romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-15 03:31:41 +03:00
Code Issues Projects Releases Packages Wiki Activity
curl/docs
History
Viktor Szakats c07a7f6bf8
runtests: detect bad libssh differently for test 1459 (fixing CircleCI libssh job) 
test 1459 "SFTP with corrupted known_hosts" was seen failing in the past.
To fix it, the test was automatically disabled when detecting libssh
0.9.3 or older, as in the curl CircleCI job, running on Ubuntu 20.04.
This work for a long time, until bumping the CircleCI runner to Ubuntu
22.04 (to have OpenSSL 3), where the test was running again, and failing
with the isssue seen in the past.

- Test skipped with Ubuntu 20.04 (libssh 0.9.3):
  https://app.circleci.com/pipelines/github/curl/curl/16445/workflows/7f198763-e0b0-4037-9245-4c4b40ab8726/jobs/155164
- Failure seen with Ubuntu 22.04 (libssh 0.9.6):
  https://app.circleci.com/pipelines/github/curl/curl/16452/workflows/b817a808-0fd4-40b0-8eb0-d064926efe12/jobs/155206?invite=true#step-107-211709_45
- Failure seen with Ubuntu 24.04 (libssh 0.10.6):
  https://app.circleci.com/pipelines/github/curl/curl/16455/workflows/86c631f1-3c5f-4438-b398-3df2bdab5d20/jobs/155218

Turns out the issue issue isn't libssh 0.9.3 itself, but
a CircleCI-specific default configuration in `/etc/ssh/ssh_config`:
```
# BEGIN ANSIBLE MANAGED BLOCK
Host *
StrictHostKeyChecking no     <------ this particular line
HashKnownHosts no
SendEnv LANG LC_*
# END ANSIBLE MANAGED BLOCK
```

libssh will consult configuration files on hard-coded default system
locations and alter its behavior based on settings found in them.

This libssh behavior is present in all supported versions:
5a2abd34ce
https://gitlab.com/libssh/libssh-mirror/-/tags/libssh-0.9.0

It means the existing disable logic based on libssh version worked by
coincidence, and what needs to be checked is these configurations
to decide if it's safe to run the test. Another, simpler option is
to also accept the result code 67, though in that case the test
wouldn't actually test what we want, but would pass anyway.

With the old `oldlibssh` workaround deleted, and the problematic setting
manually overridden (`StrictHostKeyChecking yes`):
- CircleCI Ubuntu 20.04 passes with 1459 enabled:
  https://app.circleci.com/pipelines/github/curl/curl/16483/workflows/87a9f389-76a2-4a32-acde-c0b411a4c842/jobs/155302
- CircleCI Ubuntu 22.04 does too:
  https://app.circleci.com/pipelines/github/curl/curl/16483/workflows/87a9f389-76a2-4a32-acde-c0b411a4c842/jobs/155303

To fix, replace the `runtests` `oldlibssh` detection logic to parse
libssh config files (instead of checking for libssh version) and disable
test 1459 based on that. Notice the detection is making a light attempt
to parse these files, and does not implement most config file features
(such as includes, quoted values and `=` operator.)

The new runtests workaround tests OK with the:
- default CircleCI configuration, disabling 1459 automatically.
- a sudoless configuration fix, with 1459 run successfully.
  Also keep setting this option in CircleCI jobs.
- a sudo configuration fix, with 1459 run successfully.
Ref: https://app.circleci.com/pipelines/github/curl/curl/16492/workflows/56f39335-97ba-412c-9a9b-3d662694375a

GHA jobs are not affected and they work fine, with 1459 running successfully
before and after this patch.

It's possible the libssh API offers ways to control config file use
and/or set the strict host checking option programatically. Maybe
to enable in debug mode (albeit CircleCI job are not debug-enabled),
or offer an option for them. It may be something for a future patch.

Follow-up to 23540923e1 #8622
Follow-up to 4b01a57c95 #8548
Follow-up to bdc664a640 #8490
Follow-up to 7c140f6b2d #8444

