- Add an example that demonstrates per-transfer verbose logging to
memory.
The transfer's log is written to disk only if the transfer fails.
Closes https://github.com/curl/curl/pull/18668
- Keep data from a failed download instead of discarding it on retry in
some limited cases when we know it's ok (currently only HTTP 200/206).
Prior to this change on failed transfer the tool truncated any outfile
data written before retrying the transfer. This change adds an exception
for HTTP downloads when the user requested auto-resume, because in that
case we can keep the outfile data and resume from the new position.
Reported-by: tkzv@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/18035
Closes https://github.com/curl/curl/pull/18665
Opening the remote file with O_APPEND while attempting to resume causes
all writes to be forced to EOF on servers/implementations where O_APPEND
semantics override a prior seek(). As a result, sftp_seek64() is ignored
and the resumed data is appended, duplicating/corrupting the file.
Fix by:
- Using O_WRONLY (without O_APPEND) when resume_from > 0.
- Skipping the seek entirely if remote_append mode is requested.
Closes#18952
Opening the remote file with O_APPEND while attempting to resume causes
all writes to be forced to EOF on servers/implementations where O_APPEND
semantics override a prior seek(). As a result, sftp_seek64() is ignored
and the resumed data is appended, duplicating/corrupting the file.
Fix by:
- Using O_WRONLY (without O_APPEND) when resume_from > 0.
- Skipping the seek entirely if remote_append mode is requested.
Closes#18952
quiche receive may report a TLS failure after a verified handshake. That
needs to lead to a transfer receive error.
Reported-by: Joshua Rogers
Closes#18934
The kerberos5 library Heimdal is one of three GSS libraries curl support.
It has a memory leak triggered by the new test in #18917 and the project
seems mostly abandoned.
Drop support and steer users to the MIT krb5 or GNU GSS libraries.
Co-authored-by: Daniel Stenberg
Ref: #18928Closes#18928Closes#18932
Return error if there is something after the number other than
whitespace and newline.
Allow comma separated numbers and repeated headers as long as the new value is
the same as was set before.
Add test 767 to 771 to verify.
Reported-by: Ignat Loskutov
Fixes#18921Closes#18925
On ancient Apple OS versions where SecTrustEvaluateWithError() is not
available, the deprected SecTrustEvaluate() is used. In that code
branch, the code checked the wong variable for the verified result.
Closes#18929
Code was calling wolfSSL_get_error() on code that it had
already retrieved with the same function. Remove that.
Reported-by: Joshua Rogers
Closes#18940
The documented `<prefix>_<moduleName>_VERSION` variables are empty in
all tested versions since 3.7.2 to 4.1.2. Stop using it as a fallback
for <3.16 versions, and replace with the undocumented, but working,
`FindPkgConfig` internal variable `_pkg_check_modules_pkg_name`. It
contains the module name which was found.
In practice it caused that with CMake <3.16 + `pkg-config`, curl always
detected the Heimdal flavor of GSS.
Also: Delete a fallback version detection method, which was already
marked with a question mark in comments, and used the same, always
empty, CMake variables.
Ref: https://cmake.org/cmake/help/v4.1/module/FindPkgConfig.html
Bug: https://github.com/curl/curl/pull/18932#issuecomment-3381807070Closes#18950
As done in other jobs, but here tailored to old cmake.
The logs generated by ancient CMake aren't super useful though.
Cherry-picked from #18932Closes#18948
- cryptography from 44.0.1 to 46.0.2 in tests/http
- ruff from 0.13.2 to 0.14.0 in .github/scripts
- reuse from 6.0.0 to 6.1.2 in .github/scripts
- github/codeql-action from 3.30.5 to 4.30.7
Closes#18941Closes#18942Closes#18943Closes#18945Closes#18947
It correctly picked all pips, but also picked
`tests/http/requirements.txt` twice and also
`.github/scripts/codespell-ignore.txt`. Try avoid these issues with this
patch.
Follow-up to 6a31e3137a#18939Closes#18946
The code was overriding system memory allocation functions to a local
jump table (declared in `curl_setup.h`). And setup that jump table
to call the original system allocation functions.
Also tested fine with cegcc/WinCE. The `_strdup` fallback was possibly
required for an MSVC WinCE toolchain.
Closes#18922
Build these examples when the necessary dependencies are present:
- cacertinmem, usercertinmem (OpenSSL/fork)
- multi-uv (libuv)
- multithread, threaded-ssl (pthread)
- sessioninfo (GnuTLS)
Indicate the necessary dependency via a `Required:` comment placed in
the source file. A single dependency per source is supported as of now.
The name of the dependency should match the variable used within
the cmake scripts, which in turn matches the macro used in the config
header. E.g. for GnuTLS it's `USE_GNUTLS`.
Also:
- GHA/macos: build examples in two job to test GnuTLS and pthread ones.
- GHA/linux: enable libuv to test it with examples.
Follow-up to 6bb7714032#18914Closes#18909
The stream blocking might not be the one of the current easy handle.
Look up the stream to be marked as blocking via its stream_id in the
internal hash. Theoretically, this does not have to be one of the h3
streams, so not finding it is not an error.
Fixes#18905
Reported-by: Joshua Rogers
Closes#18906
Similar to our ngtcp2 backend, set our idle timeout for the connection
to 0, meaning we have no such timeout from our side. The effective idle
timeout is then the one announced by the peer.
Closes#18907
Since CURLM_ is already used as prefix for multi error codes, it makes
it easier to detect and understand the difference between identifiers -
and allows for scripts on the website and elsewhere to separate them
properly.
Follow-up to 53be8166b2Closes#18912
