9bb4e
Reported-by: Keitagit-kun on Github
Fixes #11141
Closes #11144
Daniel Stenberg (19 May 2023)
- RELEASE-NOTES: synced
Stefan Eissing (19 May 2023)
- ngtcp2: proper handling of uint64_t when adjusting send buffer
Fixes #11149
Closes #11153
- ngtcp2: fix compiler warning about possible null-deref
- compiler analyzer did not include the call context for this
static function where the condition had already been checked.
- eleminating the problem by making stream a call parameter
Fixes #11147
Closes #11151
Emanuele Torre (19 May 2023)
- docs: document that curl_url_cleanup(NULL) is a safe no-op
This has always been the case, but it was not documented.
The paragraph was copied verbatim from curl_easy_cleanup.3
Closes #11150
Antoine Pitrou (19 May 2023)
- select: avoid returning an error on EINTR from select() or poll()
This was already done for the poll() and select() calls
made directly from Curl_poll(), but was missed in
Curl_wait_ms(), which is called when there are no fds
to wait on.
Fixes #11135
Closes #11143
Daniel Stenberg (19 May 2023)
- vquic.c: make recvfrom_packets static, avoid compiler warning
warning: no previous prototype for 'recvfrom_packets'
Reported-by: Keitagit-kun on github
Fixes #11146
Closes #11148
- urlapi: allow numerical parts in the host name
It can only be an IPv4 address if all parts are all digits and no more than
four parts, otherwise it is a host name. Even slightly wrong IPv4 will now be
passed through as a host name.
Regression from 17a15d88467 shipped in 8.1.0
Extended test 1560 accordingly.
Reported-by: Pavel Kalyugin
Fixes #11129
Closes #11131
Emilio Cobos Álvarez (19 May 2023)
- http2: double http request parser max line length
This works around #11138, by doubling the limit, and should be a
relatively safe fix.
Ideally the buffer would grow as needed and there would be no need for a
limit? But that might be follow-up material.
Fixes #11138
Closes #11139
Emanuele Torre (18 May 2023)
- configure: fix --help alignment
AC_ARG_ENABLE seems to only trim off whitespace from the start and end
of its help-string argument, while prepending two spaces of indentation
to all lines.
This means that the two spaces of indentation between the --enable-rtsp
and the --disable-rtsp line were not removed causing ./configure --help
to print:
Optional Features:
[...]
--enable-rtsp Enable RTSP support
--disable-rtsp Disable RTSP support
I removed the indentation to fix the issue, now it prints:
Optional Features:
[...]
--enable-rtsp Enable RTSP support
--disable-rtsp Disable RTSP support
The --enable-hsts and --disable-hsts lines had the same problems, and
have been fixed too.
Closes #11142
Deal(一线灵) (18 May 2023)
- cmake: repair cross compiling
It cannot *run* code for testing purposes when cross-compiling.
Closes #11130
Daniel Stenberg (18 May 2023)
- configure: generate a script to run the compiler
in the CURL_RUN_IFELSE macro, with LD_LIBRARY_PATH set to the value of
the configure invoke, and not the value that might be used later,
intended for the execution of the output the compiler ouputs.
For example when the compiler uses the same library (like libz) that
configure checks for.
Reported-by: Jonas Bülow
Fixes #11114
Closes #11120
Stefan Eissing (18 May 2023)
- cf-socket: completely remove the disabled USE_RECV_BEFORE_SEND_WORKAROUND
Closes #11118
Emanuele Torre (18 May 2023)
- urlapi: respect CURLU_ALLOW_SPACE and CURLU_NO_AUTHORITY for redirects
curl_url_set(uh, CURLUPART_URL, redirurl, flags) was not respecing
CURLU_ALLOW_SPACE and CURLU_NO_AUTHORITY in the host part of redirurl
when redirecting to an absolute URL.
Closes #11136
Colin Cross (18 May 2023)
- hostip: move easy_lock.h include above curl_memory.h
Similar to #9561, move easy_lock.h above curl_memory.h to fix building
against musl libc.
Closes #11140
Hind Montassif (18 May 2023)
- curl_easy_getinfo: clarify on return data types
Closes #11126
Emanuele Torre (18 May 2023)
- checksrc: disallow spaces before labels
Out of 415 labels throughout the code base, 86 of those labels were
not at the start of the line. Which means labels always at the start of
the line is the favoured style overall with 329 instances.
Out of the 86 labels not at the start of the line:
* 75 were indented with the same indentation level of the following line
* 8 were indented with exactly one space
* 2 were indented with one fewer indentation level then the following
line
* 1 was indented with the indentation level of the following line minus
three space (probably unintentional)
Co-Authored-By: Viktor Szakats
Closes #11134
Daniel Stenberg (18 May 2023)
- cookie: update the comment on cookie length and size limits
To refer to the proper cookie RFC and the upcoming RFC refresh.
Closes #11127
- url: provide better error message when URLs fail to parse
By providing the URL API error message into the error message.
