#
fb22459d |
| 26-Apr-2024 |
Stefan Eissing |
vtls: TLS session storage overhaul - add session with destructor callback - remove vtls `session_free` method - let `Curl_ssl_addsessionid()` take ownership of session object,
vtls: TLS session storage overhaul - add session with destructor callback - remove vtls `session_free` method - let `Curl_ssl_addsessionid()` take ownership of session object, freeing it also on failures - change tls backend use - test_17, add tests for SSL session resumption Closes #13386
show more ...
|
#
5c59f914 |
| 18-Apr-2024 |
Stefan Eissing |
http2 + ngtcp2: pass CURLcode errors from callbacks - errors returned by Curl_xfer_write_resp() and the header variant are not errors in the protocol. The result needs to be returned o
http2 + ngtcp2: pass CURLcode errors from callbacks - errors returned by Curl_xfer_write_resp() and the header variant are not errors in the protocol. The result needs to be returned on the next recv() from the protocol filter. - make xfer write errors for response data cause the stream to be cancelled - added pytest test_02_14 and test_02_15 to verify that also for parallel processing Reported-by: Laramie Leavitt Fixes #13411 Closes #13424
show more ...
|
#
c22f4630 |
| 17-Apr-2024 |
Daniel Stenberg |
ngtcp2: fix macro use macro "H3_STREAM_CTX" requires 2 arguments, but only 1 given Follow-up to c6655f7029ec5c128561e3ecf1f93db3ed0432a4 Closes #13401
|
#
c6655f70 |
| 27-Mar-2024 |
Stefan Eissing |
http/2, http/3: decouple stream state from easy handle - add `Curl_hash_offt` as hashmap between a `curl_off_t` and an object. Use this in h2+h3 connection filters to associate `
http/2, http/3: decouple stream state from easy handle - add `Curl_hash_offt` as hashmap between a `curl_off_t` and an object. Use this in h2+h3 connection filters to associate `data->id` with the internal stream state. - changed implementations of all affected connection filters - removed `h2_ctx*` and `h3_ctx*` from `struct HTTP` and thus the easy handle - solves the problem of attaching "foreign protocol" easy handles during connection shutdown Test 1616 verifies the new hash functions. Closes #13204
show more ...
|
#
08d10d2a |
| 15-Apr-2024 |
Stefan Eissing |
http3: extend download abort tests, fixes in ngtcp2 - fix flow handling in ngtcp2 to ACK data on streams we abort ourself. - extend test_02_23* cases to also run for h3 - skip
http3: extend download abort tests, fixes in ngtcp2 - fix flow handling in ngtcp2 to ACK data on streams we abort ourself. - extend test_02_23* cases to also run for h3 - skip test_02_23* for OpenSSL QUIC as it gets stalled on progressing the connection Closes #13374
show more ...
|
#
8dd81bd5 |
| 21-Mar-2024 |
Stefan Eissing |
lib: add Curl_xfer_write_resp_hd Add method in protocol handlers to allow writing of a single, 0-terminated header line. Avoids parsing and copying these lines. Closes #13165
|
#
4f15443d |
| 10-Apr-2024 |
Viktor Szakats |
quic: fixup duplicate static function name (for cmake unity) Visible in daily curl-for-win builds: https://github.com/curl/curl-for-win/actions/runs/8621925870 ``` lib/vquic
quic: fixup duplicate static function name (for cmake unity) Visible in daily curl-for-win builds: https://github.com/curl/curl-for-win/actions/runs/8621925870 ``` lib/vquic/curl_ngtcp2.c:1916:12: error: redefinition of 'ossl_new_session_cb' static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid) ^ lib/vtls/openssl.c:2978:12: note: previous definition is here static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid) ^ ``` https://github.com/curl/curl-for-win/actions/runs/8621925870/job/23631885439#step:3:6965 Follow-up to 3210101088dfa3d6a125d213226b092f2f866722 #13172 Closes #13332
show more ...
|
#
32101010 |
| 22-Mar-2024 |
Stefan Eissing |
tls: use shared init code for TCP+QUIC Closes #13172
|
#
9287563e |
| 05-Apr-2024 |
Stefan Eissing |
vquic: use new curl_int64_t type - add curl_int64_t signed 64-bit type for lib use - define CURL_PRId64, CURL_PRIu64 format ids - use curl_int64_t in vquic curl_in
vquic: use new curl_int64_t type - add curl_int64_t signed 64-bit type for lib use - define CURL_PRId64, CURL_PRIu64 format ids - use curl_int64_t in vquic curl_int64_t signed complements the existing curl_uint64_t unsigned. Note that `curl_int64_t` and `int64_t` are assignable from each other but not identical. Some platforms with 64 long type defint int64_t as "long long" (staring at macOS) which messes up things like pointers and format identifiers. Closes https://github.com/curl/curl/pull/13293
show more ...
