If so much data is being sent over the internal IPC pipe that the pipe
buffer fills and the syscall blocks, the program will hang. Add an
assert to ensure that this limit is never reached. The buffer size is
going to be different on different platforms, so choose 1KB which is
likely to be a reasonable lower bound on just about any system.
Currently, the maximum amount ever written is <100 bytes, so this should
provide plenty of headroom.
Spotted by Codex Security
Closes#21688
- Fix revoke_best_effort reading wrong ssl config.
Prior to this change the revoke_best_effort setting for the proxy was
wrongly ignored in favor of the same setting for the destination host.
In other words, CURLSSLOPT_REVOKE_BEST_EFFORT set via
CURLOPT_PROXY_SSL_OPTIONS did not apply to the proxy and
CURLSSLOPT_REVOKE_BEST_EFFORT set via CURLOPT_SSL_OPTIONS wrongly
applied to the proxy.
Closes https://github.com/curl/curl/pull/21683
When a transfer gets paused after the connection has been established,
any data sitting in the kernel socket buffers will no longer get read.
Prevent the sockets form being added to the pollsets, because they
will trigger POLLIN endlessly and cause a busy poll loop. Same in event
based processing.
Reported-by: Harry Sintonen
Fixes https://github.com/curl/curl/issues/21671
Closes https://github.com/curl/curl/pull/21675
- Clear credentials on AcquireCredentialsHandle failure so it is not
used on a subsequent call.
SSPI initialization may evaluate the credentials pointer to determine
whether or not a prior call to AcquireCredentialsHandle was successful,
therefore we must clear it on a failed call.
Closes https://github.com/curl/curl/pull/21642
Example:
```
Wed, 20 May 2026 09:51:48 GMT Updating Avalon repository catalogue...
Wed, 20 May 2026 09:51:48 GMT pkg: An error occurred while fetching package: No error
Wed, 20 May 2026 09:51:48 GMT pkg: An error occurred while fetching package: No error
Wed, 20 May 2026 09:51:48 GMT repository Avalon has no meta file, using default settings
Wed, 20 May 2026 09:51:48 GMT pkg: An error occurred while fetching package: No error
Wed, 20 May 2026 09:51:48 GMT pkg: An error occurred while fetching package: No error
Wed, 20 May 2026 09:51:48 GMT pkg: An error occurred while fetching package: No error
Wed, 20 May 2026 09:51:48 GMT pkg: An error occurred while fetching package: No error
Wed, 20 May 2026 09:51:48 GMT Unable to update repository Avalon
Wed, 20 May 2026 09:51:48 GMT Error updating repositories!
Wed, 20 May 2026 09:51:48 GMT Error: Process completed with exit code 3.
```
As tested over at libssh2, retrying the install command also does not
help, only repeats the same failure.
Also: fix whitespace in matrix.
Follow-up to b158d1c9f7#21681Closes#21694
- bump cross-platform-actions to v1.1.0.
Ref: https://github.com/cross-platform-actions/action/releases/tag/v1.1.0
- merge BSD jobs into a single matrix.
- split BSD jobs into build steps as used for other platforms.
A new feature of cross-platform-actions v1.1.0.
- sync BSD build steps with other platforms.
- add DragonFlyBSD and MidnightBSD to the BSD matrix.
New features of cross-platform-actions v1.1.0.
MidnightBSD uses GnuTLS to add variation, also the preinstalled
OpenSSL is too old (v1.1.1w) for curl.
Stick with autotools for DragonFlyBSD; I could not figure out how
to install cmake.
Refs:
https://en.wikipedia.org/wiki/DragonFly_BSDhttps://en.wikipedia.org/wiki/MidnightBSD
- bump Intel FreeBSD jobs from v14.3 to v15.0.
- fix to show `gcc` in the NetBSD job name.
All these saved 50 lines of YAML. The two new jobs take 2m15s each. The
bump to FreeBSD 15 needs and extra minute in total.
Note, the DragonFlyBSD job seems to have reliability issues. If it
remains an issue, I'll comment it out or delete it in a future commit.
Closes#21681
"Lines 244-245 overwrite global variables `$runnerr` and `$runnerw` that
were already assigned in the child process (lines 205-206). In the
parent process context, these assignments appear incorrect and could
cause issues if `runner_init` is called multiple times. The parent
should only store references in the controller hashes."
It could never cause an actual issue, but clarifies the intent of the
code.
