openldap: move the alloc of ldapconninfo to *connect()

Fixes a minor memory leak on LDAP connection reuse.

Doing the allocation already in *setup_connection() is wrong since that

openldap: move the alloc of ldapconninfo to *connect()

Fixes a minor memory leak on LDAP connection reuse.

Doing the allocation already in *setup_connection() is wrong since that
connect struct might get discarded early when an existing connection is
reused instead.

Closes #12166

show more ...

openldap: set the callback argument in oldap_do

... to make sure it has the current 'data' pointer and not a stale old
one.

Reported-by: Dan Fandrich
Closes #12166

gnutls: support CURLSSLOPT_NATIVE_CA

Remove the CURL_CA_FALLBACK logic. That build option was added to allow
primarily OpenSSL to use the default paths for loading the CA certs. For

gnutls: support CURLSSLOPT_NATIVE_CA

Remove the CURL_CA_FALLBACK logic. That build option was added to allow
primarily OpenSSL to use the default paths for loading the CA certs. For
GnuTLS it was instead made to load the "system certs", which is
different and not desirable.

The native CA store loading is now asked for with this option.

Follow-up to 7b55279d1d856

Co-authored-by: Jay Satiro

Closes #12137

show more ...

RTSP: improved RTP parser

- fix HTTP header parsing to report incomplete
lines it buffers as consumed!
- re-implement the RTP parser for interleave RTP
messages for robustnes

RTSP: improved RTP parser

- fix HTTP header parsing to report incomplete
lines it buffers as consumed!
- re-implement the RTP parser for interleave RTP
messages for robustness. It is now keeping its
state at the connection
- RTSP protocol handler "readwrite" implementation
now tracks if the response is before/in/after
header parsing or "in" a bod by calling
"Curl_http_readwrite_headers()" itself. This
allows it to know when non-RTP bytes are "junk"
or HEADER or BODY.
- tested with #12035 and various small receive
sizes where current master fails

Closes #12052

show more ...

http2: header conversion tightening

- fold the code to convert dynhds to the nghttp2 structs
into a dynhds internal method
- saves code duplication
- pacifies compiler analyzer

http2: header conversion tightening

- fold the code to convert dynhds to the nghttp2 structs
into a dynhds internal method
- saves code duplication
- pacifies compiler analyzers

Closes #12097

show more ...

curl_ntlm_wb: fix elif typo

Reported-by: Manfred Schwarb
Follow-up to d4314cdf65ae
Bug: https://github.com/curl/curl/commit/d4314cdf65aee295db627016934bd9eb621ab077#r130551295

test1683: remove commented-out check alternatives

Python precheck/postcheck alternatives were included but commented out.
Since these are not used and perl is guaranteed to be available

test1683: remove commented-out check alternatives

Python precheck/postcheck alternatives were included but commented out.
Since these are not used and perl is guaranteed to be available to run
the perl versions anyway, the Python ones are removed.

show more ...

hostip: show the list of IPs when resolving is done

Getting 'curl.se' today then gets this verbose output which might help
debugging connectivity related matters.

* Host curl.se

hostip: show the list of IPs when resolving is done

Getting 'curl.se' today then gets this verbose output which might help
debugging connectivity related matters.

* Host curl.se:80 was resolved.
* IPv6: 2a04:4e42::347, 2a04:4e42:200::347, 2a04:4e42:400::347,
2a04:4e42:600::347, 2a04:4e42:800::347, 2a04:4e42:a00::347,
2a04:4e42:c00::347, 2a04:4e42:e00::347
* IPv4: 151.101.193.91, 151.101.1.91, 151.101.65.91, 151.101.129.91

Co-authored-by: Jay Satiro
Closes #12145

show more ...

docs: fix function typo in curl_easy_option_next.3

Closes #12170

vssh: remove the #ifdef for Curl_ssh_init, use empty macro

In the same style as other init calls

easy: remove duplicate wolfSSH init call

It is already done in Curl_ssh_init() where it belongs.

Closes #12168

socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice

Fixes #11949
Reported-by: Ammar Faizi
Closes #12163

urldata: move the 'internal' boolean to the state struct

... where all the other state bits for the easy handles live.

Closes #12165

url: don't touch the multi handle when closing internal handles

Reported-by: Maksymilian Arciemowicz
Closes #12165

getenv: PlayStation doesn't have getenv()

Closes #12140

transfer: only reset the FTP wildcard engine in CLEAR state

To avoid the state machine to start over and redownload all the files
*again*.

Reported-by: lkordos on github
Reg

transfer: only reset the FTP wildcard engine in CLEAR state

To avoid the state machine to start over and redownload all the files
*again*.

Reported-by: lkordos on github
Regression from 843b3baa3e3cb228 (shipped in 8.1.0)
Bisect-by: Dan Fandrich
Fixes #11775
Closes #12156

show more ...

GHA: move mod_h2 version in CI to v2.0.25

Closes #12157

ntlm_wb: use pipe instead of socketpair when possible

Closes #12149

RELEASE-NOTES: synced

asyn-thread: use pipe instead of socketpair for IPC when available

If pipe() is present. Less overhead.

Helped-by: Viktor Szakats
Closes #12146

tests: Fix Windows test helper tool search & use it for handle64

The checkcmd() and checktestcmd() functions would not have worked on
Windows due to hard-coding the UNIX PATH separator c

tests: Fix Windows test helper tool search & use it for handle64

The checkcmd() and checktestcmd() functions would not have worked on
Windows due to hard-coding the UNIX PATH separator character and not
adding .exe file extension. This meant that tools like stunnel, valgrind
and nghttpx would not have been found and used on Windows, and
inspection of previous test runs show none of those being found in pure
Windows CI builds.

With this fixed, they can be used to detect the handle64.exe program
before attempting to use it. When handle64.exe was called
unconditionally without it existing, it caused perl to abort the test
run with the error

The running command stopped because the preference variable
"ErrorActionPreference" or common parameter is set to Stop:
sh: handle64.exe: command not found

Closes #12115

show more ...

multi: use pipe instead of socketpair to *wakeup()

If pipe() is present. Less overhead.

Closes #12142

build: fix 'threadsafe' feature detection for older gcc

- Add 'threadsafe' to the feature list shown during build if POSIX
threads are being used.

This is a follow-up to 5adb6

build: fix 'threadsafe' feature detection for older gcc

- Add 'threadsafe' to the feature list shown during build if POSIX
threads are being used.

This is a follow-up to 5adb6000 which added support for building a
thread-safe libcurl with older versions of gcc where atomic is not
available but pthread is.

Reported-by: Dan Fandrich
Co-authored-by: Dan Fandrich

Fixes https://github.com/curl/curl/issues/12125
Closes https://github.com/curl/curl/pull/12127

show more ...

test729: verify socks4a with excessive proxy user name length

socks: better buffer size checks for socks4a user and hostname

Also limit the proxy user name to 255 bytes, which is the same limit as
in SOCKS5.

Reported-by: sd0 on hackerone

socks: better buffer size checks for socks4a user and hostname

Also limit the proxy user name to 255 bytes, which is the same limit as
in SOCKS5.

Reported-by: sd0 on hackerone
Closes #12139

show more ...