With this, all test data files are XML-compliant.
Also:
- test1158, test1186: use single quotes for the test filename attribute
containing a double quote. For XML-compliance.
- drop support for unquoted attributes. For XML-compliance.
Closes#19926
Only the TLS 1.2 structure for now since it's simpler, and only has a
single label type. This has the bonus of also testing libressl that only
supports logging keys in TLS 1.2
Closes#19816
To make the test files XML-compliant, and the expected results
possibly easier to manage by keeping them in `.md`, `.html`, `.1`
and `.txt` files.
Non-XML-compliant files are down to 31 (1.6%) after this patch.
Closes#19882
To make the test files XML-compliant, and the expected results
possibly easier to manage by keeping them in `.c` files.
Non-XML-compliant files are down to 36 after this patch.
Also:
- make all macro expansions apply to `%includetext` contents.
Closes#19799
- Stricter cookie validation with earlier rejection of empty/invalid
cookie names
- secure and httponly attributes no longer accept = with empty values
(only bare keywords)
- Validation checks (length, TAB, prefixes) moved into the first
name/value pair block for better code organization
- Deferred time(NULL) calls for better performance when expires/max-age
aren't used
- Simplified loop control flow by removing done flag
- The cookie size restriction now only applies to name + value, not other
parts of the header line.
- Fixed a gcc 4.8.1 quirk
Closes#19868
Clone a multibye conversion function into curlx/fopen, and use that
local copy from curlx/fopen functions. Adjust allocators in curlx/fopen
to use curl's in normal builds, and system allocators in TrackMemory
builds to avoid recursion.
This allows to switch curlx/multibyte functions to curl allocators in
all configurations, as they are no longer called by curlx/fopen, and
a recursive call can no longer happen.
After this patch the system allocator is only used in TrackMemory
Windows builds, within curlx `fopen`, `freopen`, `stat` and `open`
functions.
Also:
- test 1, 440, 767: raise allocation limitsto fit the extra allocations
in Windows Unicode builds.
- replace all uses of `curlx_unicodefree()` macro with `curlx_free()`
across the codebase.
- curlx/multibyte: delete `curlx_unicodefree()`.
- ldap: join Windows and non-Windows codepaths that became
identical after moving from `curlx_unicodefree()` to `curlx_free()`.
- vauth: drop a strdup from standard to curl allocator since
the original allocation is now already done by curl's.
- tool_doswin: drop now superfluous strdup from `FindWin32CACert()`.
- memanalyzer.pm: sync weirdo `calloc` log message with `malloc`'s.
Fixes#19748Closes#19845
Windows 10.17063+ (having unix socket support) fails to set for unix
sockets the `SO_REUSEADDR` option, with error 10045 (`WSAEOPNOTSUPP`),
and also fails to set `SO_KEEPALIVE` with error 10042 (`WSAENOPROTOOPT`).
Fix by not enabling these socket options on Windows for unix sockets.
Also:
- fixing test 1435, 1436 to run in CI.
- fixing the `socksd` test server for test 1467, 1468, 1470. But, also
disable these for now due to another Windows issue: #19825
Ref: https://stackoverflow.com/questions/68791319/unix-domain-socket-bind-failed-in-windows/68794755#68794755
Ref: #19810Closes#19812
To allow replacing `&` characters in `tests/data/test*` files for
XML-compliance.
Also:
- document `%GT`, `%LT`
Follow-up to de49cc89ab#19470Closes#19824
To avoid potentially executing a different Perl than used by the rest
of the build and tests.
Also to be more portable by not relying on shebang support, though these
particular tests require POSIX shell anyway.
Closes#19767
Move check logic from postchecks to `test613.pl`.
To make these test data files XML-compliant.
Also to avoid POSIX/bash-shellisms in postcheck.
Closes#19766
Before this patch curl used the C preprocessor to override standard
memory allocation symbols: malloc, calloc, strdup, realloc, free.
The goal of these is to replace them with curl's debug wrappers in
`CURLDEBUG` builds, another was to replace them with the wrappers
calling user-defined allocators in libcurl. This solution needed a bunch
of workarounds to avoid breaking external headers: it relied on include
order to do the overriding last. For "unity" builds it needed to reset
overrides before external includes. Also in test apps, which are always
built as single source files. It also needed the `(symbol)` trick
to avoid overrides in some places. This would still not fix cases where
the standard symbols were macros. It was also fragile and difficult
to figure out which was the actual function behind an alloc or free call
in a specific piece of code. This in turn caused bugs where the wrong
allocator was accidentally called.
To avoid these problems, this patch replaces this solution with
`curlx_`-prefixed allocator macros, and mapping them _once_ to either
the libcurl wrappers, the debug wrappers or the standard ones, matching
the rest of the code in libtests.