Ref: #11129
Closes #11137
- RELEASE-NOTES: synced
bumped to 8.1.1
Jon Rumsey (18 May 2023)
- os400: update chkstrings.c
Compensate changes for recent changes to urldata.h to reclassify
STRING_AWS_SIGV4.
Fixes #11132
Closes #11133
Version 8.1.0 (17 May 2023)
Daniel Stenberg (17 May 2023)
- RELEASE-NOTES: synced
- THANKS: contributors from the 8.1.0 release
- hostip: include easy_lock.h before using GLOBAL_INIT_IS_THREADSAFE
Since that header file is the only place that define can be defined.
Reported-by: Marc Deslauriers
Follow-up to 13718030ad4b3209
Closes #11121
Thomas Taylor (16 May 2023)
- aws-sigv4.d: fix region identifier in example
Closes #11117
Philip Heiduck (15 May 2023)
- mlc_config.json: remove this linkcheck CI job config file
Closes #11113
Daniel Silverstone (15 May 2023)
- ssh: Add support for libssh2 read timeout
Hook the new (1.11.0 or newer) libssh2 support for setting a read timeout
into the SERVER_RESPONSE_TIMEOUT option. With this done, clients can use
the standard curl response timeout setting to also control the time that
libssh2 will wait for packets from a slow server. This is necessary to
enable use of very slow SFTP servers.
Signed-off-by: Daniel Silverstone <daniel.silverstone@codethink.co.uk>
Closes #10965
Osama Albahrani (14 May 2023)
- GIT-INFO: add --with-openssl
Closes #11110
Daniel Stenberg (13 May 2023)
- RELEASE-NOTES: synced
Marcel Raad (13 May 2023)
- md(4|5): don't use deprecated iOS functions
They are marked as deprecated in iOS 13.0, which might result in
warnings-as-errors.
Also, use `*_MIN_REQUIRED` instead of `*_MIN_ALLOWED`, which seems to
be what's currently used.
Bug: https://github.com/curl/curl/issues/11098
Closes https://github.com/curl/curl/pull/11102
- md4: only build when used
Its only usage in curl_ntlm_core.c is guarded by `USE_CURL_NTLM_CORE`,
so let's use this here too.
Ref: https://github.com/curl/curl/issues/11098
Closes https://github.com/curl/curl/pull/11102
Vítor Galvão (12 May 2023)
- write-out.d: Use response_code in example
Closes #11107
Shohei Maeda (12 May 2023)
- url: fix null dispname for --connect-to option
Closes #11106
Daniel Stenberg (12 May 2023)
- test2306: verify getting a second response with folded headers
Reproduces the isue #11101 and verifies the fix.
Verifies a17b2a503f
- headers: clear (possibly) lingering pointer in init
The "prevhead" pointer is used for the headers storage but was not
cleared correctly in init, which made it possible to act up when a
handle is reused.
Reported-by: Steve Herrell
Fixes #11101
Closes #11103
- RELEASE-NOTES: synced
- ngtcp2: use 0.15.0
- nghttp3 0.11.0
- nghttp2 1.53.0
Adapt to new API calls
Closes #11031
Jay Satiro (10 May 2023)
- openssl: fix indent
Daniel Stenberg (10 May 2023)
- CURLOPT_DNS_CACHE_TIMEOUT.3: fix spelling
Follow-up to 9ed7d56e044f5aa1b29
Closes #11096
- hostip: use time_t for storing oldest DNS entry
Theoretically, the oldest time could overflow an int. In practice that
won't happen, but let's do this to please analyzers.
Follow-up to 9ed7d56e044f5aa1b2928ccde6245d0
Pointed out by Coverity.
Closes #11094
- http: free the url before storing a new copy
To avoid a memory-leak.
Reported-by: Hiroki Kurosawa
Closes #11093
- compressed.d: clarify the words on "not notifying headers"
Reported-by: Dylan Anthony
Fixes #11091
Closes #11092
- libssh2: free fingerprint better
Reported-by: Wei Chong Tan
Closes #11088
- CURLOPT_IPRESOLVE.3: clarify that this for host names, not IP addresses
Reported-by: Harry Sintonen
Closes #11087
- hostip: enforce a maximum DNS cache size independent of timeout value
To reduce the damage an application can cause if using -1 or other
ridiculous timeout values and letting the cache live long times.
The maximum number of entries in the DNS cache is now totally
arbitrarily and hard-coded set to 29999.
Closes #11084
- hostip: store dns timeout as 'int'
... because it set and held as an 'int' elsewhere and can never be
larger.
- RELEASE-NOTES: synced
- tool_operate: refuse (--data or --form) and --continue-at combo
libcurl assumes that a --continue-at resumption is done to continue an
upload using the read callback and neither --data nor --form use
that and thus won't do what the user wants. Whatever the user wants
with this strange combination.
Add test 426 to verify.
Reported-by: Smackd0wn on github
Fixes #11081
Closes #11083
- transfer: refuse POSTFIELDS + RESUME_FROM combo
The code assumes that such a resume is wanting to continue an upload
using the read callback, and since POSTFIELDS is done without callback
libcurl will just misbehave.
This combo will make the transfer fail with CURLE_BAD_FUNCTION_ARGUMENT
with an explanation in the error message.
