Resolve conf #28
Open
Resolve conf #28
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From `lib/h` to `lib/w`. part 1: 47a1ab2 curl#19764 part 2: 86b3464 curl#19800 Closes curl#19811
Eliminate a heap buffer in both `win32_idn_to_ascii()` and `win32_ascii_to_idn()`, by replacing it with stack buffer. The maximum size is fixed in these cases, and small enough to fit there. Also reuse length returned by the UTF-8 to wchar conversion, allowing to drop `wcslen()` call in both functions, and allowing to call the wchar to UTF-8 conversion API `WideCharToMultiByte()` with the known length, saving length calculations within that API too. Ref: curl#19748 (comment) Closes curl#19798
Sometimes 1 minutes is too short to install 39.4 kB of archives. Ref: https://github.com/curl/curl/actions/runs/19898949860/job/57036965452
To allow replacing `&` characters in `tests/data/test*` files for XML-compliance. Also: - document `%GT`, `%LT` Follow-up to de49cc8 curl#19470 Closes curl#19824
They are close on the keyboard and don't affect test results. To make this test XML-compliant. Ref: curl#14479 Follow-up to 40c264d curl#15739 Closes curl#19826
…t run) Patch curl#19786 removed an exception, which caused many more CI jobs to run `memanalyze.pl`. It resulted in a 10-30% (Linux), 15% (macOS), 100% (2x, on Windows) slowdown of runtest steps. It also made some jobs exceed their time limits and fail (seen with the Windows ARM64 job.) Turns out the overhead was caused by calling `memanalyze.pl` as an external process (twice per test), which in turn had to load a full Perl stack from scratch each time. Fix by converting memanalyze to a Perl modul, loaded as part of `runtests.pl`, which eliminated the overhead completely. It also sped up existing jobs where memanalyze was run for a long time, e.g. two c-ares Windows jobs, saving 4.5m per CI run. Supersedes curl#19819 Bug: curl#19786 (comment) Follow-up to fb7033d curl#19786 Closes curl#19821
OpenSSL 4 has plans to make ASN1_STRING opaque, which will break the build, so convert the code to use accessors. ASN1_STRING_length() and ASN1_STRING_type() go way back to SSLeay and ASN1_STRING_get0_data() is OpenSSL 1.1 API present in BoringSSL since foreer and also available since LibreSSL 2.7, so this should not cause compat issues with any libcrypto in a supported version of the fork family. openssl/openssl#29117 Closes curl#19831
Function Curl_bufref_ptr() now returns a const char *. New function Curl_bufref_uptr() returns a const unsigned char *. Usage and doc updated. Closes curl#19827
Lengths are not stored in the structures, as they may be given before the data locations. Closes curl#19827
To make it clearer to readers of the code that the resulting dup also has a null terminator. Something a "normal" memdup() does not provide. Closes curl#19833
Since we no longer traverse the transfers attached to a connection, change the sparse bitset to just a `uint32_t` counter. This makes multi_ev the single user of sparse bitsets for transfers using a socket and allocation failures are handled there correctly. Refs curl#19818 Closes curl#19836
Cleans up a common pattern somewhat. Implemented as a macro. Closes curl#19834
Also: - badwords.pl: add support for filename:word exceptions. - badwords.pl: handle `-w` file open errors. Ref: curl#19817 (comment) Closes curl#19837
- gnutls, mbedtls: fix casing in log messages. - src/tool_cfgable.h: drop unused header. - appveyor.sh: variable style. - cmakelint.sh: sync with libssh2, catch `.cmake.in` explicitly. - examples: drop obsolete comments, exclamation marks. - fix comment typos, casing. Closes curl#19839
Windows 10.17063+ (having unix socket support) fails to set for unix sockets the `SO_REUSEADDR` option, with error 10045 (`WSAEOPNOTSUPP`), and also fails to set `SO_KEEPALIVE` with error 10042 (`WSAENOPROTOOPT`). Fix by not enabling these socket options on Windows for unix sockets. Also: - fixing test 1435, 1436 to run in CI. - fixing the `socksd` test server for test 1467, 1468, 1470. But, also disable these for now due to another Windows issue: curl#19825 Ref: https://stackoverflow.com/questions/68791319/unix-domain-socket-bind-failed-in-windows/68794755#68794755 Ref: curl#19810 Closes curl#19812
non-LibreSSL always includes BoringSSL and AWS-LC, no need to check for them explicitly. Follow-up to 69c89bf curl#18330 Closes curl#19843
The example code does not use curl_multi_assign(), but its callback function used socketp (called sockp in the function) to get the struct priv pointer instead of the correct clientp (cbp). Reported-by: Greg Hudson Fixes curl#19840 Closes curl#19841
Even if the scheme is "file"! Closes curl#19838
Legacy LDAP means an OpenLDAP-compatible implementation without the private API `ldap_init_fd()` introduced in OpenLDAP 2.4.6+ (2007-10-31), and not WinLDAP. One known example is Apple's LDAP build, which is based on OpenLDAP 2.4.28 (2011-11-25), without providing this private API. The version query API was introduced around 1998-1999, before the minimum (2.0 2000-08-01) required by curl. Follow-up to 3e2a946 curl#19808 Closes curl#19832
Move existing `Curl_rename()` `rename()` wrapper from lib to curlx/fopen, and make it a curlx macro/function. To allow using the local worker function to fixup long filenames on Windows. Then fix the Windows-specific rename implementation to support long filenames. This operation may happen when using a cookie jar, HSTS cache or alt-svc cache, via libcurl or the curl tool. Before this patch, when passing a long filename to the above options, a `<random>.tmp` file was left on the disk without renaming it to the filename passed to curl. There was also 1 second delay for each attempted rename operation. Also: - checksrc: ban raw `rename()` and `MoveFileEx*()` functions. - Note: `Curl_rename()` returned 1 on failure before this patch, while `curlx_rename()` returns -1 after, to match POSIX `rename()`. Refs: https://learn.microsoft.com/windows/win32/api/winbase/nf-winbase-movefileexa https://learn.microsoft.com/windows/win32/fileio/maximum-file-path-limitation Ref: curl#20040 Closes curl#20042
