Граф коммитов

409 Коммитов

Автор SHA1 Сообщение Дата
Harry Mallon d112c24234
docs: KNOWN_BUGS cleanup
* Remove other mention of hyper memory-leaks from `KNOWN_BUGS`.
  Should have been removed in 629723ecf2

* Remove mention of aws-sigv4 sort query string from `KNOWN_BUGS`.
  Fixed in #11806

* Remove mention of aws-sigv4 query empty value problems

* Remove mention of aws-sigv4 missing amz-content-sha256
  Fixed in #9995
2023-11-05 10:39:32 +01:00
Nicholas Nethercote 629723ecf2
docs: Remove mention of #10803 from `KNOWN_BUGS`.
Because the leaks have been fixed.
2023-08-25 15:27:32 +02:00
Daniel Stenberg 5b060a4108
docs: rewrite to present tense
... instead of using future tense.

+ numerous cleanups and improvements
+ stick to "reuse" not "re-use"
+ fewer contractions

Closes #11713
2023-08-23 23:26:10 +02:00
Daniel Stenberg ce254fa96f
KNOWN_BUGS: LDAPS requests to ActiveDirectory server hang
Closes #9580
2023-08-15 14:21:15 +02:00
Marin Hannache 67e9e3cb1e
http: do not require a user name when using CURLAUTH_NEGOTIATE
In order to get Negotiate (SPNEGO) authentication to work in HTTP you
used to be required to provide a (fake) user name (this concerned both
curl and the lib) because the code wrongly only considered
authentication if there was a user name provided, as in:

  curl -u : --negotiate https://example.com/

This commit leverages the `struct auth` want member to figure out if the
user enabled CURLAUTH_NEGOTIATE, effectively removing the requirement of
setting a user name both in curl and the lib.

Signed-off-by: Marin Hannache <git@mareo.fr>
Reported-by: Enrico Scholz
Fixes https://sourceforge.net/p/curl/bugs/440/
Fixes #1161
Closes #9047
2023-08-14 10:21:46 +02:00
Jay Satiro 889c071d3c schannel: verify hostname independent of verify cert
Prior to this change when CURLOPT_SSL_VERIFYPEER (verifypeer) was off
and CURLOPT_SSL_VERIFYHOST (verifyhost) was on we did not verify the
hostname in schannel code.

This fixes KNOWN_BUG 2.8 "Schannel disable CURLOPT_SSL_VERIFYPEER and
verify hostname". We discussed a fix several years ago in #3285 but it
went stale.

Assisted-by: Daniel Stenberg

Bug: https://curl.haxx.se/mail/lib-2018-10/0113.html
Reported-by: Martin Galvan

Ref: https://github.com/curl/curl/pull/3285

Fixes https://github.com/curl/curl/issues/3284
Closes https://github.com/curl/curl/pull/10056
2023-08-11 12:27:18 -04:00
Daniel Stenberg bfc9d56a91
KNOWN_BUGS: aws-sigv4 does not behave well with AWS VPC Lattice
Closes #11007
2023-08-06 23:38:28 +02:00
Daniel Stenberg 8b12f9e203
TODO: add *5* entries for aws-sigv4
Closes #7559
Closes #8107
Closes #8810
Closes #9717
Closes #10129
2023-08-06 23:04:57 +02:00
Daniel Stenberg 15c40a32b7
Revert "KNOWN_BUGS: build for iOS simulator on macOS 13.2 with Xcode 14"
This reverts commit 2e8a3d7cb7.

It's a user error for supplying incomplete information to the build system.

Reported-by: Ryan Schmidt
Ref: https://github.com/curl/curl/issues/11215#issuecomment-1658729367
2023-08-01 10:22:39 +02:00
Daniel Stenberg 47a3e6e577
KNOWN_BUGS: cygwin: make install installs curl-config.1 twice
Closes #8839
2023-07-31 08:55:26 +02:00
Daniel Stenberg 2e8a3d7cb7
KNOWN_BUGS: build for iOS simulator on macOS 13.2 with Xcode 14
Closes #11215
2023-07-31 08:53:55 +02:00
Daniel Stenberg 75afa92dc7
KNOWN_BUGS: cmake outputs: no version information available
Closes #11158
2023-07-31 08:51:32 +02:00
Daniel Stenberg 403e4dc1ed
KNOWN_BUGS: APOP authentication fails on POP3
Closes #10073
2023-07-31 08:47:22 +02:00
Daniel Stenberg d54d5bfcbf
KNOWN_BUGS: hyper is slow
Closes #11203
2023-07-31 08:45:33 +02:00
Daniel Stenberg 7c8bae0d9c
nss: remove support for this TLS library
Closes #11459
2023-07-29 23:44:28 +02:00
Daniel Stenberg 775018d273
KNOWN_BUGS: cygwin: "WARNING: UNPROTECTED PRIVATE KEY FILE!"
Closes #11244
2023-07-27 23:43:28 +02:00
Daniel Stenberg 57f56cc374
KNOWN_BUGS: building for old macOS fails with gcc
Closes #11441
2023-07-23 17:00:29 +02:00
Daniel Stenberg e37e92252d
KNOWN_BUGS: hyper memory-leaks
Closes #10803
2023-05-22 17:06:54 +02:00
Daniel Stenberg 442355f8db
KNOWN_BUGS: remove two not-bugs
- 11.7 signal-based resolver timeouts

