#
32101010 |
| 22-Mar-2024 |
Stefan Eissing |
tls: use shared init code for TCP+QUIC Closes #13172
|
#
77b0571c |
| 13-Mar-2024 |
Stefan Eissing |
http: revisit http_perhapsrewind() - use facilities provided by client readers better - work also for non-uploading requests like GET/HEAD - update documentation Closes #131
http: revisit http_perhapsrewind() - use facilities provided by client readers better - work also for non-uploading requests like GET/HEAD - update documentation Closes #13117
show more ...
|
#
3829759b |
| 08-Dec-2023 |
Viktor Szakats |
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]
build: enable missing OpenSSF-recommended warnings, with fixes https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html as of 2023-11-29 [1]. Enable new recommended warnings (except `-Wsign-conversion`): - enable `-Wformat=2` for clang (in both cmake and autotools). - add `CURL_PRINTF()` internal attribute and mark functions accepting printf arguments with it. This is a copy of existing `CURL_TEMP_PRINTF()` but using `__printf__` to make it compatible with redefinting the `printf` symbol: https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94 - fix `CURL_PRINTF()` and existing `CURL_TEMP_PRINTF()` for mingw-w64 and enable it on this platform. - enable `-Wimplicit-fallthrough`. - enable `-Wtrampolines`. - add `-Wsign-conversion` commented with a FIXME. - cmake: enable `-pedantic-errors` the way we do it with autotools. Follow-up to d5c0351055d5709da8f3e16c91348092fdb481aa #2747 - lib/curl_trc.h: use `CURL_FORMAT()`, this also fixes it to enable format checks. Previously it was always disabled due to the internal `printf` macro. Fix them: - fix bug where an `set_ipv6_v6only()` call was missed in builds with `--disable-verbose` / `CURL_DISABLE_VERBOSE_STRINGS=ON`. - add internal `FALLTHROUGH()` macro. - replace obsolete fall-through comments with `FALLTHROUGH()`. - fix fallthrough markups: Delete redundant ones (showing up as warnings in most cases). Add missing ones. Fix indentation. - silence `-Wformat-nonliteral` warnings with llvm/clang. - fix one `-Wformat-nonliteral` warning. - fix new `-Wformat` and `-Wformat-security` warnings. - fix `CURL_FORMAT_SOCKET_T` value for mingw-w64. Also move its definition to `lib/curl_setup.h` allowing use in `tests/server`. - lib: fix two wrongly passed string arguments in log outputs. Co-authored-by: Jay Satiro - fix new `-Wformat` warnings on mingw-w64. [1] https://github.com/ossf/wg-best-practices-os-developers/blob/56c0fde3895bfc55c8a973ef49a2572c507b2ae1/docs/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C%2B%2B.md Closes #12489
show more ...
|
#
8706b680 |
| 13-Dec-2023 |
Stefan Eissing |
lib: eliminate `conn->cselect_bits` - use `data->state.dselect_bits` everywhere instead - remove `bool *comeback` parameter as non-zero `data->state.dselect_bits` will indicate tha
lib: eliminate `conn->cselect_bits` - use `data->state.dselect_bits` everywhere instead - remove `bool *comeback` parameter as non-zero `data->state.dselect_bits` will indicate that IO is incomplete. Closes #12512
show more ...
|
#
bc8509a7 |
| 07-Nov-2023 |
Sam James |
misc: fix -Walloc-size warnings GCC 14 introduces a new -Walloc-size included in -Wextra which gives: ``` src/tool_operate.c: In function ‘add_per_transfer’: src/tool_operat
misc: fix -Walloc-size warnings GCC 14 introduces a new -Walloc-size included in -Wextra which gives: ``` src/tool_operate.c: In function ‘add_per_transfer’: src/tool_operate.c:213:5: warning: allocation of insufficient size ‘1’ for type ‘struct per_transfer’ with size ‘480’ [-Walloc-size] 213 | p = calloc(sizeof(struct per_transfer), 1); | ^ src/var.c: In function ‘addvariable’: src/var.c:361:5: warning: allocation of insufficient size ‘1’ for type ‘struct var’ with size ‘32’ [-Walloc-size] 361 | p = calloc(sizeof(struct var), 1); | ^ ``` The calloc prototype is: ``` void *calloc(size_t nmemb, size_t size); ``` So, just swap the number of members and size arguments to match the prototype, as we're initialising 1 struct of size `sizeof(struct ...)`. GCC then sees we're not doing anything wrong. Closes #12292
show more ...
