romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-06-14 14:45:38 +03:00
Code Issues Projects Releases Packages Wiki Activity
36049 commits 20 branches 229 tags 262 MiB
Commit graph

36049 commits

This branch
This branch
All branches
Author SHA1 Message Date
Viktor Szakats
8622c655e0
http3-linux.yml drop redundant packages from build-cache job 2025-09-10 23:15:45 +02:00
Viktor Szakats
f594b0b8cb
drop test dep from dep build prereq 2025-09-10 22:32:09 +02:00
Viktor Szakats
886214adf8
cleanup 2025-09-10 22:32:09 +02:00
Viktor Szakats
3d67e70516
try fixing gnutls builds more 
```
-- Checking for module 'gnutls'
--   Package 'p11-kit-1', required by 'gnutls', not found
```
https://github.com/curl/curl/actions/runs/17609591155/job/50028459850?pr=18509
 2025-09-10 22:32:09 +02:00
Viktor Szakats
642d57578e
windows tweak 
another option would be to switch to clang_rt compiler runtime.
but lets try this first.
 2025-09-10 22:32:09 +02:00
Viktor Szakats
effc7f61e7
Revert "GHA/linux: drop libnghttp2-dev as a test prereq" 
This reverts commit 4e42fdb5fc31e94d4b6eae70f145fe70769421fb.
 2025-09-10 22:32:09 +02:00
Viktor Szakats
4753a65847
GHA/windows: try reducing linux packages 2025-09-10 22:32:09 +02:00
Viktor Szakats
52d48f4391
install nettle for gnutls jobs 2025-09-10 22:32:09 +02:00
Viktor Szakats
88ff6db9c1
install test deps only for jobs running tests 2025-09-10 22:32:09 +02:00
Viktor Szakats
8e78ed5f40
GHA/linux: drop libnghttp2-dev as a test prereq 2025-09-10 22:32:09 +02:00
Viktor Szakats
01979bb55c
restore apache2-dev 2025-09-10 22:32:09 +02:00
Viktor Szakats
05d77575c6
drop curl deps from build stage 2025-09-10 22:32:09 +02:00
Viktor Szakats
5bc5f2ce45
drop servers from build stage 2025-09-10 22:32:09 +02:00
Viktor Szakats
35e8dcb846
drop apache2-dev no longer used 2025-09-10 22:32:09 +02:00
Viktor Szakats
131e32558a
drop redundant packages 2025-09-10 22:32:09 +02:00
Viktor Szakats
36fbf5dcf5
move quiche build to build-cache job 2025-09-10 22:32:09 +02:00
Viktor Szakats
7f13f764b0
drop dupe package 2025-09-10 22:32:09 +02:00
Viktor Szakats
4e0cfb3b17
drop dupe package 2025-09-10 22:32:08 +02:00
Viktor Szakats
3ba74c4395
curl_mem_undef.h: limit to CURLDEBUG for non-memalloc overrides 
To fix non-`CURLDEBUG` builds on 32-bit AIX, where `fopen` is a system
macro.

Ref: #18502
Ref: https://github.com/curl/curl/pull/18502/commits/793a375ce3002454599ffe2d7b561b6340103306

Follow-up to 3bb5e58c10 #17827
Reported-by: Andrew Kirillov
Fixes #18510
Closes #18514
 2025-09-10 13:08:54 +02:00
Daniel Stenberg
31f0f0a060
RELEASE-NOTES: synced 
and bump include/curl/curlver.h
 2025-09-10 12:54:59 +02:00
Stefan Eissing
a782867c9f
curl_easy_getinfo: error code on NULL arg 
When passing an address to curl_easy_getinfo to retrieve a value and the
address is NULL, return CURLE_BAD_FUNCTION_ARGUMENT instead of
CURLE_UNKNOWN_OPTION.

Closes #18512
 2025-09-10 12:44:25 +02:00
Stefan Eissing
80ac5fb2ec
easy_getinfo: check magic, Curl_close safety 
Check the easy handles magic in calls to curl_easy_getinfo().
In Curl_close() clear the magic after DNS shutdown since we'd
like to see tracing for this.
When clearing the magic, also clear the verbose flag so we
no longer call DEBUGFUNCTION on such a handle.

Closes #18511
 2025-09-10 12:06:16 +02:00
Ethan Everett
f4758cd524
quic: ignore EMSGSIZE on receive 
Some OSes (Linux, macOS, more?) will generate an EMSGSIZE socket error
on the next recv all after receiving an ICMP Packet Too Big on an
unconnected UDP socket.

These can be safely ignored as QUIC's DPLPMTUD uses MTU probes that do
not rely on receiving ICMP packets.

Closes #18505
 2025-09-10 11:51:25 +02:00
Daniel Stenberg
11b991232f
RELEASE-NOTES: synced 
curl 8.16.0 release
 2025-09-10 07:43:09 +02:00
Daniel Stenberg
bee4ee6141
VERSIONS: update past versions 2025-09-10 07:43:09 +02:00
Daniel Stenberg
85ba1b8067
THANKS: names from the 8.16.0 cycle 2025-09-10 07:41:00 +02:00
Viktor Szakats
61759a9843
pytest: bind to localhost 
Pointed out by CodeQL

Fixes https://github.com/curl/curl/security/code-scanning/298

Closes #18506
 2025-09-10 00:55:07 +02:00
renovate[bot]
82449d4d91
GHA: update github/codeql-action digest to d3678e2 
Closes #18507
 2025-09-09 23:47:41 +02:00
Viktor Szakats
c70f7b7a7c
GHA/codeql: scan GHA workflows and Python 
Closes #18504
 2025-09-09 21:51:09 +02:00
renovate[bot]
522c991336
Dockerfile: update debian:bookworm-slim Docker digest to df52e55 
Closes #18499
 2025-09-09 15:28:00 +02:00
Viktor Szakats
9863599d69
lib: introduce CURL_ACCEPT() 
To avoid overriding the system symbol `accept`, which is a macro on some
systems (AIX), and thus can't be called via the `(function)` PP trick.

