#
3829759b |
| 08-Dec-2023 |
Viktor Szakats |
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]. Enable new recommended warnings (except `-Wsign-conversion`): - enable `-Wformat=2` for clang (in both cmake and autotools). - add `CURL_PRINTF()` internal attribute and mark functions accepting printf arguments with it. This is a copy of existing `CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible with redefinting the `printf` symbol: https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94 - fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for mingw-w64 and enable it on this platform. - enable `-Wimplicit-fallthrough`. - enable `-Wtrampolines`. - add `-Wsign-conversion` commented with a FIXME. - cmake: enable `-pedantic-errors` the way we do it with autotools. Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747 - lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format checks. Previously it was always disabled due to the internal `printf` macro. Fix them: - fix bug where an `set_ipv6_v6only()` call was missed in builds with `--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`. - add internal `FALLTHROUGH()` macro. - replace obsolete fall-through comments with `FALLTHROUGH()`. - fix fallthrough markups: Delete redundant ones (showing up as warnings in most cases). Add missing ones. Fix indentation. - silence `-Wformat-nonliteral` warnings with llvm/clang. - fix one `-Wformat-nonliteral` warning. - fix new `-Wformat` and `-Wformat-security` warnings. - fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its definition to `lib/curl_setup.h` allowing use in `tests/server`. - lib: fix two wrongly passed string arguments in log outputs. Co-authored-by: Jay Satiro - fix new `-Wformat` warnings on mingw-w64. [1] https://github.com/ossf/wg-best-practices-os-developers/blob/56c0fde3895bfc55c8a973ef49a2572c507b2ae1/docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C%2B%2B.md Closes #12489
show more ...
|
#
a426b505 |
| 13-Oct-2023 |
Viktor Szakats |
build: variadic macro tidy-ups - delete unused `HAVE_VARIADIC_MACROS_C99/GCC` feature checks. (both autotools and CMake.) - delete duplicate `NULL` check in `Curl_trc_cf_infof()`.
build: variadic macro tidy-ups - delete unused `HAVE_VARIADIC_MACROS_C99/GCC` feature checks. (both autotools and CMake.) - delete duplicate `NULL` check in `Curl_trc_cf_infof()`. - fix compiler warning in `CURL_DISABLE_VERBOSE_STRINGS` builds. ``` ./lib/cf-socket.c:122:41: warning: unused parameter 'data' [-Wunused-parameter] static void nosigpipe(struct Curl_easy *data, ^ ``` - fix `#ifdef` comments in `lib/curl_trc.{c,h}`. - fix indentation in some `infof()` calls. Follow-up to dac293cfb7026b1ca4175d88b80f1432d3d3c684 #12167 Cherry-picked from #12105 Closes #12210
show more ...
|
#
bc642cb3 |
| 20-Jul-2023 |
Brad Harder |
websocket: rename arguments/variables to match docs Pedantry/semantic-alignment between functions, docs, comments with respect to websocket protocol code; No functional change intended.
websocket: rename arguments/variables to match docs Pedantry/semantic-alignment between functions, docs, comments with respect to websocket protocol code; No functional change intended. * "totalsize", "framesize" becomes "fragsize" (we deal in frame fragments). * "sendflags" becomes "flags" * use canonical CURL *handle Closes #11493
show more ...
|
#
fd306e55 |
| 16-Jun-2023 |
Jay Satiro |
lib: fix some format specifiers - Use CURL_FORMAT_CURL_OFF_T where %zd was erroneously used for some curl_off_t variables. - Use %zu where %zd was erroneously used for some si
lib: fix some format specifiers - Use CURL_FORMAT_CURL_OFF_T where %zd was erroneously used for some curl_off_t variables. - Use %zu where %zd was erroneously used for some size_t variables. Prior to this change some of the Windows CI tests were failing because in Windows 32-bit targets have a 32-bit size_t and a 64-bit curl_off_t. When %zd was used for some curl_off_t variables then only the lower 32-bits was read and the upper 32-bits would be read for part or all of the next specifier. Fixes https://github.com/curl/curl/issues/11327 Closes https://github.com/curl/curl/pull/11321
show more ...
|
#
e024d566 |
| 23-May-2023 |
Stefan Eissing |
lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID - add an `id` long to Curl_easy, -1 on init - once added to a multi (or its own multi), it gets a non-negative number assigned by the
lib: add CURLINFO_CONN_ID and CURLINFO_XFER_ID - add an `id` long to Curl_easy, -1 on init - once added to a multi (or its own multi), it gets a non-negative number assigned by the connection cache - `id` is unique among all transfers using the same cache until reaching LONG_MAX where it will wrap around. So, not unique eternally. - CURLINFO_CONN_ID returns the connection id attached to data or, if none present, data->state.lastconnect_id - variables and type declared in tool for write out Closes #11185
show more ...
|
#
78886afb |
| 07-Jun-2023 |
Daniel Stenberg |
ws: make the curl_ws_meta() return pointer a const The returned info is read-only for the user. Closes #11261
|
#
bb0b245c |
| 27-Apr-2023 |
Daniel Stenberg |
ws: fix CONT opcode check Detected by Coverity. Follow-up to 930c00c259 Closes #11037
|
#
acd82c8b |
| 26-Apr-2023 |
Stefan Eissing |
tests/http: more tests with specific clients - Makefile support for building test specific clients in tests/http/clients - auto-make of clients when invoking pytest - added test_09_0
tests/http: more tests with specific clients - Makefile support for building test specific clients in tests/http/clients - auto-make of clients when invoking pytest - added test_09_02 for server PUSH_PROMISEs using clients/h2-serverpush - added test_02_21 for lib based downloads and pausing/unpausing transfers curl url parser: - added internal method `curl_url_set_authority()` for setting the authority part of a url (used for PUSH_PROMISE) http2: - made logging of PUSH_PROMISE handling nicer Placing python test requirements in requirements.txt files - separate files to base test suite and http tests since use and module lists differ - using the files in the gh workflows websocket test cases, fixes for we and bufq - bufq: account for spare chunks in space calculation - bufq: reset chunks that are skipped empty - ws: correctly encode frames with 126 bytes payload - ws: update frame meta information on first call of collect callback that fills user buffer - test client ws-data: some test/reporting improvements Closes #11006
show more ...