Not considered a bug anymore but just implementation details. People
should avoid using timeouts with the synchronous name resolver.

- 11.16 libcurl uses renames instead of locking for atomic operations

Not a bug, just a description of how it works

Closes #11032
2023-04-26 15:40:54 +02:00
Daniel Stenberg c39f981ff4
KNOWN_BUGS: remove fixed or outdated issues, move non-bugs
- remove h3 issues believed to be fixed

- make the flaky CI issue be generic and not Windows specific

- "TLS session cache does not work with TFO" now documented

  This is now a documented restriction and not a bug. TFO in general is
  rarely used and has other problems, making it a low-priotity thing to
  work on.

- remove "Renegotiate from server may cause hang for OpenSSL backend"

  This is an OpenSSL issue, not a curl one. Even if it taints curl.

- rm "make distclean loops forever"

- rm "configure finding libs in wrong directory"

  Added a section to docs/INSTALL.md about it.

- "A shared connection cache is not thread-safe"

  Moved over to TODO and expanded for other sharing improvements we
  could do

- rm "CURLOPT_OPENSOCKETPAIRFUNCTION is missing"

- rm "Blocking socket operations in non-blocking API"

  Already listed as a TODO

- rm "curl compiled on OSX 10.13 failed to run on OSX 10.10"

  Water under the bridge. No one cares about this anymore.

- rm "build on Linux links libcurl to libdl"

  Verified to not be true (anymore).

- rm "libpsl is not supported"

  The cmake build supports it since cafb356e19

Closes #10963
2023-04-14 09:50:19 +02:00
Matt Jolly 0ae0abbe72
hostip: refuse to resolve the .onion TLD
RFC 7686 states that:

> Applications that do not implement the Tor
> protocol SHOULD generate an error upon the use of .onion and
> SHOULD NOT perform a DNS lookup.

Let's do that.

https://www.rfc-editor.org/rfc/rfc7686#section-2

Add test 1471 and 1472 to verify

Fixes #543
Closes #10705
2023-03-30 15:51:06 +02:00
Viktor Szakats 8cfc936f5c
cmake: fix enabling LDAPS on Windows
Before this patch, enabling LDAPS required a manual C flag:
c1cfc31cfc/curl-cmake.sh (L105)

Fix this and enable LDAPS automatically when using `wldap32` (and
when not explicitly disabled). This matches autotools and `Makefile.mk`
behavior. Also remove issue from KNOWN_BUGS.

Add workaround for MSVS 2010 warning triggered by LDAPS now enabled
in more CI tests:
`ldap.c(360): warning C4306: 'type cast' : conversion from 'int' to 'void *' of greater size`
Ref: https://ci.appveyor.com/project/curlorg/curl/builds/46408284/job/v8mwl9yfbmoeqwlr#L312

Reported-by: JackBoosY on github
Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad
Fixes #6284
Closes #10674
2023-03-05 19:55:14 +00:00
Viktor Szakats 016c62c4d5
cmake: skip CA-path/bundle auto-detection in cross-builds
Also remove issue from KNOWN_BUGS.

Reported-by: Cristian Morales Vega
Reviewed-by: Marcel Raad
Fixes #6178
Closes #10676
2023-03-05 19:51:52 +00:00
Daniel Stenberg a6ae169540
KNOW_BUGS: cleanups with some changed to TODOs
- remove "Excessive HTTP/2 packets with TCP_NODELAY"

  This is not a bug. Rather room for improvement.

I believe these have been fixed:

- 17.4 Connection failures with parallel HTTP/2
- 17.5 HTTP/2 connections through HTTPS proxy frequently stall

- remove "FTPS needs session reuse"

That is still true, but curl should also do session reuse now.

- remove "ASCII FTP"

It is documented behavior, and not single user has asked for extended
functionality here the last decade or so.

