- add a message if a boolean is set to something not 1 or 0 (as it might be
made to mean something else in a future)
- use 's->' in all setopt_* functions
Closes#17887
New multi option CURLMOPT_NETWORK_CHANGED with a long bitmask value:
- CURLM_NWCOPT_CLEAR_CONNS: do not reuse existing connections, close all
idle connections.
- CURLM_NWCOPT_CLEAR_DNS: clear the multi's DNS cache.
All other bits reserved for future extensions.
Fixes#17225
Reported-by: ウさん
Closes#17613
Early mingw-w64 releases missed it, but by requiring v3.0, this is no
longer an issue. Supported Visual Studio SDKs also offer it.
Follow-up to a28f5f68b9#18010Closes#18057
Before curl 8.14.0, when pending was a list, `process_pending_handles()`
move a single transfer to processing. In 8.14.0 we changed that to move
all pending transfers to processing. This lead to unwanted performance
drops as reported in #18017.
Restore the old behaviour.
While the old behviour is better, the overall handling of "pending"
transfers is not optimal, since we do not keep track of the "condition"
a pending transfer is waiting on. This means, when moving a single,
pending transfer, we might move one that still cannot be processed while
another that could is kept pending.
Since we trigger `process_pending_handles()` from various changes, the
stalled pending will eventually make it to the processing queue, but
this is not optimal.
Fixes#18017
Reported-by: rm-rmonaghan on github
Closes#18056
This commit replaces the usage of the old deprecated sftp_async API with
the new sftp_aio API for remote file reading.
Signed-off-by: Eshan Kelkar <eshankelkar@galorithm.com>
Closes#17440
Fixing:
- HTTPS-RR builds with c-ares and Linux MUSL.
- curl-for-win minimal builds with Linux MUSL.
It should fix all other kinds of entaglement between curl's redefintions
of system symbols and system (or 3rd-party) headers sensitive to that.
It also syncs memory override behavior between unity & non-unity builds,
thus reducing build variations.
The idea is to define and declare everything once in `curl_setup.h`,
without overriding any system symbols with curl ones yet. Then, like
before this patch, override them, if necessary, in each source file via
`curl_memory.h` and `memdebug.h`, after including system headers.
To ensure a clean slate with no overrides at the beginning of each
source file, reset all of them unconditionally at the end of
`curl_setup.h`, by including `curl_mem_undef.h`. (This assumes
`curl_setup.h` is always included first, which is already the case
throughout the codebase.)
`curl_mem_undef.h` can also be included explicitly wherever overrides
are causing problems. E.g. in tests which use unity-style builds and
a previously included `curl_memory.h`/`memdebug.h` can be spilling into
other source files.
The simplified role of the two override headers:
- `curl_memory.h`: overrides system memory allocator functions to
libcurl ones, when memory tracing (aka `CURLDEBUG`) is disabled.
- `memdebug.h`: overrides system memory allocator and some other
functions to curl debug functions, when memory tracing is enabled.
Changed made in this patch, step-by-step:
- curl_memory.h: move allocator typedefs and protos to `curl_setup.h`.
- memdebug.h: move `ALLOC_*` macros to `curl_setup.h`.
- memdebug.h: move allocator protos to `curl_setup.h`.
- memdebug.h: move `Curl_safefree()` macro to `curl_setup.h`.
(it's a regular macro, with a one-time, global, definition.)
- curl_memory.h: move system symbol undefs to a new, separate header:
`curl_mem_undef.h`.
- curl_setup.h: include `curl_mem_undef.h` at the end, unconditionally,
to reset system symbol macros after each inclusion.
- handle `sclose()` and `fake_sclose()` in `curl_setup.h`. They are not
system symbols, a one-time definition does the job.
Also:
- GHA/linux: enable unity mode for the HTTP-RR c-ares MUSL job.
Follow-up to 17ab4d62e6#16413
That said, I'd still find it better to avoid redefining system macros.
To communicate clearly the fact that they are not the original system
calls and they do behave differently. And, it would allow dropping the
undef/redef dance in each source file, and maintaining the logic with
it. The "last #include files should be in this order" comments in each
source would also become unnecessary. Also the trick of using
`(func)` (or interim macros) to call the non-overridden function where
required. This method works for printf and most everything else already.
For `_tcsdup`, socket and fopen functions this could work without
disturbing the codebase much.
