When a user supplies an IP address to use for the HAPROXY protocol,
the IP version reported must be deduced from the address and has
no relation to the IP version used for the upstream connection.
Add test3220 to verify.
Fixes#21340
Reported-by: Fiona Klute
Closes#21341
Support HTTPS records in dnsd that have ALPN preferences.
Add pytest test_22_* to verify that HTTPS record ALPN
preferencces take effect if the HTTPS resolve arrives in time.
Fix HTTPS eyeballing use of timeouts for second attempt. Also,
make an initial HTTP/1.1 attempt switch off HTTP/2.
Closes#21329
Test has been flaky due to not waiting for the test server to be
listening. On slow CI systems, the started thread is late and the curl
command gets a refused connection.
Closes#21337
Seen on `ubuntu-slim` runners.
Also:
- extend to two jobs to `ls -l` package sources on both ubuntu-latest,
ubuntu-24.04-arm, and ubuntu-slim.
- drop former stray apt source `ondrej-ubuntu-php-noble.sources`.
It's no longer present on the image.
Closes#21344
Add new internal `curl_url_same_origin()` to check if a href has the
same origin as a base URL. Add test cases in test1675 and use this in
http2 push handling.
Closes#21328
The function libssh2_userauth_keyboard_interactive_ex() calls the
callback and is documented to call free() on the memory returned to
libssh2 from the callback. libcurl can therefore not use the regular
curlx_strdup() for this, as that is not compatible in debug builds or
when curl_global_init_mem() is used.
Fixes#21336Closes#21338
- make sure all UNITTEST prototypes mark in which unit test they are used,
with "@unittest" markup
- make sure all UNITTEST functions do not use Curl_ prefix, as that is a
prefix we use for global private functions and these functions are static
and therefore not global and the prefix is wrong
- drop UNITTEST for functions not used in unit tests
- make the extract-unit-protos script highlight the above issues if found
- extract-unit-protos now also outputs the unit test number for all the
generated protos in lib/unitprotos.h to aid readers. It also adds the source
file and line number where the proto originates from.
- extract-unit-protos now exits with a non-zero value if any of the above
warnings are triggered
- cf-dns: Curl_cf_dns_result => static cf_dns_result
- hostip: Curl_ipv6works => static ipv6works
- url: remove Curl_setup_conn() - not used anymore
- connect: Curl_timeleft_now_ms => UNITTEST timeleft_now_ms
Closes#21330
This fixes the torture failures in 1675
Also, make it allocate the scheme *after* the path has been verified, so
that it is avoided in the common error cases.
Fixes#21326Closes#21324
- rename version env to stay compatible with Renovate `matchStrings`.
- also switch to manual bumps.
Bump rule was wrong, and deemed not worthy the complexity to fix.
Closes#21319
To make it scoped for the single request appropriately.
Reported-by: Muhamad Arga Reksapati
Verify with libtest 2504: a custom Host *disabled* on reused handle
Closes#21312
Add "Delay-A: ms", "Delay-AAAA: ms" and "Delay-HTTPS: ms" to the test
dnsd config and implement delayed response handling.
Add test_21_09 and test_21_10 to check that delayed responses connect
using the undelayed address family.
Closes#21299
Use a dns connection filter to resolve hostnames where their addresses
are locally resolved and forwarded to the SOCKS proxy.
This makes all improvements, like in #21295 for example, also apply
to socks connections. Curl_resolv() is now only called from a DNS
filter.
(ftp still calls Curl_resolv_blocking() in two places, one of which
may be replaceable with a DNS filter as well to remove the block, tbd)
Closes#21297
There is no reason we should treat this part different on Windows. Noe
anything except blank, localhost or 127.0.0.1 cause error there as well.
Also: fix query handling in urlencode_str
Closes#21296
- enable three checks:
- bugprone-invalid-enum-default-initialization
- bugprone-sizeof-expression
- readability-inconsistent-declaration-parameter-name (strict)
- fix remaining discrepancies with arg names in prototypes
and implementation, in strict mode.
- document reason for some checks tested but not enabled.
Closes#20794
- examples: sync debug output printf masks.
- INSTALL-CMAKE.md: tidy up section for some options.
- curl_sha512_256: delete comment suggesting an optimization.
- vtls/keylog: scope a variable.
- vtls/openssl: make a source code URL a permalink.
- vtls/schannel: drop redundant parentheses.
- test1119.pl: robustify `$1` -> `$s`.
- sync arg names in comments to match the code.
- tidy up and minor fixes to comments.
- fix formatting/indenting/comment/newline/include nits.
- move `UNITTEST` protos next to definitions, sync their argument names.
- make variables static.
- add parentheses to Perl `open()` calls.
- drop unnecessary double quotes in Perl.
- clang-format.
Closes#21000
When a user supplied an ip address in a URL as hostname, use that even
when address family restrictions like -4 or -6 are set.
Add test_10_15/16 to verify with a local proxy server.
Fixes#21146
Reported-by: Terrance Wong
How:
- cf-dns: on see the hostname is an ip(v6) address, add the respective
A/AAAA to the dns query bits
- cf-dns/hostip: only hand out addrinfos for a family if that family
is part of the DNS queries. That prevents for example ipv6 addresses
to show up from dns cache entries
- change cf-ip-happy to no longer check for "ip_version" and instead
use all addresses that cf-dns hands out
Closes#21295
Fix http auth to set the `picked` auth when sending the corresponding
headers. Fix reporting Digest as avail.
Fixes#21274
Reported-by: sergio-nsk on github
Closes#21284
