unify error handeling
do less when retrying
reorgenizing works?
less agressive merging of retry and fail
formating
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
removed comment
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
small fix
Update docs/libcurl/symbols-in-versions
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
Update lib/multi.c
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
Update lib/multi.c
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
removing residual?
fixing nasty include order bug
include order seems to still be an issue
Remove empty line
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
Update tests/data/Makefile.am
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
Apply suggestions from code review
whitespace stuff
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
more whitspace fixes
more docs changed
pull request fixes
(note that CI requires that symbols-in-versions be something that it should not be)
moving to new curl version
better documentation
try and see maybe async is destroyed properly now?
removed whitespace
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
Update docs/libcurl/opts/CURLOPT_ALTSVC_CTRL.md
"-" uses insteadvof space
Co-authored-by: Viktor Szakats <vszakats@users.noreply.github.com>
better handeling of the recovering and checking whether or not to recover
- Avoid checking what's always true. The ftpcode pointer is always
passed in, so use it.
- Simplified an indent level somewhat
- Split out two functions from the state machine
Closes#18403
This function returned error on MANY places, each with its own cleanup
sequence and by the look of it almost all of them were incomplete,
making them leak resources on errors.
This take now gotos to the error label where it cleans everything up
before returning error. This also simplifies the function a lot.
Closes#18315
- schannel: apply BoringSSL workaround to AWS-LC too.
Affects Schannel + AWS-LC MultiSSL builds. (not tested in CI)
Ref: 274940d743#2643#2634
- curl_ntlm_core: deduplicate macro defines.
- curl_ntlm_core: document version thresholds for an AWS-LC-specific
workaround.
It was necessary between v1.2.0 2022-09-01 and v1.30.1 2024-06-21.
No longer necessary since v1.31.0 2024-07-01:
ba94617d99
Follow-up to 34ef4fab22#10320
- lib758: drop redundant OpenSSL version guards.
`OPENSSL_VERSION_NUMBER > 3` automatically guards against LibreSSL,
BoringSSL and AWS-LC.
Ref: https://github.com/curl/curl/pull/18288/commits/6ddd8f2c0bbfcb0847b1ee7f257fb772fa47310c
Follow-up to a5f0ab7995#18288
- dllmain, curl_sha512_256: formatting.
Closes#18387
- use wakeup sockets non-locked.
- send wakeup notify only in normal control flow (not cancel). close
wakeup sockets in unlink only.
- remove 5ms thread lifetime wait crutch before pthread_cancel().
Closes#18380
- drop `ALLOW_RENEG` undocumented (insecure) build-time option.
- drop unnecessary check for `OPENSSL_VERSION_NUMBER`.
It's present in all supported OpenSSL versions and forks.
Follow-up to 80c10c5d5d#18351
Follow-up to 59311bd3df#3293#3283Closes#18359
- cancel thread waits until thread start is at least 5ms in the past
to give it some time to get its cancellation setup in place
- cancel thread without holding the mutex. It's supposed to be an
async operation, but better be safe
- set DEFERRED cancel state explicitly, should be default in a pthread,
but better be safe
Closes#18350
- assume:
- `BIO_CTRL_EOF`
- `SSL_CTRL_SET_MSG_CALLBACK`
- `SSL_CTRL_SET_MSG_CALLBACK`
- `SSL_CTRL_SET_TLSEXT_HOSTNAME`
- `SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER`
- `SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS`
- `SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG`
- `SSL_OP_NO_COMPRESSION`
- `SSL_OP_NO_TICKET`
- `X509_V_FLAG_PARTIAL_CHAIN`
- `X509_V_FLAG_TRUSTED_FIRST`
They are present in all supported OpenSSL (and fork) versions.
- replace `SSL_ERROR_WANT_EARLY` with `SSL_ERROR_WANT_CLIENT_HELLO_CB`.
The former appeared in OpenSSL 1.1.1-dev, but renamed before
the stable release.