|
#
32083608 |
| 30-Mar-2024 |
Daniel Stenberg |
vquic: use CURL_FORMAT_CURL_OFF_T for 64 bit printf output Reported-by: Keitagit-kun on github Fixes #13224 Closes #13231
|
#
98f67a61 |
| 19-Mar-2024 |
Stefan Eissing |
http2, http3: only return CURLE_PARTIAL_FILE when bytes were received - should resolve spurious pytest failures when stream were reset right after response header were received
http2, http3: only return CURLE_PARTIAL_FILE when bytes were received - should resolve spurious pytest failures when stream were reset right after response header were received Clsoes #13151
show more ...
|
#
4e4e8af1 |
| 11-Mar-2024 |
Stefan Eissing |
lib: move 'done' parameter to SingleRequests A transfer may do several `SingleRequest`s for its success. This happens regularly for authentication, follows and retries on failed connecti
lib: move 'done' parameter to SingleRequests A transfer may do several `SingleRequest`s for its success. This happens regularly for authentication, follows and retries on failed connections. The "readwrite()" calls and functions connected to those carried a `bool *done` parameter to indicate that the current `SingleRequest` is over. This may happen before `upload_done` or `download_done` bits of `SingleRequest` are set. The problem with that is now `write_resp()` protocol handlers are invoked in places where the `bool *done` cannot be passed up to the caller. Instead of being a bool in the call chain, it needs to become a member of `SingleRequest`, reflecting its state. This removes the `bool *done` parameter and adds the `done` bit to `SingleRequest` instead. It adds `Curl_req_soft_reset()` for using a `SingleRequest` in a follow up, clearing `done` and other flags/counters. Closes #13096
show more ...
|
#
fcef00db |
| 08-Mar-2024 |
Stefan Eissing |
lib: keep conn IP information together new struct ip_quadruple for holding local/remote addr+port - used in data->info and conn and cf-socket.c - copy back and forth complete st
lib: keep conn IP information together new struct ip_quadruple for holding local/remote addr+port - used in data->info and conn and cf-socket.c - copy back and forth complete struct - add 'secondary' to conn - use secondary in reporting success for ftp 2nd connection Reported-by: DasKutti on github Fixes #13084 Closes #13090
show more ...
|
#
8a9fbd62 |
| 07-Mar-2024 |
Stefan Eissing |
ngtcp2: no recvbuf for stream - write response data directly to the transfer via `Curl_xfer_write_resp()` like we do in HTTP/2. Closes #13073
|
#
2cd78f52 |
| 29-Feb-2024 |
RainRat |
misc: Fix typos in docs and lib This fixes miscellaneous typos and duplicated words in the docs, lib and test comments and a few user facing errorstrings. Author: RainRat on Git
misc: Fix typos in docs and lib This fixes miscellaneous typos and duplicated words in the docs, lib and test comments and a few user facing errorstrings. Author: RainRat on Github Reviewed-by: Daniel Gustafsson <daniel@yesql.se> Reviewed-by: Dan Fandrich <dan@coneharvesters.com> Closes: #13019
show more ...
|
#
5d044ad9 |
| 09-Jan-2024 |
Stefan Eissing |
vquic: extract TLS setup into own source - separate ngtcp2 specific parts out - provide callback during init to allow ngtcp2 to apply its defaults Closes #12678
|
#
a0f94800 |
| 05-Jan-2024 |
Stefan Eissing |
transfer: adjust_pollset improvements - let `multi_getsock()` initialize the pollset in what the transfer state requires in regards to SEND/RECV - change connection filters `adjust
transfer: adjust_pollset improvements - let `multi_getsock()` initialize the pollset in what the transfer state requires in regards to SEND/RECV - change connection filters `adjust_pollset()` implementation to react on the presence of POLLIN/-OUT in the pollset and no longer check CURL_WANT_SEND/CURL_WANT_RECV - cf-socket will no longer add POLLIN on its own - http2 and http/3 filters will only do adjustments if the passed pollset wants to POLLIN/OUT for the transfer on the socket. This is similar to the HTTP/2 proxy filter and works in stacked filters. Closes #12640
show more ...
|
#
8e2d7b9f |
| 04-Jan-2024 |
Stefan Eissing |
http: adjust_pollset fix do not add a socket for POLLIN when the transfer does not want to send (for example is paused). Follow-up to 47f5b1a Reported-by: bubbleguuum o
http: adjust_pollset fix do not add a socket for POLLIN when the transfer does not want to send (for example is paused). Follow-up to 47f5b1a Reported-by: bubbleguuum on github Fixes #12632 Closes #12633
show more ...