Spotted and fixed by GitHub Code Quality
Cherry-picked from #21646Closes#21672
cert_type, key, key_type, key_passwd and key_blob lived in
ssl_config_data but not in ssl_primary_config, so they were invisible to
match_ssl_primary_config() and to the TLS session cache peer key.
Two easy handles sharing a connection pool could reuse each other's
authenticated connections when they differed only on SSLKEY, SSLKEYTYPE,
KEYPASSWD, SSLCERTTYPE or SSLKEYBLOB. The second handle would silently
inherit the first handle's authenticated identity.
Promote all five fields into ssl_primary_config so the conn-reuse
predicate and session cache key cover the complete client credential
set. Also replace the fixed ":CCERT" session cache marker with the
actual clientcert path so sessions are not shared across different
client certificates.
Verified by test 3303 and 3304
Reported-By: Joshua Rogers (AISLE Research)
Closes#21667
When a proxy is set from an environment variable, detect if that proxy
is not the same as previously and flush state.
Verified by test1647: verify changing proxy with env variables and make
sure Digest state is flushed in the second use
Closes#21666
After this patch `://` schemes are lowercase and enclosed in backticks.
Also:
- docs/libcurl/libcurl-multi.md: drop a stray C code fence.
- docs/libcurl/libcurl-tutorial.md: replace single/double quotes with
Markdown markup where applicable.
Ref: #21646Closes#21674
Both are filesystem paths (or case-sensitive hash strings for
pinned_key). curl_strequal is case-insensitive and would treat
/etc/ssl/Crl.pem and /etc/ssl/crl.pem as the same file, unlike the other
path fields (CApath, CAfile, issuercert, clientcert) which already use
Curl_safecmp.
Closes#21668
Masked OAuth bearer tokens in credential trace output by emitting ***
when a bearer token is present, matching the existing password redaction
behavior and preventing sensitive token disclosure in verbose/debug
logs.
Closes#21659
Refactor the netrc scanner. Add test case for checking that the last
matched machine with unmatched login does not return the password as
success (unit1304).
Closes#21624
Curl_ssl_peer_key_make() omitted ssl->signature_algorithms, although
match_ssl_primary_config() compares the field. Two handles differing
only in CURLOPT_SSL_SIGNATURE_ALGORITHMS therefore shared a peer key and
could resume each other's sessions across a shared CURLSH SSL session
cache.
Add :SIGALGS-%s next to the other ssl_primary_config fields.
Closes#21651
When using `-D_CURL_TESTS_CONCAT=ON` with CMake, do not concatenate
`first.h` (or any future header) into the output C file, but `#include`
it instead. This is to play nice with compilers and analyzers which may
apply different checker rules on logic found in headers, vs. the input
source file. As seen for example with `-Wunused-macro` enabled in CI.
After this patch concatenated sources behave closer to regular C
sources.
Also:
- first.h: drop some `-Wunused-macro` silencers that became redundant
with this patch.
Follow-up to 47f411c6d8#21554
Follow-up to 39542f0993#20667Closes#21656
On my suggestion, the regex turned up wrong when looking for Credits-to
in git logs. This adjustment allows the leading spaces.
Follow-up to 64adc43a6eCloses#21655
In both autotools and cmake builds, because Android does not offer
a `zlib.pc`.
Also:
- GHA/non-native: dump config files, to verify.
Reported-by: sfan5 on github
Fixes#21647Closes#21648
The unlinking of the new Curl_peer was happening too later after
the struct had been set to zero. Move the unlink to happen before
that.
Fixes#21602
Reported-by: Joshua Rogers
Closes#21627
Fix a recent regression: when a unix-socket is configured, all proxy
settings must be ignored. The `via_peer` had been checked correctly,
but the connections proxy bits were not cleared.
Add test_11_04 to verify.
Reported-by: Fabian Keil (libcurl mailing list)
Closes#21630
Prior to this patch the test was always skipped due to failing precheck
with `CURLE_BAD_FUNCTION_ARGUMENT`, because of the zero-length blob
passed to setopt. Fix by passing a non-zero long dummy blob as done in
`mk-lib1521.pl`.
Fixing:
```
test 0678 SKIPPED: CURLOPT_CAINFO_BLOB is not supported
```
Follow-up to 956e1ae84f#20705Closes#21641
In AppleSecTrust or NativeCA-enabled builds, make sure override it when
setting a custom `CURLOPT_PROXY_CAINFO_BLOB`.
Reported-by: Joshua Rogers (Aisle Research)
Follow-up to 1730407b74#18279
Follow-up to eefd03c572#18703Closes#21631