Ref: #16428 (clean reboot of)
Closes#17827
This patch bumps the size of these macros from `int` to `long`, while
keeping their actual values the same. It may cause incompatibilities in
user code, requiring the bump of holder variables and/or adding casts:
- CURLPROXY_HTTP
- CURLPROXY_HTTP_1_0
- CURLPROXY_HTTPS
- CURLPROXY_HTTPS2
- CURLPROXY_SOCKS4
- CURLPROXY_SOCKS4A
- CURLPROXY_SOCKS5
- CURLPROXY_SOCKS5_HOSTNAME
Also:
- keep existing cast within the documentation to make sure it applies
to older curl versions as well.
Closes#18054
Add a connection filter query to obtained the negotiated ALPN
protocol to check in setup/protocols how the connection needs
to behave.
Remove the members `alpn` and `proxy_alpn` from `connectdata`.
Closes#17947
mingw-w64 3.0 was released on 2013-09-20. Offered by Debian jessie.
1.0 and 2.0 were released in 2011. It seems unlikely that many people
use them. The oldest downloadable toolchain (that I know of) comes with
3.0. Due to this, older versions weren't CI tested, and probably seldom
tested elsewhere. The last bugfix update for both 1.0 and 2.0 was
released in 2015.
curl can now assume availability of these 3.0 features/fixes:
- 64-bit file offsets.
- `ADDRESS_FAMILY` type.
- `__MINGW_PRINTF_FORMAT` macro. (in public curl headers)
Public curl headers keep supporting older mingw-w64 versions.
Fixes#17984Closes#18010
- tests: merge cmake commands.
- tests: use `target_compile_definitions()`.
- tests/server: use generator expression for platform-specific macro.
- tests/unit: sync `Makefile.am` comment with cmake.
- tests/unit: merge two `AM_CPPFLAGS` lines to keep synced with cmake.
- tests: move macro definitions to `first.h` headers from build level.
`CURL_NO_OLDIES`, `CURL_DISABLE_DEPRECATION`, `WITHOUT_LIBCURL`,
`CURL_STATICLIB` (for servers).
To share more logic.
Pass `CURL_STATICLIB` in server on all platforms for simplicity.
(On non-Windows, it's a no-op. It's already done like this with curlu
and libcurltool.)
Also for lib:
- lib: merge commands.
- lib: sync macro order with tests (also in `Makefile.am`).
Closes#17768
Fix compile error when building with `--disable-verbose`.
Adjust pytest to skip when curl is not a debug build but needs
traces.
Follow-up to b453a447ceCloses#18053
Now that multi keeps the "dirty" bitset, the detection of possibly
stalling transfers needs to adapt. Before dirty, transfers needed
to expose a socket to poll or a timer to wait for.
Dirty transfer might no longer have a timer, but will run, so do
not need to report a socket. Adjust the assert condition.
Fixes#18046
Reported-by: Viktor Szakats
Closes#18051
This patch bumps the size of these constants from `int` to `long`, while
keeping their actual values the same. It may cause incompatibilities in
user code, requiring the bump of holder variables and/or adding casts:
- CURLFTP_CREATE_DIR
- CURLFTP_CREATE_DIR_NONE
- CURLFTP_CREATE_DIR_RETRY
- CURLFTPAUTH_DEFAULT
- CURLFTPAUTH_SSL
- CURLFTPAUTH_TLS
- CURLFTPMETHOD_DEFAULT
- CURLFTPMETHOD_MULTICWD
- CURLFTPMETHOD_NOCWD
- CURLFTPMETHOD_SINGLECWD
- CURLFTPSSL_CCC_ACTIVE
- CURLFTPSSL_CCC_NONE
- CURLFTPSSL_CCC_PASSIVE
Also:
- keep existing casts within the documentation to make sure it applies
to older curl versions as well.
Closes#17797
Syncing winbuild and VS Project File builds with the same fix applied
to cmake and autotools builds earlier.
Also fixes these warnings seen in the VisualStudioSolution (VS2013) job
on AppVeyor CI:
```
lib\hostip.c(148): warning C4090: 'function' : different 'const' qualifiers
lib\hostip.c(155): warning C4090: 'function' : different 'const' qualifiers
```
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/52470650/job/gslnjrdxnd8b9mtv#L180
Went unnoticed because warnings are not promoted to error in these builds.
winbuild CI jobs did not hit this warning for some reason.
Follow-up to 8537a5b0bc#16577Closes#18045
Do not declare local inet_pton/inet_ntop implementations when they are
not used. In this case the same symbol is defined as a macro and mapped
to the system implementation.