Since Curl_mntfy_dispatch_all() is called with high frequency and mostly unnecessary, add a check macro to avoid the call when not needed. Closes curl#20034
1. With `MBEDTLS_SSL_PROTO_TLS1_2` not enabled, the mbedTLS code was not able to connect to any server due to broken logic in curl's `mbed_set_ssl_version_min_max()`. Now it correctly sets the minimum supported TLS version based on what is compiled in the library. 2. If debugging is enabled, move the debugging enabling earlier in the `mbed_connect_step1()` so that verbose errors are actually displayed if failures happen (see the previous point -- it would've made debugging that issue easier). 3. Remove the constant `mbedtls_x509_crt_profile_fr` and instead use mbedTLS-included profile `mbedtls_x509_crt_profile_next` with `mbedtls_ssl_conf_cert_profile()`. This will follow the latest standards as new mbedTLS versions are released (rather than being stuck-in-time until someone comes along to fix what was hard-coded here). This has the immediate benefit of no longer supporting SHA1 certs and insecure RSA key-lengths (1024). This fix immediately prevents previously possible MITM attacks (SHA1 hashes and RSA-1024 keys can be forged relatively easily by nation-state actors and criminal organizations with deep-pockets). 4. Added [predictive resistance](https://mbed-tls.readthedocs.io/en/latest/kb/how-to/add-a-random-generator/#enabling-prediction-resistance) to the random number generator (adding more entropy to the RNG). 5. Split the random number generator into initialization, the actual random generation, and the "freeing" of the resources. This significantly reduces the overhead of using the RNG. 6. Removed the separate RNG function in the TLS connect stage (instead use the "main" one) and remove the ad-hoc threading support. Instead properly document how to enable threading in mbedTLS. As it was, other internals of mbedTLS could have race conditions (in the RSA module in particular) if `MBEDTLS_THREADING_C` was *not* enabled. And if it is enabled, then these race-conditions cannot happen. And also, if MBEDTLS_THREADING_C is enabled then the RNG functions [are fully thread-safe](https://mbed-tls.readthedocs.io/en/latest/kb/development/thread-safety-and-multi-threading/). So, the previous ad-hoc threading support was both partial and broken. 7. Enable support for disabling `MBEDTLS_PEM_PARSE_C`. 8. Add support for `CURLOPT_SSLCERTTYPE` so user can specify `PEM` or `DER` and get faster execution. Closes curl#19983
Unused since dafdb20 curl#9855 Cherry-picked from curl#20051 Closes curl#20053
`curlx/base64.h` and `curlx/strparse.h`. Closes curl#20054
Delete where unused, include where to used to avoid relying on side-effect of other headers. Also: delete "for curlx_nonblock" comments. That's the only symbol offered by this header. Closes curl#20055
To not include it implicitly for all `curl_ntlm_core.h` users. Closes curl#20058
To make it available for all files. Drop includes from individual sources. This header was already included from most sources and not specific to any internal subsystem. Also to ensure that two system symbol redefines on Windows (`read()` and `write()`) get applied to all sources. Move them to `curl_setup.h`. Closes curl#20056
In unity builds the source filename (via `__FILE__`) has no path (or uses slashes?), while in non-unity ones it does contain backslashes on Windows, with MSVC. Fix the test to recognize backslashes in the `stripfile` regexp. Seen in MSVC jobs in CI: ```diff -MEM tool_cfgable.c[LF] -MEM tool_paramhlp.c[LF] -MEM tool_cfgable.c[LF] -MEM tool_cfgable.c[LF] -MEM tool_cfgable.c[LF] -MEM tool_cfgable.c[LF] +MEM D:\a\curl\curl\src\tool_cfgable.c[LF] +MEM D:\a\curl\curl\src\tool_paramhlp.c[LF] +MEM D:\a\curl\curl\src\tool_cfgable.c[LF] +MEM D:\a\curl\curl\src\tool_cfgable.c[LF] +MEM D:\a\curl\curl\src\tool_cfgable.c[LF] +MEM D:\a\curl\curl\src\tool_cfgable.c[LF] ``` Ref: https://github.com/curl/curl/actions/runs/20408366058/job/58641468316?pr=20061#step:13:303 Ref: https://github.com/curl/curl/actions/runs/20408522070/job/58641826216?pr=20064#step:13:298 Closes curl#20064
- replace `sendf.h` with `curl_trc.h` where it was included just for it. - drop unused `curl_trc.h` includes. - easy: delete obsolete comment about `send.h` include reason. Also: - move out `curl_trc.h` include from `sendf.h` and include it directly in users, where not done already. To flatten the include tree and to less rely on indirect includes. - stop including `sendf.h` from other headers, replace it with forward declaration of `Curl_easy`, as done already elsewhere. Verified with an all non-unity CI run. Closes curl#20061
Follow-up to 250d613 curl#15787 Closes curl#20068
Build list with dynbuf. Closes curl#20072
On versions before macOS 10.14, ios 12 and watchos 5, check the evaluation code to return the error from evaluation. Reported-by: Stanislav Fort Closes curl#20074
This function REQUIRES the size of the target buffer as well as the length of the source string. Meant to make it harder to do a bad strcpy(). Removes 23 calls to strcpy(). Closes curl#20067
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.