| 349c5391 | 05-Feb-2023 |
Dan Fandrich |
tool_operate: Fix error codes on bad URL & OOM
curl would erroneously report CURLE_OUT_OF_MEMORY in some cases instead
of CURLE_URL_MALFORMAT. In other cases, it would erroneously return
tool_operate: Fix error codes on bad URL & OOM
curl would erroneously report CURLE_OUT_OF_MEMORY in some cases instead
of CURLE_URL_MALFORMAT. In other cases, it would erroneously return
CURLE_URL_MALFORMAT instead of CURLE_OUT_OF_MEMORY. Add a test case to
test the former condition.
Fixes #10130
Closes #10414
show more ...
|
| a0adda4b | 06-Feb-2023 |
Daniel Stenberg |
setopt: use >, not >=, when checking if uarg is larger than uint-max
Closes #10421 |
| 82123417 | 06-Feb-2023 |
Daniel Stenberg |
vtls: fix failf() format argument type for %.*s handling
Reported by Coverity
Closes #10422 |
| b0b33fe7 | 06-Feb-2023 |
Daniel Stenberg |
openssl: fix "Improper use of negative value"
By getting the socket first and returning error in case of bad socket.
Detected by Coverity.
Closes #10423 |
| 30607e77 | 06-Feb-2023 |
Dan Fandrich |
packages: Remove Android.mk from makefile
This was missed in commit #44141512
Ref: #10418 |
| ff7c390b | 06-Feb-2023 |
Daniel Stenberg |
curl_ws_send.3: clarify how to send multi-frame messages |
| ad55b236 | 06-Feb-2023 |
Mike Duglas |
ws: fix multiframe send handling
Fixes #10413
Closes #10420 |
| 51e9cff2 | 06-Feb-2023 |
Daniel Stenberg |
unit2600: make sure numerical curl_easy_setopt sets long
Follow-up to 671158242db3203
Reported-by: Marcel Raad
Fixes #10410
Closes #10419 |
| 4f051d0e | 04-Feb-2023 |
Andy Alt |
GHA: move Slackware test into matrix
Closes #10412 |
| 2b46ce03 | 03-Feb-2023 |
Pronyushkin Petr |
urlapi: fix part of conditional expression is always true: qlen
Closes #10408 |
| 690c43b3 | 03-Feb-2023 |
Pronyushkin Petr |
url: fix part of conditional expression is always true
Closes #10407 |
| 6740cf9e | 06-Feb-2023 |
Daniel Stenberg |
RELEASE-NOTES: synced |
| b8766444 | 05-Feb-2023 |
Philip Heiduck |
GHA/macos.yml: bump to gcc-12
Closes #10415 |
| 44141512 | 05-Feb-2023 |
Daniel Stenberg |
packages: remove Android, update README
- Nobody builds curl for Android using this anymore
- Refreshed the README and converted to markdown
Reported-by: John Porter
Fixes #
packages: remove Android, update README
- Nobody builds curl for Android using this anymore
- Refreshed the README and converted to markdown
Reported-by: John Porter
Fixes #10416
Closes #10418
show more ...
|
| 74040dde | 02-Feb-2023 |
Kvarec Lezki |
fopen: remove unnecessary assignment
[CWE-1164] V1048: The '* tempname' variable was assigned the same value.
Ref: https://pvs-studio.com/en/docs/warnings/v1048/
Closes htt
fopen: remove unnecessary assignment
[CWE-1164] V1048: The '* tempname' variable was assigned the same value.
Ref: https://pvs-studio.com/en/docs/warnings/v1048/
Closes https://github.com/curl/curl/pull/10398
show more ...
|
| 62097a7e | 13-Jan-2023 |
Gisle Vanem |
libtest: add a sleep macro for Windows
.. because sleep() is used in some libtests.
Closes https://github.com/curl/curl/pull/10295 |
| 97f7f668 | 02-Feb-2023 |
Kvarec Lezki |
http_aws_sigv4: remove typecasts from HMAC_SHA256 macro
V220: Suspicious sequence of types castings: memsize -> 32-bit integer -> memsize.
https://pvs-studio.com/en/docs/warnings/v2
http_aws_sigv4: remove typecasts from HMAC_SHA256 macro
V220: Suspicious sequence of types castings: memsize -> 32-bit integer -> memsize.
https://pvs-studio.com/en/docs/warnings/v220/
Closes #10400
show more ...
|
| 2537808d | 03-Feb-2023 |
Daniel Stenberg |
mailmap: Thomas1664 on github |
| c29ccb35 | 01-Feb-2023 |
Thomas1664 on github <46387399+Thomas1664@users.noreply.github.com> |
CURLOPT_WRITEFUNCTION.3: fix memory leak in example
Closes #10390 |
| 80c98ef6 | 02-Feb-2023 |
Kvarec Lezki |
doh: ifdef IPv6 code
For disabled IPv6 a condition (conn->ip_version != CURL_IPRESOLVE_V4) is
always false. https://pvs-studio.com/en/docs/warnings/v560/
Closes #10397 |
| 37554d7c | 02-Feb-2023 |
Daniel Stenberg |
urlapi: remove pathlen assignment
"Value stored to 'pathlen' is never read"
Follow-up to 804d5293f89
Reported-by: Kvarec Lezki
Closes #10405 |
| e1f78ce2 | 02-Feb-2023 |
Kvarec Lezki |
http: fix "part of conditional expression is always false"
[CWE-570] V560: A part of conditional expression is always false: conn->bits.authneg.