Syncing this with their definitions.
Closes#18043
When a multiplex connection (h2/h3) is shutdown by the server, the
reported number of parallel transfers allowed drops to 0.
Determine that when the last transfer is done and terminate the
connection instead of keeping it in the cache.
We detect the drop to 0 also when we try to reuse such a connection, but
if we know this at the time the last transfer is done, we better
terminate it right away.
Have a consistent trace logging to this with the connections current
hostname and port. Adjust test expectations to carry port numbers.
Closes#17884
- add 'use warnings' and 'use strict' where missing from Perl scripts.
- fix 'Use of uninitialized value'.
- fix missing declarations.
- test1140.pl: fix 'Possible precedence issue with control flow operator'.
- fix other misc issues.
Most actual errors found during this PR were fixed and merged via
separate PRs.
Likely there are remaining warnings not found and fixed in this PR.
Closes#17877
Collision happens when building with mingw-w64 v3 or v2 while targeting
Vista or newer. `iphlpapi.h` includes `windns.h` in this case, which
defines macros named `DNS_TYPE_*`, colliding with curl doh enums.
The issue was fixed in mingw-w64 v4:
ea95d55e33
Fixes:
```
lib/doh.h:54:3: error: expected identifier before numeric constant
DNS_TYPE_A = 1,
^
```
Ref: https://github.com/curl/curl/actions/runs/16551209676/job/46806303365?pr=18009#step:10:17
This workaround seems harmless and generally good practice, but
another option is to require mingw-w64 v4.
Ref: #18009Closes#18041
This still allows users to explictily ask for 1.0 or 1.1 as the minimum
version. If the TLS library allows it.
Starting with this change, the CURL_SSLVERSION_DEFAULT value is no
longer used as minimum version when the TLS backend are called.
This also makes curl set the minimum version to 1.2 independently of
libcurl for the rare case where a newer curl tool would use an older
libcurl.
URL: https://curl.se/mail/lib-2025-07/0007.html
Assisted-by: Stefan Eissing
Closes#17894
This became an issue after promoting curl compiler warnings to errors in
curl-for-win. The code is correct. It over-allocates a struct to store
variable sized data past its length. Similar code is present in
`lib/smb.c`, silenced earlier.
Seen in linux-musl-debian-testing-gcc curl-for-win builds, gcc 14.2.0,
RISC-V (but not amd64/aarch64), unity, debian:testing (trixie):
musl:
```
In file included from /curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:184:
In function 'Curl_http_req_make',
inlined from 'Curl_http_proxy_create_CONNECT' at /curl/lib/http_proxy.c:252:12:
/curl/lib/http.c:4373:3: error: 'memcpy' offset [137, 142] from the object at 'req' is out of the bounds of
referenced subobject 'method' with type 'char[1]' at offset 136 [-Werror=array-bounds=]
4373 | memcpy(req->method, method, m_len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /curl/lib/urldata.h:182,
from /curl/lib/altsvc.c:32,
from /curl/_r64-linux-musl-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_0_c.c:4:
/curl/lib/http.h: In function 'Curl_http_proxy_create_CONNECT':
/curl/lib/http.h:230:8: note: subobject 'method' declared here
230 | char method[1];
| ^~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16527769182/job/46745369844?pr=18025#step:3:5798
Ref: https://github.com/curl/curl-for-win/actions/runs/16525969694/job/46739239206#step:3:5958
glibc (with unity batch):
```
In file included from /usr/riscv64-linux-gnu/include/string.h:548,
from /curl/lib/curl_setup_once.h:33,
from /curl/lib/curl_setup.h:823,
from /curl/lib/http.c:25,
from /curl/_r64-linux-gnu-bld/lib/CMakeFiles/libcurl_object.dir/Unity/unity_2_c.c:4:
In function 'memcpy',
inlined from 'Curl_http_req_make' at /curl/lib/http.c:4373:3,
inlined from 'Curl_http_proxy_create_CONNECT' at /curl/lib/http_proxy.c:252:12:
/usr/riscv64-linux-gnu/include/bits/string_fortified.h:29:10: error: '__builtin_memcpy' offset [137, 142]
from the object at 'req' is out of the bounds of
referenced subobject 'method' with type 'char[1]' at offset 136 [-Werror=array-bounds=]
29 | return __builtin___memcpy_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
30 | __glibc_objsize0 (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /curl/lib/urldata.h:182,
from /curl/lib/http.c:50:
/curl/lib/http.h: In function 'Curl_http_proxy_create_CONNECT':
/curl/lib/http.h:230:8: note: subobject 'method' declared here
230 | char method[1];
| ^~~~~~
```
Ref: https://github.com/curl/curl-for-win/actions/runs/16538174468/job/46775731055#step:3:5936
Ref: f45df099f3
Follow-up to 14f26f5ee7#16187
Cherry-picked from #18025Closes#18030
```
../../lib/vquic/curl_osslq.c:1091:1: error: missing initializer for field 'recv_origin' of 'nghttp3_callbacks' [-Werror=missing-field-initializers]
1091 | };
| ^
In file included from ../../lib/vquic/curl_osslq.c:33:
/home/runner/nghttp3/build/include/nghttp3/nghttp3.h:2082:23: note: 'recv_origin' declared here
2082 | nghttp3_recv_origin recv_origin;
| ^~~~~~~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16527325587/job/46743893924?pr=18021#step:18:35
Follow-up to 1055144063#18019Closes#18026
Required for mingw-w64 5.x (and older) builds targeting a Windows 7+.