|
#
47f5b1a3 |
| 04-Sep-2023 |
Stefan Eissing |
lib: introduce struct easy_poll_set for poll information Connection filter had a `get_select_socks()` method, inspired by the various `getsocks` functions involved during the lifetime of
lib: introduce struct easy_poll_set for poll information Connection filter had a `get_select_socks()` method, inspired by the various `getsocks` functions involved during the lifetime of a transfer. These, depending on transfer state (CONNECT/DO/DONE/ etc.), return sockets to monitor and flag if this shall be done for POLLIN and/or POLLOUT. Due to this design, sockets and flags could only be added, not removed. This led to problems in filters like HTTP/2 where flow control prohibits the sending of data until the peer increases the flow window. The general transfer loop wants to write, adds POLLOUT, the socket is writeable but no data can be written. This leads to cpu busy loops. To prevent that, HTTP/2 did set the `SEND_HOLD` flag of such a blocked transfer, so the transfer loop cedes further attempts. This works if only one such filter is involved. If a HTTP/2 transfer goes through a HTTP/2 proxy, two filters are setting/clearing this flag and may step on each other's toes. Connection filters `get_select_socks()` is replaced by `adjust_pollset()`. They get passed a `struct easy_pollset` that keeps up to `MAX_SOCKSPEREASYHANDLE` sockets and their `POLLIN|POLLOUT` flags. This struct is initialized in `multi_getsock()` by calling the various `getsocks()` implementations based on transfer state, as before. After protocol handlers/transfer loop have set the sockets and flags they want, the `easy_pollset` is *always* passed to the filters. Filters "higher" in the chain are called first, starting at the first not-yet-connection one. Each filter may add sockets and/or change flags. When all flags are removed, the socket itself is removed from the pollset. Example: * transfer wants to send, adds POLLOUT * http/2 filter has a flow control block, removes POLLOUT and adds POLLIN (it is waiting on a WINDOW_UPDATE from the server) * TLS filter is connected and changes nothing * h2-proxy filter also has a flow control block on its tunnel stream, removes POLLOUT and adds POLLIN also. * socket filter is connected and changes nothing * The resulting pollset is then mixed together with all other transfers and their pollsets, just as before. Use of `SEND_HOLD` is no longer necessary in the filters. All filters are adapted for the changed method. The handling in `multi.c` has been adjusted, but its state handling the the protocol handlers' `getsocks` method are untouched. The most affected filters are http/2, ngtcp2, quiche and h2-proxy. TLS filters needed to be adjusted for the connecting handshake read/write handling. No noticeable difference in performance was detected in local scorecard runs. Closes #11833
show more ...
|
#
117c9bd9 |
| 12-Oct-2023 |
Stefan Eissing |
http2: header conversion tightening - fold the code to convert dynhds to the nghttp2 structs into a dynhds internal method - saves code duplication - pacifies compiler analyzer
http2: header conversion tightening - fold the code to convert dynhds to the nghttp2 structs into a dynhds internal method - saves code duplication - pacifies compiler analyzers Closes #12097
show more ...
|
#
3b6d18bb |
| 03-Oct-2023 |
Viktor Szakats |
spelling: fix codespell 2.2.6 typos Closes #12019
|
#
34cdcb9b |
| 15-Sep-2023 |
Stefan Eissing |
openssl: improve ssl shutdown handling - If SSL shutdown is not finished then make an additional call to SSL_read to gather additional tracing. - Fix http2 and h2-proxy filter
openssl: improve ssl shutdown handling - If SSL shutdown is not finished then make an additional call to SSL_read to gather additional tracing. - Fix http2 and h2-proxy filters to forward do_close() calls to the next filter. For example h2 and SSL shutdown before and after this change: Before: Curl_conn_close -> cf_hc_close -> Curl_conn_cf_discard_chain -> ssl_cf_destroy After: Curl_conn_close -> cf_hc_close -> cf_h2_close -> cf_setup_close -> ssl_cf_close Note that currently the tracing does not show output on the connection closure handle. Refer to discussion in #11878. Ref: https://github.com/curl/curl/discussions/11878 Closes https://github.com/curl/curl/pull/11858
show more ...
|
#
bb4032a1 |
| 06-Sep-2023 |
Stefan Eissing |
http: h1/h2 proxy unification - use shared code for setting up the CONNECT request when tunneling, used in HTTP/1.x and HTTP/2 proxying - eliminate use of Curl_buffer_send() and ot
http: h1/h2 proxy unification - use shared code for setting up the CONNECT request when tunneling, used in HTTP/1.x and HTTP/2 proxying - eliminate use of Curl_buffer_send() and other manipulations of `data->req` or `data->state.ulbuf` Closes #11808
show more ...