This concludes the long journey to avoid redefining standard functions
in the curl codebase.
Note: I did not update `packages/OS400/*.c` sources. They did not
`#include` `curl_setup.h`, `curl_memory.h` or `memdebug.h`, meaning
the overrides were never applied to them. This may or may not have been
correct. For now I suppressed the direct use of standard allocators
via a local `.checksrc`. Probably they (except for `curlcl.c`) should be
updated to include `curl_setup.h` and use the `curlx_` macros.
This patch changes mappings in two places:
- `lib/curl_threads.c` in libtests: Before this patch it mapped to
libcurl allocators. After, it maps to standard allocators, like
the rest of libtests code.
- `units`: before this patch it mapped to standard allocators. After, it
maps to libcurl allocators.
Also:
- drop all position-dependent `curl_memory.h` and `memdebug.h` includes,
and delete the now unnecessary headers.
- rename `Curl_tcsdup` macro to `curlx_tcsdup` and define like the other
allocators.
- map `curlx_strdup()` to `_strdup()` on Windows (was: `strdup()`).
To fix warnings silenced via `_CRT_NONSTDC_NO_DEPRECATE`.
- multibyte: map `curlx_convert_*()` to `_strdup()` on Windows
(was: `strdup()`).
- src: do not reuse the `strdup` name for the local replacement.
- lib509: call `_strdup()` on Windows (was: `strdup()`).
- test1132: delete test obsoleted by this patch.
- CHECKSRC.md: update text for `SNPRINTF`.
- checksrc: ban standard allocator symbols.
Follow-up to b12da22db1#18866
Follow-up to db98daab05#18844
Follow-up to 4deea9396b#18814
Follow-up to 9678ff5b1b#18776
Follow-up to 10bac43b87#18774
Follow-up to 20142f5d06#18634
Follow-up to bf7375ecc5#18503
Follow-up to 9863599d69#18502
Follow-up to 3bb5e58c10#17827Closes#19626
Description of how this works in `docs/internal/RATELIMITS.ms`.
Notable implementation changes:
- KEEP_SEND_PAUSE/KEEP_SEND_HOLD and KEEP_RECV_PAUSE/KEEP_RECV_HOLD
no longer exist. Pausing is down via blocked the new rlimits.
- KEEP_SEND_TIMED no longer exists. Pausing "100-continue" transfers
is done in the new `Curl_http_perform_pollset()` method.
- HTTP/2 rate limiting implemented via window updates. When
transfer initiaiting connection has a ratelimit, adjust the
initial window size
- HTTP/3 ngtcp2 rate limitin implemnented via ack updates
- HTTP/3 quiche does not seem to support this via its API
- the default progress-meter has been improved for accuracy
in "current speed" results.
pytest speed tests have been improved.
Closes#19384
To override the curl default of 5 minutes (300000 ms).
Sometimes a simple test data change can result in a stuck test, this
option makes it exit with an error early. Possible future use in CI
or fast machines to prevent a single test taking 5 minutes and failing
the whole job.
Example hangers:
tests/data/test65:
```diff
-<data1000 crlf="yes">
+<data1000 crlf="headers">
```
tests/data/tests993:
```diff
-%repeat[1000 x 95 328485%0d%0a]%</data>
+%repeat[1000 x 95 328485%0d%0a]%
+</data>
```
Closes#19319
There are 58 non-compliant files. Mark them with the `notxml` keyword.
Also include the compliant ones in the GHA/checksrc xmllint CI job.
Also:
- delete XML prolog from the 3 test data files that had them.
- FILEFORMAT.md: document the `notxml` keyword.
- FILEFORMAT.md: fix a typo.
Follow-up to de49cc89ab#19470
Follow-up to f3095f0dbd#19528
Follow-up to 87ba80a6dfCloses#19595
Reduce number of files failing `xmllint --format` from 133 to 57 (-76)
(3% of 1894), by replacing `<` and `>` with new macro `%LT` and `%GT`,
in most places, which is in email addresses (192 lines).
Follow-up to a9ec2a676c#19491Closes#19470
Passing the option as-is to libcurl is fine, but checking that the file
exists allows the tool to better provide a helpful message.
This now done for the following options:
--cacert, --crlfile, --knownhosts, --netrc-file, --proxy-cacert amd
--proxy-crlfile
Bonus: bail out properly on OOM errors in the --cert parser.
Reported-by: Wesley Moore
Fixes#19583Closes#19585
There remain some false positives, hits in test data, and `dir` use,
around 100 issues in total.
There is no plan to enforce badwords on tests.
Also:
- badwords.txt: let a few `manpage[s]` occurrences through
(in Perl code).
Closes#19541
test 1459 "SFTP with corrupted known_hosts" was seen failing in the past.