mingw-w64 6+ fixed `mprapi.h` (included indirectly via `iphlpapi.h`)
to include `wincrypt.h` for the missing types.
MSVC is not affected because SDK 7.1a (the oldest MS SDK curl supports),
`mprapi.h` does include `wincrypt.h`.
Make sure to include `wincrypt.h` before including `iphlpapi.h` as
a workaround. `wincrypt.h` is used unconditionally even though it's
not available in UWP. This is safe in this context, because we use
`iphlpapi.h` for `if_nametoindex`, which is not supported and used
in UWP builds.
This fixes auto-detection that missed detecting `if_nametoindex` in
the affected combination, and this build error in non-unity builds:
```
In file included from D:/my-cache/mingw32/i686-w64-mingw32/include/iprtrmib.h:9:0,
from D:/my-cache/mingw32/i686-w64-mingw32/include/iphlpapi.h:17,
from D:/a/curl/curl/lib/url.c:63:
D:/my-cache/mingw32/i686-w64-mingw32/include/mprapi.h:865:3: error: unknown type name 'CERT_NAME_BLOB'
CERT_NAME_BLOB *certificateNames;
^~~~~~~~~~~~~~
D:/my-cache/mingw32/i686-w64-mingw32/include/mprapi.h:887:3: error: unknown type name 'CRYPT_HASH_BLOB'
CRYPT_HASH_BLOB certBlob;
^~~~~~~~~~~~~~~
```
Ref: https://github.com/curl/curl/actions/runs/16497057672/job/46645264552?pr=18012#step:10:140
This combination is not normally tested in CI. It was caught in
the `dl-mingw, CM 6.4.0-i686 schannel !unity Win7` job while working
on another PR.
Follow-up to 0d71b18153#17413
Ref: #18009Closes#18012
This change wasn't good because `config-win32.h` does rely on the UWP
detection result to set `USE_WIN32_CRYPTO` and LDAP macros. While it
fixed one issue, it created another.
It seems better to revert, and focus on reducing and/or eventually
dropping the logic within `config-win32.h` that alters `_WIN32_WINNT`.
It may not be necessary anymore with a minimum of VS2008 (soon VS2010).
The logic is also absent from cmake builds, without causing issues.
Could affect UWP winbuild/project-file builds. These are theoretical
builds because neither build method is prepared to target UWP.
Reverts 792a61e204#17980
Ref: https://github.com/curl/curl/pull/17980#issuecomment-3114462492Closes#18014
- autotools: stop checking for `WINVER` to detect thread-safety.
To sync with implementation in `easy_lock.h` and with cmake.
- replace numeric version with `_WIN32_WINNT_VISTA`.
- `_WIN32_WINNT_VISTA` is always defined via `setup-win32.h`,
don't check for it.
Closes#17981
- vtls: fix unused variable and symbols.
- ftp: fix unused variable.
- http: fix unused variables.
- smtp: fix unsued variable.
- wolfssl: fix unused variable with !proxy.
- libssh: fix unused argument.
- curl_trc: sync guards between declaration and definition.
- curl_trc: add missing guard for `Curl_trc_ssls` when !verbose.
- curl_trc: fix errors with !http + http3.
- curl_trc: fix missing function with !http + nghttp2.
- cf-h2-proxy: disable when !http + nghttp2, to avoid calling undeclared
functions.