|
#
b83729a3 |
| 26-Dec-2023 |
Jay Satiro |
quiche: return CURLE_HTTP3 on send to invalid stream Prior to this change if a send failed on a stream in an invalid state (according to quiche) and not marked as closed (according to li
quiche: return CURLE_HTTP3 on send to invalid stream Prior to this change if a send failed on a stream in an invalid state (according to quiche) and not marked as closed (according to libcurl) then the send function would return CURLE_SEND_ERROR. We already have similar code for ngtcp2 to return CURLE_HTTP3 in this case. Caught by test test_07_upload.py: test_07_22_upload_parallel_fail. Fixes https://github.com/curl/curl/issues/12590 Closes https://github.com/curl/curl/pull/12597
show more ...
|
#
98794c56 |
| 21-Dec-2023 |
ivanfywang |
ngtcp2: put h3 at the front of alpn Closes #12576
|
#
8706b680 |
| 13-Dec-2023 |
Stefan Eissing |
lib: eliminate `conn->cselect_bits` - use `data->state.dselect_bits` everywhere instead - remove `bool *comeback` parameter as non-zero `data->state.dselect_bits` will indicate tha
lib: eliminate `conn->cselect_bits` - use `data->state.dselect_bits` everywhere instead - remove `bool *comeback` parameter as non-zero `data->state.dselect_bits` will indicate that IO is incomplete. Closes #12512
show more ...
|
#
0fbbc80b |
| 04-Dec-2023 |
Stefan Eissing |
ngtcp2: ignore errors on unknown streams - expecially in is_alive checks on connections, we might see incoming packets on streams already forgotten and closed, leading to errors
ngtcp2: ignore errors on unknown streams - expecially in is_alive checks on connections, we might see incoming packets on streams already forgotten and closed, leading to errors reported by nghttp3. Ignore those. Closes #12449
show more ...
|
#
781cd3e8 |
| 01-Dec-2023 |
Stefan Eissing |
ngtcp2: fix races in stream handling - fix cases where ngtcp2 invokes callbacks on streams that nghttp3 has already forgotten. Ignore the NGHTTP3_ERR_STREAM_NOT_FOUND in these ca
ngtcp2: fix races in stream handling - fix cases where ngtcp2 invokes callbacks on streams that nghttp3 has already forgotten. Ignore the NGHTTP3_ERR_STREAM_NOT_FOUND in these cases as it is normal behaviour. Closes #12435
show more ...
|
#
247defa7 |
| 24-Nov-2023 |
Stefan Eissing |
quic: make eyeballers connect retries stop at weird replies - when a connect immediately goes into DRAINING state, do not attempt retries in the QUIC connection filter. Instead,
quic: make eyeballers connect retries stop at weird replies - when a connect immediately goes into DRAINING state, do not attempt retries in the QUIC connection filter. Instead, return CURLE_WEIRD_SERVER_REPLY - When eyeballing, interpret CURLE_WEIRD_SERVER_REPLY as an inconclusive answer. When all addresses have been attempted, rewind the address list once on an inconclusive answer. - refs #11832 where connects were retried indefinitely until the overall timeout fired Closes #12400
show more ...
|
#
00697785 |
| 22-Nov-2023 |
Viktor Szakats |
openssl: fix building with v3 `no-deprecated` + add CI test - build quictls with `no-deprecated` in CI to have test coverage for this OpenSSL 3 configuration. - don't call `Op
openssl: fix building with v3 `no-deprecated` + add CI test - build quictls with `no-deprecated` in CI to have test coverage for this OpenSSL 3 configuration. - don't call `OpenSSL_add_all_algorithms()`, `OpenSSL_add_all_digests()`. The caller code is meant for OpenSSL 3, while these two functions were only necessary before OpenSSL 1.1.0. They are missing from OpenSSL 3 if built with option `no-deprecated`, causing build errors: ``` vtls/openssl.c:4097:3: error: call to undeclared function 'OpenSSL_add_all_algorithms'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] vtls/openssl.c:4098:3: error: call to undeclared function 'OpenSSL_add_all_digests'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] ``` Ref: https://ci.appveyor.com/project/curlorg/curl-for-win/builds/48587418?fullLog=true#L7667 Regression from b6e6d4ff8f253c8b8055bab9d4d6a10f9be109f3 #12030 Bug: https://github.com/curl/curl/issues/12380#issuecomment-1822944669 Reviewed-by: Alex Bozarth - vquic/curl_ngtcp2: fix using `SSL_get_peer_certificate` with `no-deprecated` quictls 3 builds. Do it by moving an existing solution for this from `vtls/openssl.c` to `vtls/openssl.h` and adjusting caller code. ``` vquic/curl_ngtcp2.c:1950:19: error: implicit declaration of function 'SSL_get_peer_certificate'; did you mean 'SSL_get1_peer_certificate'? [-Wimplicit-function-declaration] ``` Ref: https://github.com/curl/curl/actions/runs/6960723097/job/18940818625#step:24:1178 - curl_ntlm_core: fix `-Wunused-parameter`, `-Wunused-variable` and `-Wunused-function` when trying to build curl with NTLM enabled but without the necessary TLS backend (with DES) support. Closes #12384
show more ...
|