... unless it is a POST and the user explicitly asked to keep doing
POST.
Add test1983/1984: verify --follow with 303 and PUT + custom GET
Fixes#20715
Reported-by: Dan Arnfield
Closes#21280
Connection filters can now carry the flag CF_TYPE_SETUP, indicating that
they are only needed during connection setup, e.g. connect.
Once the connection is fully established, those filter are removed
again. This frees resources and also makes the filter (call) chains
shorter.
Closes#21269
When HTTPS-RR is needed for the HTTP/3 handshake, delay the connect
until it arrives. Relevant only for TLS backends that support ECH, for
now.
Closes#21253
Make cf-https-connect work async correctly:
- only start first baller when at least one A/AAAA address
is available
- select first connect attempt after that with HTTPS-RR info
there or not.
- select second connect attempt only when HTTPS-RR is resolved
(may have resolved to "not known") and select possible ALPN
from things known by then. May not select any second attempt
when first already covers everything.
This means when the HTTPS-RR is known at/before the first address
is resolved, everything behaves as before. When the HTTPS-RR is
late, a first connection attempt will have been started. Any
ALPN preference from the HTTPS-RR that is not already ongoing will
then start the second attempt.
For HTTPS-RRs that recommend 2 or more ALPNs, the first will always
be attempted: either it is already ongong or it will be the ALPN
for the second attempt. The 2nd ALPN recommendation from HTTPS-RR
*may* be honored or not, depending on what is already selected.
The difference in behaviour between early/late HTTPS-RR resolve
cannot be helped - unless we do not perform any attempts before
it arrives. Trade offs.
Closes#21267
The making of the TLS session cache key should use the cert blob
independently of verifypeer on/off.
Follow-up to fa0ccd9f1f
Spotted by Codex Security
Closes#21222
There are 69 entries, bsearch is faster than linear search for random
access.
This now also makes the matching case sensitive (zone names always in
uppercase). No docs said otherwise and all tests assumed uppercase.
Extended test 517
Closes#21266
It did not require a full-length match, so empty or prefix tokens map to
ECJPAKE would silently add that cipher to the configured list.
Follow-up to fba9afebba
Reported by Codex Security
Closes#21264
Polish the time2epoch function to become a little more readable.
Corrected the military time zones: they were going in the wrong
direction.
Add more curl_getdate() input varations to test 517
Closes#21251
Introduce a limit on the concurrent connect attempts of 6:
- document this in CURLOPT_HAPPY_EYEBALLS_TIMEOUT_MS
- close the oldest attempt before opening a new one that would
exceed the limit
- closing failed attempts early to avoid sockets use beyong their
usefulness
- add tests for limits in unit2600
These changes are externally visible as file descriptors will be
reassigned where we previously kept the old one around and started a
new socket, allocating always a new descriptor.
Closes#21252
Follow-up to bd3b2a626a
- rename it to myssh_statemachine
- remove the use of ternary operators in the switch
- fix the error handling for if 'sshp' actually ever is NULL
Closes#21250
The pieces of the state machine that were not separate functions before, now
are.
Also removed the use of ternary operators in the function calls.
Follow-up to f0bf43e209Closes#21249
Connections should only be reused when using the same "share" (and
perhaps some additional conditions), but instead of fixing this flaw,
this change completely disables connection reuse for SMB. This protocol
is about to get dropped soon anyway.
Reported-by: Osama Hamad
Closes#21238
Curl_conn_cf_poll did not map adjust_pollset failures to poll-style
errors properly, so error codes were treated as ready events.
Found by Codex Security
Closes#21231
Fixing (dl-mingw, CM 6.4.0-i686 (mingw-w64 5.0.0) schannel !unity):
```
lib/vssh/libssh.c: In function 'myssh_in_SFTP_QUOTE_STATVFS':
lib/vssh/libssh.c:573:31: error: ISO C does not support the 'I' printf flag [-Werror=format=]
char *tmp = curl_maprintf("statvfs:\n"
^~~~~~~~~~~~
lib/vssh/libssh.c:573:31: error: format '%u' expects argument of type 'unsigned int', but argument 2 has type 'uint64_t {aka long long unsigned int}' [-Werror=format=]
lib/vssh/libssh.c:573:31: error: ISO C does not support the 'I' printf flag [-Werror=format=]
[...]
```
Ref: https://github.com/curl/curl/actions/runs/24002480364/job/70000685821
mingw-w64 <=6.0.0 define `PRIu64` like this:
```
./inttypes.h:#define PRIu64 "I64u"
```
Follow-up to 413a0fedd0#12346
Cherry-picked from #21227Closes#21229
When doing line ending conversions, and a chunk contains no '\n', the
function returned early without updating prev_cr to reflect the last
byte. It could then lead to CRLFs sequences not get converted when
occuring right on the boundary border.