|
#
48ba5d90 |
| 21-Sep-2023 |
Viktor Szakats |
cmake: fix unity symbol collisions in h2 builds Regression from 331b89a319d0067fa1e6441719307cfef9c7960f Reviewed-by: Daniel Stenberg Reviewed-by: Jay Satiro Closes #11912
|
#
f6e5435c |
| 18-Sep-2023 |
Daniel Stenberg |
h2-proxy: remove left-over mistake in drain_tunnel() Left-over from 331b89a319 Reported-by: 南宫雪珊 Closes https://github.com/curl/curl/pull/11877
|
#
331b89a3 |
| 29-Aug-2023 |
Stefan Eissing |
http2: polish things around POST - added test cases for various code paths - fixed handling of blocked write when stream had been closed inbetween attempts - re-enabled DEBUGAS
http2: polish things around POST - added test cases for various code paths - fixed handling of blocked write when stream had been closed inbetween attempts - re-enabled DEBUGASSERT on send with smaller data size - in debug builds, environment variables can be set to simulate a slow network when sending data. cf-socket.c and vquic.c support * CURL_DBG_SOCK_WBLOCK: percentage of send() calls that should be answered with a EAGAIN. TCP/UNIX sockets. This is chosen randomly. * CURL_DBG_SOCK_WPARTIAL: percentage of data that shall be written to the network. TCP/UNIX sockets. Example: 80 means a send with 1000 bytes would only send 800 This is applied to every send. * CURL_DBG_QUIC_WBLOCK: percentage of send() calls that should be answered with EAGAIN. QUIC only. This is chosen randomly. Closes #11756
show more ...
|
#
d50fe6be |
| 25-Aug-2023 |
Viktor Szakats |
lib: fix null ptr derefs and uninitialized vars (h2/h3) Fixing compiler warnings with gcc 13.2.0 in unity builds. Assisted-by: Jay Satiro Assisted-by: Stefan Eissing Closes
lib: fix null ptr derefs and uninitialized vars (h2/h3) Fixing compiler warnings with gcc 13.2.0 in unity builds. Assisted-by: Jay Satiro Assisted-by: Stefan Eissing Closes #11739
show more ...
|
#
bc7c4996 |
| 25-Aug-2023 |
John Bampton |
misc: fix spelling Closes #11733
|
#
e12b39e1 |
| 03-Aug-2023 |
Stefan Eissing |
trace: make tracing available in non-debug builds Add --trace-config to curl Add curl_global_trace() to libcurl Closes #11421
|
#
4a67b23f |
| 31-Jul-2023 |
Viktor Szakats |
cmake: fixup H2 duplicate symbols for unity builds Closes #11550
|
#
a05cce74 |
| 27-Jul-2023 |
Stefan Eissing |
http2: fix in h2 proxy tunnel: progress in ingress on sending - depending on what is tunneled, the proxy may never get invoked for receiving data explicitly. Not progressing ingress ma
http2: fix in h2 proxy tunnel: progress in ingress on sending - depending on what is tunneled, the proxy may never get invoked for receiving data explicitly. Not progressing ingress may lead to stalls due to missed WINDOW_UPDATEs. CI: - add a chache for building mod_h2 Closes #11527
show more ...
|
#
873b958d |
| 22-Jun-2023 |
Stefan Eissing |
http2: h2 and h2-PROXY connection alive check fixes - fix HTTP/2 check to not declare a connection dead when the read attempt results in EAGAIN - add H2-PROXY alive check as for HT
http2: h2 and h2-PROXY connection alive check fixes - fix HTTP/2 check to not declare a connection dead when the read attempt results in EAGAIN - add H2-PROXY alive check as for HTTP/2 that was missing and is needed - add attach/detach around Curl_conn_is_alive() and remove these in filter methods - add checks for number of connections used in some test_10 proxy tunneling tests Closes #11368
show more ...
|
#
65937f0d |
| 19-Jun-2023 |
Stefan Eissing |
HTTP/2: upload handling fixes - fixes #11242 where 100% CPU on uploads was reported - fixes possible stalls on last part of a request body when that information could not be fully
HTTP/2: upload handling fixes - fixes #11242 where 100% CPU on uploads was reported - fixes possible stalls on last part of a request body when that information could not be fully send on the connection due to an EAGAIN - applies the same EGAIN handling to HTTP/2 proxying Reported-by: Sergey Alirzaev Fixed #11242 Closes #11342
show more ...
|
#
fd306e55 |
| 16-Jun-2023 |
Jay Satiro |
lib: fix some format specifiers - Use CURL_FORMAT_CURL_OFF_T where %zd was erroneously used for some curl_off_t variables. - Use %zu where %zd was erroneously used for some si
lib: fix some format specifiers - Use CURL_FORMAT_CURL_OFF_T where %zd was erroneously used for some curl_off_t variables. - Use %zu where %zd was erroneously used for some size_t variables. Prior to this change some of the Windows CI tests were failing because in Windows 32-bit targets have a 32-bit size_t and a 64-bit curl_off_t. When %zd was used for some curl_off_t variables then only the lower 32-bits was read and the upper 32-bits would be read for part or all of the next specifier. Fixes https://github.com/curl/curl/issues/11327 Closes https://github.com/curl/curl/pull/11321
show more ...