Reported-by: Smackd0wn on github
Fixes #11081
Closes #11083
- ipv4.d/ipv6.d: they are "mutex", not "boolean"
... which for example means they do not have --no-* versions.
Reported-by: Harry Sintonen
Fixes #11085
Closes #11086
- docs/SECURITY-ADVISORY.md: how to write a curl security advisory
Closes #11080
nobedee on github (5 May 2023)
- MANUAL.md: add dict example for looking up a single definition
Closes #11077
Dan Fandrich (5 May 2023)
- runtests: fix -c option when run with valgrind
The curl binary argument wasn't being quoted properly. This seems to
have broken at some point after quoting was added in commit 606b29fe.
Reported-by: Daniel Stenberg
Ref: #11073
Fixes #11074
Closes #11076
- runtests: support creating more than one runner process
The controller currently only creates and uses one, but more are now
possible.
Ref: #10818
- runtests: spawn a new process for the test runner
When the -j option is given, a new process is spawned in which the test
programs are run and from which test servers are started. Only one
process can be started at once, but this is sufficient to test that the
infrastructure can isolate those functions in a new task. There should
be no visible difference between the two modes at the moment.
Ref: #10818
Closes #11064
- runtests: turn singletest() into a state machine
This allows it to run in a non-blocking manner.
Ref: #10818
- runtests: change runner interface to be asynchronous
Program arguments are marshalled and then written to the end of a pipe
which is later read from and the arguments unmarshalled before the
desired function is called normally. The function return values are
then marshalled and written into another pipe when is later read from
and unmarshalled before being returned to the caller.
The implementation is currently blocking but can be made non-blocking
without any changes to the API. This allows calling multiple runners
without blocking in the future.
Ref: #10818
- runtests: call citest_finishtest in singletest
This is where citest_starttest is called.
Ref: #10818
- runtests: add a runner initialization function
This sets up the runner environment to start running tests.
Ref: #10818
- runtests: remove directory from server filename variables
There will soon be multiple log directories so the paths will no longer
be static in runtests.pl. Also, get rid of $SERVER2IN which was not
used.
Ref: #10818
- runtests: reduce package exports after refactoring
Some recent refactoring made these export no longer necessary. Also,
stop displaying the Unix socket paths at startup since there will soon
be many of them and they're not that interesting.
Ref: #10818
- runtests: use a function to obtain $LOGDIR for a test
This will no longer be static soon.
Ref: #10818
Jay Satiro (5 May 2023)
- tool_cb_hdr: Fix 'Location:' formatting for early VTE terminals
- Disable hyperlink formatting for the 'Location:' header value in VTE
0.48.1 and earlier, since it is buggy in some of those versions.
Prior to this change those terminals may show the location header value
as gibberish or show it twice.
Ref: https://gist.github.com/egmontkob/eb114294efbcd5adb1944c9f3cb5feda#backw
ard-compatibility
Fixes https://github.com/curl/curl/issues/10428
Closes https://github.com/curl/curl/pull/11071
François Michel (3 May 2023)
- quiche: disable pacing while pacing is not actually performed
Closes #11068
Daniel Stenberg (2 May 2023)
- easy_cleanup: require a "good" handle to act
By insisting that the passed in handle is "good" (the magic number is
intact), this can limit the potential damage if a bad pointer is passed
in. Like when this function is called twice on the same handle pointer.
Ref: #10964
Closes #11061
Andreas Falkenhahn (1 May 2023)
- amiga: Fix CA certificate paths for AmiSSL and MorphOS
AmiSSL stores certificates in `AmiSSL:Certs` and MorphOS stores them in
`MOSSYS:Data/SSL/curl-ca-bundle.crt`.
Closes https://github.com/curl/curl/pull/11059
Daniel Stenberg (30 Apr 2023)
- http2: (void)-mark when we explicitly ignore the return code
When h2_progress_egress() is called. Pointed out by Coverity.
Closes #11057
- checksrc: find bad indentation in conditions without open brace
If the previous line starts with if/while/for AND ends with a closed
parenthesis and there's an equal number of open and closed parentheses
on that line, verify that this line is indented $indent more steps, if
not a cpp line.
Also adjust the fall-out from this fix.
Closes #11054
Diogo Teles Sant'Anna (28 Apr 2023)
- CI: Set minimal permissions on workflow ngtcp2-quictls.yml
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
Closes #11055
Dan Fandrich (28 Apr 2023)
- CI: use another glob syntax for matching files on Appveyor
The previous globbing syntax was not matching files recursively in
directories, so try appending a /* to more closely match the examples at
https://www.appveyor.com/docs/how-to/filtering-commits/
Daniel Stenberg (28 Apr 2023)
- multi: add multi-ignore logic to multi_socket_action
The multi-ignore logic that was previously applied to
curl_multi_perform() (#10750) is here applied to the loop within
curl_multi_socket_action() to make it use the same optimization: most
handles have the same signal-ignore option state so this drastically
reduces the number of ignore/unignore calls per libcurl function invoke.
Follow-up to bc90308328afb8
Closes #11045