It's also problematic to reset such macro to its original value.

Follow-up to 3bb5e58c10 #17827
Reported-by: Andrew Kirillov
Fixes #18500
Closes #18501
Closes #18502
 2025-09-09 15:17:34 +02:00
Daniel Stenberg
f8ff233cdf
_ENVIRONMENT.md: document NETRC 
Follow-up to 378713deb2

Closes #18497
 2025-09-08 22:45:30 +02:00
Daniel Stenberg
32909591d2
docs: put <> within backticks in titles 
To render better markdown. Make managen warn if present "unticked" and
unescaped.

Closes #18498
 2025-09-08 22:42:53 +02:00
Stefan Eissing
e3c06ccc66
vquic: replace assert 
Replace the hard assert in case not all data is send on UDP
(which should never happen), with an error return.

Closes #18495
 2025-09-08 16:05:27 +02:00
Daniel Stenberg
84db7a9eae
ws: get a new mask for each new outgoing frame 
Reported-by: Calvin Ruocco
Closes #18496
 2025-09-08 16:04:16 +02:00
Andrew
7c9878ff0c
curl_setup.h: include limits.h before testing for #ifndef SSIZE_MAX 
Ref: 93f333c18f #18426 #18406
Fixes #18493
Closes #18494
 2025-09-08 14:52:55 +02:00
Daniel Stenberg
07a688135d
KNOWN_BUGS: OpenSSL-QUIC problems on google.com 
Closes #18336
Closes #18492
 2025-09-08 11:45:33 +02:00
Daniel Stenberg
34fd7e8d2d
RELEASE-PROCEDURE.md: drop the _newslog edit mention 
Because that file has now been removed from the website repository
 2025-09-08 11:12:47 +02:00
Daniel Stenberg
455afa1de5
RELEASE-PROCEDURE.md: remove some old release dates, add some new 2025-09-08 10:14:12 +02:00
Daniel Stenberg
3b2cfa55a0
mailmap: unify on James 2025-09-08 09:26:22 +02:00
Viktor Szakats
93bc523541
GHA/linux: run on .md file changes 
To execute runtests on Markdown files. E.g. test 1275.

Bug: https://github.com/curl/curl/pull/18486#issuecomment-3263681032

Closes #18487
 2025-09-07 22:21:04 +02:00
Viktor Szakats
7f7db9e372
lib: fix broken link in comment 2025-09-07 19:19:05 +02:00
Viktor Szakats
10e9d512e5
BINDINGS: point a link to archive.org 
The original website is hosting different content now.

Closes #18489
 2025-09-07 18:59:11 +02:00
Viktor Szakats
ce62f0f9a1
VULN-DISCLOSURE-POLICY: make it pass test 1275 
```
test 1275...[Verify capital letters after period in markdown files]
 ../../docs/VULN-DISCLOSURE-POLICY.md:426:55:error: lowercase daily after period
 * regular communication from communication leader (ex. daily update)
```
Ref: https://github.com/curl/curl/actions/runs/17527331816/job/49779555753?pr=18485

Also: add ending slashes to 2 URLs.

Follow-up to 6905370df5 #18483
Closes #18486
 2025-09-07 12:39:44 +02:00
Viktor Szakats
b85cb8cb4e
openldap: fix -Wtentative-definition-compat 
It's a `-Weverything` warning that appeared in llvm/clang 21.

```
lib/openldap.c:1297:19: warning: duplicate declaration of 'ldapsb_tls' is invalid in C++ [-Wtentative-definition-compat]
 1297 | static Sockbuf_IO ldapsb_tls =
      |                   ^
lib/openldap.c:499:19: note: previous declaration is here
  499 | static Sockbuf_IO ldapsb_tls;
      |                   ^
```

Reported-by: correctmost on github
Fixes #18470
Cherry-picked from #18477
Closes #18485
 2025-09-07 12:36:44 +02:00
Jim Fuller
6905370df5
docs: add major incident section to vuln disclosure policy 
Closes #18483
 2025-09-06 12:20:45 +02:00
Daniel Stenberg
6420c52294
RELEASE-NOTES: synced 2025-09-06 12:12:55 +02:00
Stefan Eissing
0b09132877
websocket: handling of PONG frames 
The auto PONG frames were inserted into the connection at the time
a PING had been decoded, irregardless if an upstream frame was just
in the middle of being assembled.

Add PONG frames only to the buffer if there is no frame currently
assemebled and, if it is, set the control frame aside. This control
frame is then added on the first opportunity of a "clean" send buffer.

There is only a single control frame set aside at a time. This means
a double PING will, when the PONG cannot be sent right away, only
send the last PONG.

I imagine this is fine. We want to prevent the endless buffering of
PONG frames on a connection where the server sends but does no receives.

Reported-by: Calvin Ruocco
Fixes #16706
Closes #18479
 2025-09-05 13:17:39 +02:00
renovate[bot]
4c0da28231 gha: Update actions/labeler action to v6 2025-09-04 13:03:47 -07:00
Viktor Szakats
ec9cb618a0
spacecheck: warn for 3+ empty lines in a row, fix fallouts 
Closes #18478
 2025-09-04 20:37:51 +02:00