Ref: 6d9c5c91b9 #19549

Closes #19557
2025-11-16 23:28:44 +01:00
..
cmdline-opts limit-rate: add example using --limit-rate and --max-time together 2025-11-14 17:09:07 +01:00
examples build: drop Windows CE / CeGCC support 2025-11-15 15:35:23 +01:00
internals scorecard: add perf support on linux 2025-10-14 16:24:35 +02:00
libcurl docs: fix checksrc warning, fix checkdocs CI filter 2025-11-14 17:32:04 +01:00
tests runtests: detect bad libssh differently for test 1459 (fixing CircleCI libssh job) 2025-11-16 23:28:44 +01:00
.gitignore docs: add RELEASE-TOOLS.md.dist to .gitignore 2024-07-01 22:49:55 +02:00
ALTSVC.md docs: bring back ALTSVC.md and HSTS.md 2024-12-09 09:32:19 +01:00
BINDINGS.md badwords: re-sync with curl-www, fix issues found 2025-11-12 00:53:44 +01:00
BUG-BOUNTY.md tidy-up: URLs 2025-09-23 00:34:46 +02:00
BUGS.md docs: fix two typos 2025-07-01 22:53:04 +02:00
CIPHERS-TLS12.md docs: update CIPHERS.md 2024-08-12 23:35:56 +02:00
CIPHERS.md tidy-up: update MS links, allow long URLs via checksrc 2025-09-20 11:49:23 +02:00
CMakeLists.txt tests: move test docs into /docs 2025-05-28 15:00:03 +02:00
CODE_OF_CONDUCT.md reuse: add copyright + license info to individual docs/*.md files 2024-03-31 12:01:18 +02:00
CODE_REVIEW.md docs: fix broken link in CODE_REVIEW.md 2025-06-21 10:32:06 +02:00
CONTRIBUTE.md badwords: re-sync with curl-www, fix issues found 2025-11-12 00:53:44 +01:00
curl-config.md docs: minor edits to please the new spellchecker regime 2025-02-27 13:15:21 +01:00
CURL-DISABLE.md cmake: document -D and env build options 2024-10-24 23:06:40 +02:00
CURLDOWN.md misc: fix typos 2025-07-12 08:59:44 +02:00
DEPRECATE.md DEPRECATE.md: move OpenSSL to past removals (fixup) 2025-11-15 22:33:13 +01:00
DISTROS.md badwords: re-sync with curl-www, fix issues found 2025-11-12 00:53:44 +01:00
EARLY-RELEASE.md reuse: add copyright + license info to individual docs/*.md files 2024-03-31 12:01:18 +02:00
ECH.md ECH.md: make OpenSSL branch clone instructions work 2025-10-26 01:19:12 +02:00
EXPERIMENTAL.md docs/EXPERIMENTAL.md: add a mention of HTTPSRR as experimental 2025-01-16 19:41:42 +01:00
FAQ badwords: re-sync with curl-www, fix issues found 2025-11-12 00:53:44 +01:00
FEATURES.md FEATURES.md: fix typo 2024-08-23 08:46:09 +02:00
GOVERNANCE.md reuse: add copyright + license info to individual docs/*.md files 2024-03-31 12:01:18 +02:00
HELP-US.md reuse: add copyright + license info to individual docs/*.md files 2024-03-31 12:01:18 +02:00
HISTORY.md HISTORY: extend 2025-11-04 16:25:28 +01:00
HSTS.md docs: bring back ALTSVC.md and HSTS.md 2024-12-09 09:32:19 +01:00
HTTP-COOKIES.md tidy-up: URLs 2025-09-23 00:34:46 +02:00
HTTP3.md HTTP3: clarify the status for "old" OpenSSL, not current 2025-10-20 09:07:12 +02:00
HTTPSRR.md tidy-up: URLs 2025-09-23 00:34:46 +02:00
INFRASTRUCTURE.md docs: fix two typos 2025-07-01 22:53:04 +02:00
INSTALL INSTALL: converted to markdown => INSTALL.md 2016-10-21 15:57:29 +02:00
INSTALL-CMAKE.md cmake: adjust defaults for target platforms not supporting shared libs 2025-11-09 17:56:20 +01:00
INSTALL.md build: drop support for VS2008 (Windows) 2025-11-15 15:56:19 +01:00
INTERNALS.md openssl: bump minimum OpenSSL version to 3.0.0 2025-11-15 15:56:31 +01:00
IPFS.md badwords: re-sync with curl-www, fix issues found 2025-11-12 00:53:44 +01:00
KNOWN_BUGS KNOWN_BUGS: SOCKS-SSPI discards the security context 2025-10-17 17:45:06 +02:00
MAIL-ETIQUETTE.md GHA: silence proselint warnings and an error 2024-10-15 16:44:17 +02:00
Makefile.am dist: do not distribute CI.md 2025-09-15 11:15:31 +02:00
MANUAL.md docs: use valid example domain names 2025-02-09 00:17:05 +01:00
mk-ca-bundle.md curldown: make 'added-in:' a mandatory header field 2024-07-18 18:04:09 +02:00
options-in-versions tool_getparam: add --knownhosts 2025-10-06 13:41:22 +02:00
README.md reuse: add copyright + license info to individual docs/*.md files 2024-03-31 12:01:18 +02:00
RELEASE-PROCEDURE.md RELEASE-PROCEDURE.md: drop the _newslog edit mention 2025-09-08 11:12:47 +02:00
ROADMAP.md CI: add whitespace checker 2024-06-27 13:33:30 +02:00
runtests.md tests: replace remaining CR bytes with the new macro %CR 2025-11-06 20:45:45 +01:00
RUSTLS.md tidy-up: URLs 2025-09-23 00:34:46 +02:00
SECURITY-ADVISORY.md reuse: add copyright + license info to individual docs/*.md files 2024-03-31 12:01:18 +02:00
SPONSORS.md SPONSORS.md: clarify that we don't promise goods or services 2025-02-05 23:40:24 +01:00
SSL-PROBLEMS.md spelling: 'a' vs 'an' 2025-05-30 11:38:35 +02:00
SSLCERTS.md ssl: support Apple SecTrust configurations 2025-10-03 12:02:23 +02:00
testcurl.md scripts: fix to quote the copyright email address 2025-07-12 08:59:44 +02:00
THANKS THANKS: add contributors from 8.17.0 2025-11-05 07:57:28 +01:00
THANKS-filter RELEASE-NOTES: synced 2025-11-05 14:12:23 +01:00
TheArtOfHttpScripting.md docs: use lowercase curl and libcurl 2025-01-02 17:15:54 +01:00
TODO TODO: improve code for large MQTT payloads 2025-11-09 11:53:39 +01:00
URL-SYNTAX.md URL-SYNTAX.md: drop link to codepoints.net to pass linkcheck 2025-08-12 10:26:21 +02:00
VERSIONS.md VERSIONS: 8.18.0 is now pending 2025-11-05 08:00:05 +01:00
VULN-DISCLOSURE-POLICY.md VULN-DISCLOSURE-POLICY: make it pass test 1275 2025-09-07 12:39:44 +02:00
wcurl.md wcurl: import v2025.11.04 2025-11-04 14:15:46 +01:00

README.md

curl logo

Documentation

You find a mix of various documentation in this directory and subdirectories, using several different formats. Some of them are not ideal for reading directly in your browser.

If you would rather see the rendered version of the documentation, check out the curl website's documentation section for general curl stuff or the libcurl section for libcurl related documentation.