To fix it, the test was automatically disabled when detecting libssh
0.9.3 or older, as in the curl CircleCI job, running on Ubuntu 20.04.
This work for a long time, until bumping the CircleCI runner to Ubuntu
22.04 (to have OpenSSL 3), where the test was running again, and failing
with the isssue seen in the past.
- Test skipped with Ubuntu 20.04 (libssh 0.9.3):
https://app.circleci.com/pipelines/github/curl/curl/16445/workflows/7f198763-e0b0-4037-9245-4c4b40ab8726/jobs/155164
- Failure seen with Ubuntu 22.04 (libssh 0.9.6):
https://app.circleci.com/pipelines/github/curl/curl/16452/workflows/b817a808-0fd4-40b0-8eb0-d064926efe12/jobs/155206?invite=true#step-107-211709_45
- Failure seen with Ubuntu 24.04 (libssh 0.10.6):
https://app.circleci.com/pipelines/github/curl/curl/16455/workflows/86c631f1-3c5f-4438-b398-3df2bdab5d20/jobs/155218
Turns out the issue issue isn't libssh 0.9.3 itself, but
a CircleCI-specific default configuration in `/etc/ssh/ssh_config`:
```
# BEGIN ANSIBLE MANAGED BLOCK
Host *
StrictHostKeyChecking no <------ this particular line
HashKnownHosts no
SendEnv LANG LC_*
# END ANSIBLE MANAGED BLOCK
```
libssh will consult configuration files on hard-coded default system
locations and alter its behavior based on settings found in them.
This libssh behavior is present in all supported versions:
5a2abd34cehttps://gitlab.com/libssh/libssh-mirror/-/tags/libssh-0.9.0
It means the existing disable logic based on libssh version worked by
coincidence, and what needs to be checked is these configurations
to decide if it's safe to run the test. Another, simpler option is
to also accept the result code 67, though in that case the test
wouldn't actually test what we want, but would pass anyway.
With the old `oldlibssh` workaround deleted, and the problematic setting
manually overridden (`StrictHostKeyChecking yes`):
- CircleCI Ubuntu 20.04 passes with 1459 enabled:
https://app.circleci.com/pipelines/github/curl/curl/16483/workflows/87a9f389-76a2-4a32-acde-c0b411a4c842/jobs/155302
- CircleCI Ubuntu 22.04 does too:
https://app.circleci.com/pipelines/github/curl/curl/16483/workflows/87a9f389-76a2-4a32-acde-c0b411a4c842/jobs/155303
To fix, replace the `runtests` `oldlibssh` detection logic to parse
libssh config files (instead of checking for libssh version) and disable
test 1459 based on that. Notice the detection is making a light attempt
to parse these files, and does not implement most config file features
(such as includes, quoted values and `=` operator.)
The new runtests workaround tests OK with the:
- default CircleCI configuration, disabling 1459 automatically.
- a sudoless configuration fix, with 1459 run successfully.
Also keep setting this option in CircleCI jobs.
- a sudo configuration fix, with 1459 run successfully.
Ref: https://app.circleci.com/pipelines/github/curl/curl/16492/workflows/56f39335-97ba-412c-9a9b-3d662694375a
GHA jobs are not affected and they work fine, with 1459 running successfully
before and after this patch.
It's possible the libssh API offers ways to control config file use
and/or set the strict host checking option programatically. Maybe
to enable in debug mode (albeit CircleCI job are not debug-enabled),
or offer an option for them. It may be something for a future patch.
Follow-up to 23540923e1#8622
Follow-up to 4b01a57c95#8548
Follow-up to bdc664a640#8490
Follow-up to 7c140f6b2d#8444
Ref: 6d9c5c91b9#19549Closes#19557
Rename `Curl_timeleft()` to `Curl_timeleft_ms()` to make the units in
the returned `timediff_t` clear. (We used to always have ms there, but
with QUIC started to sometimes calc ns as well).
Rename some assigned vars without `_ms` suffix for clarity as well.
Closes#19486
Overhaul of the internal cookie APIs and an attempt to better return
errors for OOM and similar critical problems, separate from ordinary and
benign parsing problems.
Closes#19493
Some curl command-lines are long, often repetitive, and difficult
to read or write:
Before this patch (1 test == 1 line):
- <=78 characters: 1099 tests
- 79-132 characters: 500 tests
- 133+ characters: 217 tests: patch meant to help with some of these.
After this patch:
- <=78 characters: 1288 lines
- 79-132 characters: 526 lines
- 133+ characters: 190 lines
After this patch it's possible to fold long lines into multiple ones.
Folding can reduce greppability, thus this is primarily useful for cases
when the options are repetitive, e.g. a list of form options, headers,
mail parameters and the like.
Closes#19500