|
#
930c00c2 |
| 18-Apr-2023 |
Stefan Eissing |
Websocket en-/decoding - state is fully kept at connection, since curl_ws_send() and curl_ws_rec() have lifetime beyond usual transfers - no more limit on frame sizes Repo
Websocket en-/decoding - state is fully kept at connection, since curl_ws_send() and curl_ws_rec() have lifetime beyond usual transfers - no more limit on frame sizes Reported-by: simplerobot on github Fixes #10962 Closes #10999
show more ...
|
#
b19cbebb |
| 28-Mar-2023 |
Daniel Stenberg |
ws: handle reads before EAGAIN better Reported-by: simplerobot on github Fixes #10831 Closes #10856
|
#
3b23dbee |
| 27-Feb-2023 |
Daniel Stenberg |
ws: keep the socket non-blocking Reported-by: marski on github Fixes #10615 Closes #10625
|
#
2e2e3d16 |
| 08-Feb-2023 |
Daniel Stenberg |
ws: fix recv of larger frames + remove 'oleft' from the struct + deal with "overflow data" in a separate dynbuf Reported-by: Mike Duglas Fixes #10438 Closes #10447
|
#
da8e97b5 |
| 08-Feb-2023 |
Daniel Stenberg |
ws: use %Ou for outputting curl_off_t with info() Reported-by: Mike Duglas Fixes #10439 Closes #10441
|
#
ad55b236 |
| 06-Feb-2023 |
Mike Duglas |
ws: fix multiframe send handling Fixes #10413 Closes #10420
|
#
4c48fb49 |
| 30-Jan-2023 |
Daniel Stenberg |
ws: unstick connect-only shutdown As this mode uses blocking sockets, it must set them back to non-blocking in disconnect to avoid the risk of getting stuck. Closes #10366
|
#
09754495 |
| 30-Jan-2023 |
Daniel Stenberg |
ws: remove bad assert Reported-by: Stanley Wucw Fixes #10347 Closes #10366
|
#
abae4e31 |
| 13-Jan-2023 |
Daniel Stenberg |
ws: fix autoping handling Reported-by: Alexey Savchuk Fixes #10289 Closes #10294
|
#
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - save
copyright: update all copyright lines and remove year ranges - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
show more ...
|
#
734c1f89 |
| 12-Dec-2022 |
Daniel Stenberg |
ws: if no connection is around, return error - curl_ws_send returns CURLE_SEND_ERROR if data->conn is gone - curl_ws_recv returns CURLE_GOT_NOTHING on connection close - cu
ws: if no connection is around, return error - curl_ws_send returns CURLE_SEND_ERROR if data->conn is gone - curl_ws_recv returns CURLE_GOT_NOTHING on connection close - curl_ws_recv.3: mention new return code for connection close + example embryo Closes #10084
show more ...
|
#
13d55020 |
| 11-Nov-2022 |
Stefan Eissing |
Websocket: fixes for partial frames and buffer updates. - buffers updated correctly when handling partial frames - callbacks no longer invoked for incomplete payload data of 0 length
Websocket: fixes for partial frames and buffer updates. - buffers updated correctly when handling partial frames - callbacks no longer invoked for incomplete payload data of 0 length - curl_ws_recv no longer returns with 0 length partial payload Closes #9890
show more ...
|
#
af5a22a9 |
| 07-Nov-2022 |
Stefan Eissing |
websockets: fix handling of partial frames buffer used and send length calculations are fixed when a partial websocket frame has been received. Closes #9861
|
#
3cbdf4a1 |
| 03-Nov-2022 |
Jay Satiro |
ws: return CURLE_NOT_BUILT_IN when websockets not built in - Change curl_ws_recv & curl_ws_send to return CURLE_NOT_BUILT_IN when websockets support is not built in. Prior to
ws: return CURLE_NOT_BUILT_IN when websockets not built in - Change curl_ws_recv & curl_ws_send to return CURLE_NOT_BUILT_IN when websockets support is not built in. Prior to this change they returned CURLE_OK. Closes #9851
show more ...
|
#
0554de58 |
| 09-Oct-2022 |
Daniel Stenberg |
ws: fix buffer pointer use in the callback loop Closes #9678
|
#
b261389d |
| 07-Oct-2022 |
Paul Seligman |
ws: minor fixes for web sockets without the CONNECT_ONLY flag - Fixed an issue where is_in_callback was getting cleared when using web sockets with debug logging enabled - Ensure t
ws: minor fixes for web sockets without the CONNECT_ONLY flag - Fixed an issue where is_in_callback was getting cleared when using web sockets with debug logging enabled - Ensure the handle is is_in_callback when calling out to fwrite_func - Change the write vs. send_data decision to whether or not the handle is in CONNECT_ONLY mode. - Account for buflen not including the header length in curl_ws_send Closes #9665
show more ...
|
#
c02291fd |
| 07-Oct-2022 |
Daniel Stenberg |
ws: fix Coverity complaints Coverity pointed out several flaws where variables remained uninitialized after forks. Follow-up to e3f335148adc6742728f Closes #9666
|