|
#
3f8fc257 |
| 09-May-2023 |
Viktor Szakats |
cmake: add support for "unity" builds Aka "jumbo" or "amalgamation" builds. It means to compile all sources per target as a single C source. This is experimental. You can enable
cmake: add support for "unity" builds Aka "jumbo" or "amalgamation" builds. It means to compile all sources per target as a single C source. This is experimental. You can enable it by passing `-DCMAKE_UNITY_BUILD=ON` to cmake. It requires CMake 3.16 or newer. It makes builds (much) faster, allows for better optimizations and tends to promote less ambiguous code. Also add a new AppVeyor CI job and convert an existing one to use "unity" mode (one MSVC, one MinGW), and enable it for one macOS CI job. Fix related issues: - add missing include guard to `easy_lock.h`. - rename static variables and functions (and a macro) with names reused across sources, or shadowed by local variables. - add an `#undef` after use. - add a missing `#undef` before use. - move internal definitions from `ftp.h` to `ftp.c`. - `curl_memory.h` fixes to make it work when included repeatedly. - stop building/linking curlx bits twice for a static-mode curl tool. These caused doubly defined symbols in unity builds. - silence missing extern declarations compiler warning for ` _CRT_glob`. - fix extern declarations for `tool_freq` and `tool_isVistaOrGreater`. - fix colliding static symbols in debug mode: `debugtime()` and `statename`. - rename `ssl_backend_data` structure to unique names for each TLS-backend, along with the `ssl_connect_data` struct member referencing them. This required adding casts for each access. - add workaround for missing `[P]UNICODE_STRING` types in certain Windows builds when compiling `lib/ldap.c`. To support "unity" builds, we had to enable `SCHANNEL_USE_BLACKLISTS` for Schannel (a Windows `schannel.h` option) _globally_. This caused an indirect inclusion of Windows `schannel.h` from `ldap.c` via `winldap.h` to have it enabled as well. This requires `[P]UNICODE_STRING` types, which is apperantly not defined automatically (as seen with both MSVS and mingw-w64). This patch includes `<subauth.h>` to fix it. Ref: https://github.com/curl/curl/runs/13987772013 Ref: https://dev.azure.com/daniel0244/curl/_build/results?buildId=15827&view=logs&jobId=2c9f582d-e278-56b6-4354-f38a4d851906&j=2c9f582d-e278-56b6-4354-f38a4d851906&t=90509b00-34fa-5a81-35d7-5ed9569d331c - tweak unity builds to compile `lib/memdebug.c` separately in memory trace builds to avoid PP confusion. - force-disable unity for test programs. - do not compile and link libcurl sources to libtests _twice_ when libcurl is built in static mode. KNOWN ISSUES: - running tests with unity builds may fail in cases. - some build configurations/env may not compile in unity mode. E.g.: https://ci.appveyor.com/project/curlorg/curl/builds/47230972/job/51wfesgnfuauwl8q#L250 Ref: https://github.com/libssh2/libssh2/issues/1034 Ref: https://cmake.org/cmake/help/latest/prop_tgt/UNITY_BUILD.html Ref: https://en.wikipedia.org/wiki/Unity_build Closes #11095
show more ...
|
#
127eb0d8 |
| 21-May-2023 |
Daniel Stenberg |
misc: fix spelling mistakes Reported-by: musvaage on github Fixes #11171 Closes #11172
|
#
54ce13d3 |
| 20-May-2023 |
Daniel Stenberg |
lib: rename struct 'http_req' to 'httpreq' Because FreeBSD 14 kidnapped the name. Ref: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271526 Fixes #11163 Closes #11164
|
#
fc2f1e54 |
| 14-Apr-2023 |
Stefan Eissing |
http2: support HTTP/2 to forward proxies, non-tunneling - with `--proxy-http2` allow h2 ALPN negotiation to forward proxies - applies to http: requests against a https: proxy only,
http2: support HTTP/2 to forward proxies, non-tunneling - with `--proxy-http2` allow h2 ALPN negotiation to forward proxies - applies to http: requests against a https: proxy only, as https: requests will auto-tunnel - adding a HTTP/1 request parser in http1.c - removed h2h3.c - using new request parser in nghttp2 and all h3 backends - adding test 2603 for request parser - adding h2 proxy test cases to test_10_* scorecard.py: request scoring accidentally always run curl with '-v'. Removed that, expect double numbers. labeller: added http1.* and h2-proxy sources to detection Closes #10967
show more ...
|