[CWE-570] V560: A part of conditional exp
http: fix "part of conditional expression is always false"
[CWE-570] V560: A part of conditional expression is always false: conn->bits.authneg.
[CWE-570] V560: A part of conditional expression is always false: conn->handler->protocol & (0 | 0).
https://pvs-studio.com/en/docs/warnings/v560/
Closes #10399
show more ...
|
| 63c53ea6 | 02-Feb-2023 |
Daniel Stenberg |
urlapi: skip the extra dedotdot alloc if no dot in path
Saves an allocation for many/most URLs.
Updates test 1395 accordingly
Closes #10403 |
| 67115824 | 01-Feb-2023 |
Stefan Eissing |
connections: introduce http/3 happy eyeballs
New cfilter HTTP-CONNECT for h3/h2/http1.1 eyeballing.
- filter is installed when `--http3` in the tool is used (or
the equivalent CURL
connections: introduce http/3 happy eyeballs
New cfilter HTTP-CONNECT for h3/h2/http1.1 eyeballing.
- filter is installed when `--http3` in the tool is used (or
the equivalent CURLOPT_ done in the library)
- starts a QUIC/HTTP/3 connect right away. Should that not
succeed after 100ms (subject to change), a parallel attempt
is started for HTTP/2 and HTTP/1.1 via TCP
- both attempts are subject to IPv6/IPv4 eyeballing, same
as happens for other connections
- tie timeout to the ip-version HAPPY_EYEBALLS_TIMEOUT
- use a `soft` timeout at half the value. When the soft timeout
expires, the HTTPS-CONNECT filter checks if the QUIC filter
has received any data from the server. If not, it will start
the HTTP/2 attempt.
HTTP/3(ngtcp2) improvements.
- setting call_data in all cfilter calls similar to http/2 and vtls filters
for use in callback where no stream data is available.
- returning CURLE_PARTIAL_FILE for prematurely terminated transfers
- enabling pytest test_05 for h3
- shifting functionality to "connect" UDP sockets from ngtcp2
implementation into the udp socket cfilter. Because unconnected
UDP sockets are weird. For example they error when adding to a
pollset.
HTTP/3(quiche) improvements.
- fixed upload bug in quiche implementation, now passes 251 and pytest
- error codes on stream RESET
- improved debug logs
- handling of DRAIN during connect
- limiting pending event queue
HTTP/2 cfilter improvements.
- use LOG_CF macros for dynamic logging in debug build
- fix CURLcode on RST streams to be CURLE_PARTIAL_FILE
- enable pytest test_05 for h2
- fix upload pytests and improve parallel transfer performance.
GOAWAY handling for ngtcp2/quiche
- during connect, when the remote server refuses to accept new connections
and closes immediately (so the local conn goes into DRAIN phase), the
connection is torn down and a another attempt is made after a short grace
period.
This is the behaviour observed with nghttpx when we tell it to shut
down gracefully. Tested in pytest test_03_02.
TLS improvements
- ALPN selection for SSL/SSL-PROXY filters in one vtls set of functions, replaces
copy of logic in all tls backends.
- standardized the infof logging of offered ALPNs
- ALPN negotiated: have common function for all backends that sets alpn proprty
and connection related things based on the negotiated protocol (or lack thereof).
- new tests/tests-httpd/scorecard.py for testing h3/h2 protocol implementation.
Invoke:
python3 tests/tests-httpd/scorecard.py --help
for usage.
Improvements on gathering connect statistics and socket access.
- new CF_CTRL_CONN_REPORT_STATS cfilter control for having cfilters
report connection statistics. This is triggered when the connection
has completely connected.
- new void Curl_pgrsTimeWas(..) method to report a timer update with
a timestamp of when it happend. This allows for updating timers
"later", e.g. a connect statistic after full connectivity has been
reached.
- in case of HTTP eyeballing, the previous changes will update
statistics only from the filter chain that "won" the eyeballing.
- new cfilter query CF_QUERY_SOCKET for retrieving the socket used
by a filter chain.
Added methods Curl_conn_cf_get_socket() and Curl_conn_get_socket()
for convenient use of this query.
- Change VTLS backend to query their sub-filters for the socket when
checks during the handshake are made.
HTTP/3 documentation on how https eyeballing works.
TLS improvements
- ALPN selection for SSL/SSL-PROXY filters in one vtls set of functions, replaces
copy of logic in all tls backends.
- standardized the infof logging of offered ALPNs
- ALPN negotiated: have common function for all backends that sets alpn proprty
and connection related things based on the negotiated protocol (or lack thereof).
Scorecard with Caddy.
- configure can be run with `--with-test-caddy=path` to specify which caddy to use for testing
- tests/tests-httpd/scorecard.py now measures download speeds with caddy
pytest improvements
- adding Makfile to clean gen dir
- adding nghttpx rundir creation on start
- checking httpd version 2.4.55 for test_05 cases where it is needed. Skipping with message if too old.
- catch exception when checking for caddy existance on system.
Closes #10349
show more ...
|
| b7aaf074 | 01-Feb-2023 |
Daniel Stenberg |
CODEOWNERS: remove the peeps mentioned as CI owners
These owners do not have the bandwidth/energy to do the reviews which
makes PRs stall and this ownership claim flawed. We can bring pe
CODEOWNERS: remove the peeps mentioned as CI owners
These owners do not have the bandwidth/energy to do the reviews which
makes PRs stall and this ownership claim flawed. We can bring people
back when the situation is different.
Follow-up to c04c78ac87c4d46737934345a
Closes #10386
show more ...
|