Found by Codex Security
Closes#21221
Seen with mingw-w64 i686 gcc 15.2.0 (mingw32):
```
D:/a/curl/curl/lib/vssh/libssh.c: In function 'myssh_in_SFTP_QUOTE_STAT':
D:/a/curl/curl/lib/vssh/libssh.c:1664:13: error: comparison of integer expressions
of different signedness: 'time_t' {aka 'long int'} and 'unsigned int' [-Werror=sign-compare]
1664 | if(date > UINT_MAX)
| ^
cc1.exe: all warnings being treated as errors
```
Ref: https://github.com/curl/curl/actions/runs/23966805891/job/69908216152
Cherry-picked from #21199Closes#21214
Now the logic for handling name duplicates and picking the longest
expiry and strictest subdomain is the same for the callback as for when
reading from file.
Also strip trailing dots from the hostname added by the callback.
A minor side-effect is that the hostname provided by the callback can
now enable subdomains by starting the name with a dot, but we discourage
using such hostnames in documentation.
Amended test 1915 to verify.
Closes#21201
Now that we support multiple async operations at the same transfer,
fix the thread queue cleanup to match not only the mid but also the
resolv_id.
Found by Codex Security
Closes#21202
req.no_body was only initialized in Curl_connect, while HTTP/2 server
push adds a duplicated handle via Curl_multi_add_perform and calls
Curl_init_do with conn==NULL, never invoking Curl_connect.
Verify it by amending test 1620
Found by Codex Security
Closes#21194
Up from 1K.
Reduces the risk that someone could flush the list by tricking a user to
do many transfers to new hostnames.
Document the limit.
Follow-up to 03a792b186Closes#21200
Make sure the string is non-zero before indexing it -1. Right now, the
path is always non-zero length so this is more for (future) safety
reasons.
Closes#21193
To sync names for the same macro logic between lib and src, and to move
it to the curlx namespace, to match `curlx_free()` that it's calling.
Closes#21151
- allow to specify when they are wanted on starting a resolve
- match dns cache entries accordingly. An entry which never
tried to get HTTPS-RRs is no answer for a resolve that wants
it.
- fix late arrivals of resolve answers to match the "async"
records that started them - if it still exists.
- provide for multiple "async" resolves in a transfer at the
same time. We may need to resolve an IP interface while the
main connection resolve has not finished yet.
- allow lookup of HTTPS-RR information as soon as it is
available, even if A/AAAA queries are still ongoing.
For this, the "async" infrastructure is changed:
- Defined bits for DNS queries `CURL_DNSQ_A`, `CURL_DNSQ_AAAA`
and `CURL_DNSQ_HTTPS`. These replace `ip_version` which says
nothing about HTTPS.
Use them in dns cache entries for matching.
- enhance the `async->id` to be a unique `uint32_t` for
resolves inside one multi. This is weak, as the id may
wrap around. However it is combined with the `mid` of
the easy handle, making collisions highly unlikely.
`data->state.async` is only accessed in few places where
the mid/async-id match is performed.
- vtls: for ECH supporting TLS backends (openssl, rustls, wolfssl),
retrieve the HTTPS-RR information from the dns connection filter.
Delay the connect if the HTTPS-RR is needed, but has not
been resolved yet.
The implementation of all this is complete for the threaded
resolver. c-ares resolver and DoH do not take advantage of
all new async features yet. To be done in separate PRs.
Details:
c-ares: cleanup settings and initialisation. Any ares channel
is only being created on starting a resolve and propagating
operations in setopt.c to the channel are not helpful.
Changed threaded+ares pollset handling so that they do not
overwrite each others `ASYNC_NAME` timeouts.
Add trace name 'threads' for tracing thread queue and
pool used by threaded resolver.
Closes#21175
Avoid never-ending growth.
When adding more entries, it now deletes the first entry in the list,
which is the oldest added entry still held in memory. I decided to avoid
a Least Recently Used concept as I suspect with a list with this many
entries most entries have not been used, and we don't save the timestamp
of recent use anyway.
The net effect might (no matter what) be that the removed entry might
feel a bit "random" in the eyes of the user.
Verify with test 1674
Ref #21183Closes#21190
Avoid never-ending growth.
When adding more entries, it now deletes the first entry in the list,
which is the oldest added entry still held in memory. I decided to avoid
a Least Recently Used concept as I suspect with a list with this many
entries most entries have not been used, and we don't save the timestamp
of recent use anyway.
The net effect might (no matter what) be that the removed entry might
feel a bit "random" in the eyes of the user.
Verify with test 1669.
Reported-by: Geeknik Labs
Fixes#21183Closes#21189
A previous refactor changed the TAB check so that the octet could be
accepted in the 'path', which would cause an invalid line in the saved
cookie file so not possible to read the cookie back. Not terrible
because the path cannot contain a raw tab anyway so it would never match
anyway.
Add test 1685 to verify
Reported-by: Izan on hackerone
Closes#21185
