- to avoid dupes.
- missing slashes.
- drop `.git` suffix from GitHub git repo URLs for a few outliers.
- use short YouTube URL like curl-www does.
- sync two RFC doc URLs with others.
Closes#19879
With Schannel and Unicode, `-shallow=13`. It finishes in 12 minutes,
making it the slowest Windows job. It's still on par with torture jobs
on other platforms (though they manage to fit `-shallow=25`).
Also `-shallow=13` still caught leaks in multiple tests.
Also:
- test2300: exclude from CI Windows torture tests.
- experimental.
The downside of going with deeper torture tests, is that it requires
increasing the job timeout. This in turns means that a hung job takes
more minutes to be killed (due to GitHub bugs where a hung step does not
honor the per-step timeout on Windows, another bug where a hung job gets
killed +5 minutes above the workflow timeout, and another bug (or
feature?) where other failed/hung jobs in the the workflow cannot be
restarted till the last job finishes or gets killed. And all this
probably related to a Perl bug which makes it hang on fork errors, which
is turn related to Cygwin/MSYS2 runtime bugs which breaks fork in case
of curl's mixed MSYS2-Perl/native-curl-binaries environment.)
The end result in longer forced waits before being able to restart flaky
jobs, which slows down iterations and annoying.
Also tried:
- non-c-ares job: detected known issues much less often.
- replaced libidn2 with WinIDN: detected known issues much less often.
- runtests -j9-j20 values: did not make a difference.
- other `-shallow` values: 20 is the max feasible, but comes with the
downside described above.
Ref: #19675 (reboot of)
Follow-up to f08417c425#19863Closes#19865
Detected by Windows torture test 1072 (with `-shallow=20/13`),
test 579 (with `-shallow=18/14/13`), and test 1286 (with `-shallow=15`).
```
** MEMORY FAILURE
Leak detected: memory still allocated: 20 bytes
At 1a1e8136328, there is 18 bytes.
allocated by D:/a/curl/curl/lib/curl_sspi.c:133
At 1a1e8139368, there is 2 bytes.
allocated by D:/a/curl/curl/lib/curl_sspi.c:143
1072: torture FAILED: function number 207 in test.
invoke with "-t207" to repeat this single case.
Warning: http2 server unexpectedly alive
```
Ref: https://github.com/curl/curl/actions/runs/20008523913/job/57374427439?pr=19865
Also simplify the code a little.
Cherry-picked from #19865Closes#19866
- Stricter cookie validation with earlier rejection of empty/invalid
cookie names
- secure and httponly attributes no longer accept = with empty values
(only bare keywords)
- Validation checks (length, TAB, prefixes) moved into the first
name/value pair block for better code organization
- Deferred time(NULL) calls for better performance when expires/max-age
aren't used
- Simplified loop control flow by removing done flag
- The cookie size restriction now only applies to name + value, not other
parts of the header line.
- Fixed a gcc 4.8.1 quirk
Closes#19868
To avoid wasting time allocating data for incoming cookies that are
discarded for one reason or another, delay allocations until after
verifications are done.
Closes#19864
This delays the allocating of the cookie struct until after all the
checks have been done, as many cookies are received and discarded
instead of accepted and this then saves one allocation for every
discarded cookie.
Closes#19864
Without this option `wolfSSL_get_app_data()` always returns NULL.
Disable codepaths using it (and its `set` pair) when curl is built
against a wolfSSL library with this option missing.
Fixing:
```
curl: ../../lib/vtls/wolfssl.c:486: wssl_vtls_new_session_cb: Assertion `cf != ((void *)0)' failed.
```
wolfSSL can be built with the `--enable-context-extra-user-data` or
`-DWOLFSSL_EX_DATA` option to enable this feature. Some higher-level
features also enable it automatically like QUIC, ASIO.
Reported-by: Yedaya Katsman
Bug: https://github.com/curl/curl/pull/19816#issuecomment-3606447845
Ref: https://github.com/curl/curl/actions/runs/19871780796/job/56949160740Closes#19852
curl_formget() accepts a user-provided callback function but does not
validate it is non-NULL before calling it. If a caller passes NULL,
the function will crash with SIGSEGV.
Add NULL check at the start of the function to return an appropriate
error code instead of crashing.
Signed-off-by: Robert W. Van Kirk <robert@rwvk.tech>
Closes#19858
On platforms where neither accept4 nor fcntl was available, an
EPRT connection did not send the accepted socket as non-blocking.