- document support for macros:
- `ENGINE_CTRL_GET_CMD_FROM_NAME`
- `SSL_ERROR_WANT_ASYNC_JOB`
- `SSL_ERROR_WANT_ASYNC`
- `SSL2_VERSION_MAJOR`
- `TLS1_3_VERSION`
- drop legacy fallback for `CONF_MFLAGS_DEFAULT_SECTION`.
It was there for OpenSSL 0.9.8 support.
- fix `SSL_CTRL_SET_MSG_CALLBACK` accidentally serving as a guard for
OpenSSL (and forks) as a whole.
Tested OK with OpenSSL 1.0.2 and 1.1.0 in CI.
Closes#18351
Add optional detail to `Curl_resolver_error()` to add to failure message
where available. This makes, for c-ares, the reason for a failed
resource available to the user without extra trace config.
When "dns" tracing enabled, print the c-ares server config at the start
of a resolve.
Closes#18251
Add a flag `thrd_don` to assess if the resolving thread has finished and
only destroy the context when *both* ref_count reaches 0 and thrd_done
is true.
Closes#18345
When the thread started is too fast, the signal will come before the
wait. Add an additional check before the wait to catch the thread
having started or already ended.
Closes#18344
- During handshake, do not require reading more data if unprocessed
encrypted data that may be a complete TLS record is already available.
- During handshake, check that the socket is writeable before processing
encrypted data that may require an immediate reply to the server.
These two fixes are for issues that were found during renegotiation
testing but could affect any handshake.
Prior to this change it was possible in some abnormal network conditions
for the Schannel TLS handshake procedure to erroneously wait or error.
Ref: https://github.com/curl/curl/pull/18125
Closes https://github.com/curl/curl/pull/18323
It had a typo, but it wasn't causing an issue, because `TLS1_3_VERSION`
is enough to detect this feature and the version check remained unused.
Follow-up to 0d3b5937b3#16477
Cherry-picked from #18330Closes#18333
Changed strategy to start up and terminate resolver thread.
When starting up:
Start the thread with mutex acquired, wait for signal from thread that
it started and has incremented the ref counter. Thread set
pthread_cancel() to disabled before that and only enables cancelling
during resolving itself. This assure that the ref counter is correct and
the unlinking of the resolve context always happens.
When shutting down resolving:
If ref counting shows thread has finished, join it, free everything. If
thread has not finished, try pthread_cancel() (non Windows), but keep
the thread handle around.
When destroying resolving:
Shutdown first, then, if the thread is still there and 'quick_exit' is
not set, join it and free everything. This might occur a delay if
getaddrinfo() hangs and cannot be interrupted by pthread_cancel().
Destroying resolving happens when another resolve is started on an
easy handle or when the easy handle is closed.
Add test795 to check that connect timeout triggers correctly
when resolving is delayed. Add debug env var `CURL_DNS_DELAY_MS`
to simulate delays in resolving.
Fix test1557 to set `quick_exit` and use `xxx.invalid` as domain
instead of `nothing` that was leading to hangers in CI.
Closes#18263
We are destroying the ares channel already when we shutdown
resolving. Querying the pollset afterwards is still happening,
especially in event based processing and needs to work in the
absence of a channel.
Fixes#18317
Reported-by: Natris on github
Closes#18318
Pass curl's memory functions to the nghttp3 and ngtcp2 functions that
allow them. This allows custom memory functions passed by the curl user
to be used in nghttp3 and ngtcp2.
Closes#18196
- remove a superfluous if()
- edit the #ifdef to only do the timeout checks when socketpair support
is missing, as that code flow could not be reached otherways anyway
CodeSonar pointed out possible issue that led me to see this.
Closes#18306
When an application install its own OpenSSL verify callback and that
callback invokes `SSL_set_retry_verify()`, the transfer is automatically
paused and does not progress the connect attempt any further until
unpaused via `curl_easy_pause().
Added test758 to verify.
Ref: #18284
Original PR by @Natris
Bug: https://curl.se/mail/lib-2025-08/0012.htmlCloses#18288