- sha256: fix missing declaration in rare configs.
- md4: fix symbol conflict when building GnuTLS together with AWS-LC or
wolfSSL. By prioritizing the latter two. AWS-LC has no option
to disable the clashing symbol. wolfSSL does, but the most seamless is
to skip including GnuTLS's standalone `md4.h` to avoid the clash.
- build: fix errors with !http + nghttp2.
- build: catch !ssl + ssls-export combination in source. Convert
build-level errors to warnings.
- build: fix errors with !http + http3.
- build: fix building curl tool and unit1302 in rare combinations.
By always compiling base64 curlx functions.
- cmake: add `_CURL_SKIP_BUILD_CERTS` internal option.
To disable automatically building certs with the testdeps target.
To improve performance when testing builds.
(used locally to find the failing builds fixed in this PR.)
Closes#17962
Configure curl with `--with-test-sockd=<path to sockd>` for a locally
installed dante sockd server and new `test_40_*` will verify that
down- and uploads work via SOCKS.
Invoke scorecard.py with `--socks4` or `--socks5` to run performance
tests with SOCKS. Note that SOCKS is not supported for HTTP/3.
Ref: #17969Closes#17986
Replace repeat `#ifdef` code with a macro for the return type of
the thread function.
Also:
- always define `CURL_STDCALL`, allowing to use it without guards.
- lib1307: drop single-use macro `CAINFO`.
Closes#17889
- codespell: break logic out into its own runnable script. Allowing
to run it on local machines.
- codespell: install via `pip`, bump to latest version.
- codespell: show version number in CI log.
- codespell: drop no longer needed word exception: `msdos`.
- codespell: include all curl source tree, except `packages` and
`winbuild`. Drop an obsolete file exclusion.
- add new spellchecker job using the `typos` tool. It includes
the codespell dictionary and a couple more. Use linuxbrew to install
it. This takes 10 seconds, while installing via `cargo` from source
would take over a minute.
- codespell: introduce an inline ignore filter compatible with `cspell`
Make `typos` recognize it, too. Move single exceptions inline.
Fix new typos found. Also rename variables and words to keep
spellchecking exceptions at minumum. This involves touching some tests.
Also switch base64 strings to `%b64[]` to avoid false positives.
Ref: https://github.com/crate-ci/typos/blob/master/docs/reference.md
Ref: https://github.com/codespell-project/codespell?tab=readme-ov-file#inline-ignore
Ref: https://github.com/codespell-project/codespell/issues/1212#issuecomment-1721152455
Ref: https://cspell.org/docs/Configuration/document-settingsCloses#17905
When a socket is closed, only inform the application
socket callback about it if the socket had been announced
before to the callback.
Reported-by: yaoy6 on github
Fixes#17949Closes#17950
To fix test 1308 in MultiSSL builds.
Failure was caused by the random number generator virtual function being
NULL, instead of pointing to the implementation in the runtime-selected
TLS backend. This could happen in MultiSSL builds when a functionality
was asking for a random number without triggering a VTLS function table
initialization first. Such functionality is MIME, or form data via MIME.
The reason CI did not catch it in an earlier MultiSSL GHA/windows job,
is that it was a debug-enabled one. In debug-enabled builds the test
runner was overriding the random number generator for all tests.
Fixed this by moving the override to the tests requiring it, via
1fcf22585f#17971, enabling debug builds
to catch this issue.
Enable MultiSSL in two CI jobs, to verify this patch.
Fixing:
```
test 1308...[formpost tests]
libtests returned 44, when expecting 0
1308: exit FAILED
[...]
=== Start of file stderr1308
URL: log/3/test-1308
tests/libtest/lib1308.c:70 Assertion 'res == 0' FAILED: curl_formget returned error
tests/libtest/lib1308.c:72 Assertion 'total_size == 518' FAILED: curl_formget got wrong size back
tests/libtest/lib1308.c:88 Assertion 'res == 0' FAILED: curl_formget returned error
tests/libtest/lib1308.c:89 Assertion 'total_size == 899' FAILED: curl_formget got wrong size back
```
Ref: https://github.com/curl/curl/actions/runs/16387693424/job/46309536359?pr=17963#step:16:2515
Bug: https://github.com/curl/curl/pull/17963#issuecomment-3092282057Closes#17970
- de-complex Curl_gtls_verifyserver() by splitting of static
functions for parts of it.
- follow the `goto out` style with common deallocation code
Closes#17941