This became apparent when TLS was in use and the test receive
on shutdown did simply hang.
Reported-by: Denis Goleshchikhin
Fixes#19753Closes#19851
- URLs specified outside of the markdown []() are now extracted and
checked
- also check TODO, FAQ and KNOWN_BUGS
- more aggressive avoiding to check github.com/curl/curl, all uses of
example domains and some more established URLs on the curl.se site
- list all errors in the end to make them easier to spot in CI logs
Closes#19848
- drop redundant parentheses from macro definitions.
- apply clang-format in some places missed earlier.
- wolfssl: fix a macro guard comment.
- curl_setup.h: drop empty lines
- FAQ: fix C formatting.
Closes#19854
Clone a multibye conversion function into curlx/fopen, and use that
local copy from curlx/fopen functions. Adjust allocators in curlx/fopen
to use curl's in normal builds, and system allocators in TrackMemory
builds to avoid recursion.
This allows to switch curlx/multibyte functions to curl allocators in
all configurations, as they are no longer called by curlx/fopen, and
a recursive call can no longer happen.
After this patch the system allocator is only used in TrackMemory
Windows builds, within curlx `fopen`, `freopen`, `stat` and `open`
functions.
Also:
- test 1, 440, 767: raise allocation limitsto fit the extra allocations
in Windows Unicode builds.
- replace all uses of `curlx_unicodefree()` macro with `curlx_free()`
across the codebase.
- curlx/multibyte: delete `curlx_unicodefree()`.
- ldap: join Windows and non-Windows codepaths that became
identical after moving from `curlx_unicodefree()` to `curlx_free()`.
- vauth: drop a strdup from standard to curl allocator since
the original allocation is now already done by curl's.
- tool_doswin: drop now superfluous strdup from `FindWin32CACert()`.
- memanalyzer.pm: sync weirdo `calloc` log message with `malloc`'s.
Fixes#19748Closes#19845
Change Unix domain socket paths from `/tmp/curl-socksd-<random>` to
`/drive/path/to/LOGDIR/PIDDIR/*-uds` to avoid having to create and
delete them before use. Also to use a path which remains an absolute one
while passed from MSYS2 Perl to native Windows curl tool and test server
via the command-line, and keep pointing to the same location, fixing:
```
=== Start of file commands.log
../src/curl.exe -q --output log/3/curl1468.out --include --trace-ascii log/3/trace1468
--trace-time http://this.is.a.host.name:64405/1468
--proxy socks5h://localhost/tmp/curl-socksd-YnbvRo98 [...]
=== End of file commands.log
=== Start of file socks2_server.log
[...]
14:11:54.597968 Listening on Unix socket D:/a/_temp/msys64/tmp/curl-socksd-YnbvRo98
```
Ref: https://github.com/curl/curl/actions/runs/19896583933/job/57028545111?pr=19812
The curl tool is pending #19825 to fix accepting an absolute unix domain
socket path on Windows.
Assisted-by: Viktor Szakats
Closes#19810
Legacy LDAP means an OpenLDAP-compatible implementation
without the private API `ldap_init_fd()` introduced in OpenLDAP
2.4.6+ (2007-10-31), and not WinLDAP.
One known example is Apple's LDAP build, which is based on
OpenLDAP 2.4.28 (2011-11-25), without providing this private API.
The version query API was introduced around 1998-1999, before
the minimum (2.0 2000-08-01) required by curl.
Follow-up to 3e2a946926#19808Closes#19832
The example code does not use curl_multi_assign(), but its callback
function used socketp (called sockp in the function) to get the struct
priv pointer instead of the correct clientp (cbp).
Reported-by: Greg Hudson
Fixes#19840Closes#19841
Windows 10.17063+ (having unix socket support) fails to set for unix
sockets the `SO_REUSEADDR` option, with error 10045 (`WSAEOPNOTSUPP`),
and also fails to set `SO_KEEPALIVE` with error 10042 (`WSAENOPROTOOPT`).
Fix by not enabling these socket options on Windows for unix sockets.
Also:
- fixing test 1435, 1436 to run in CI.
- fixing the `socksd` test server for test 1467, 1468, 1470. But, also
disable these for now due to another Windows issue: #19825
Ref: https://stackoverflow.com/questions/68791319/unix-domain-socket-bind-failed-in-windows/68794755#68794755
Ref: #19810Closes#19812