- remove "Passive transfer tries only one IP address"

add as a TODO

- remove "DoH leaks memory after followlocation"

With a recipe on how to reproduce, this is pointless to keep around

- remove "DoH does not inherit all transfer options"

add it as a TODO

Closes #10487
2023-02-13 17:10:57 +01:00
Daniel Stenberg efbf02111a
smb: return error on upload without size
The protocol needs to know the size ahead of time, this is now a known
restriction and not a bug.

Also output a clearer error if the URL path does not contain proper
share.

Ref: #7896
Closes #10484
2023-02-12 18:04:41 +01:00
Daniel Stenberg 5de6848f10
cmake: set the soname on the shared library
Set SONAME and VERSION for platforms we think this works on. Remove
issue from KNOWN_BUGS.

Assisted-by: Jakub Zakrzewski

Closes #10023
2022-12-15 12:36:25 +01:00
Daniel Stenberg f0b374f662
KNOWN_BUGS: remove items not considered bugs any more
- CURL_GLOBAL_SSL

This option was changed in libcurl 7.57.0 and clearly it has not caused
too many issues and a lot of time has passed.

- Store TLS context per transfer instead of per connection

This is a possible future optimization. One that is much less important
and interesting since the added support for CA caching.

- Microsoft telnet server

This bug was filed in May 2007 against curl 7.16.1 and we have not
received further reports.

- active FTP over a SOCKS

Actually, proxies in general is not working with active FTP mode. This
is now added in proxy documentation.

- DICT responses show the underlying protocol

curl still does this, but since this is now an established behavior
since forever we cannot change it easily and adding an option for it
seems crazy as this protocol is not so little its not worth it. Let's
just live with it.

- Secure Transport disabling hostname validation also disables SNI

This is an already documented restriction in Secure Transport.

- CURLOPT_SEEKFUNCTION not called with CURLFORM_STREAM

The curl_formadd() function is marked and documented as deprecated. No
point in collecting bugs for it. It should not be used further.

- STARTTRANSFER time is wrong for HTTP POSTs

After close source code inspection I cannot see how this is true or that
there is any special treatment for different HTTP methods. We also have
not received many further reports on this, making me strongly suspect
that this is no (longer an) issue.

- multipart formposts file name encoding

The once proposed RFC 5987-encoding is since RFC 7578 documented as MUST
NOT be used. The since then implemented MIME API allows the user to set
the name on their own and can thus provide it encoded as it wants.

- DoH is not used for all name resolves when enabled

It is questionable if users actually want to use DoH for interface and
FTP port name resolving. This restriction is now documented and we
advice users against using name resolving at all for these functions.

Closes #10043
2022-12-09 13:55:01 +01:00
Daniel Stenberg f85e932b28
KNOWN_BUGS: remove "Multi perform hangs waiting for threaded resolver"
We now offer a way to avoid that hang, using CURLOPT_QUICK_EXIT.

Follow-up to 49798cac83 fixed via #9147

Closes #9999
2022-11-29 16:14:16 +01:00
Daniel Stenberg 862406c5e1
KNOWN_BUGS: remove "--interface for ipv6 binds to unusable IP address"
Since years back the "if2ip" function verifies that it binds to a local IPv6
address that uses the same scope as the remote address.

This is not a bug.

Fixes #686
Closes #9998
2022-11-29 16:13:10 +01:00
Daniel Stenberg 3e33681eaf
KNOWN_BUGS: remove five FTP related issues
- "FTP with CONNECT and slow server"

I believe this is not a problem these days.

- "FTP with NULs in URL parts"

The FTP protocol does not support them properly anyway.

- remove "FTP and empty path parts in the URL"

I don't think this has ever been reported as a real problem but was only
a hypothetical one.

- "Premature transfer end but healthy control channel"

This is not a bug, this is an optimization that *could* be performed but is
not an actual problem.

- "FTP without or slow 220 response"

Instead add to the documentation of the connect timeout that the
connection is considered complete at TCP/TLS/QUIC layer.

Closes #9979
2022-11-26 12:33:58 +01:00
Daniel Stenberg 8a6a48957f
docs/INSTALL.md: expand on static builds
Remove from KNOWN_BUGS

Closes #9944
2022-11-19 00:13:29 +01:00
Daniel Stenberg 2bc04d4980
rtsp: fix RTSP auth
Verified with test 3100

Fixes #4750
Closes #9870
2022-11-09 09:40:00 +01:00
Daniel Stenberg e46d388c87
KNOWN_BUGS: remove eight entries
- 1.2 Multiple methods in a single WWW-Authenticate: header

This is not considered a bug anymore but a restriction and one that we
keep because we have NEVER gotten this reported by users in the wild and
because of this I consider this a fringe edge case we don't need to
support.

- 1.6 Unnecessary close when 401 received waiting for 100

This is not a bug, but possibly an optimization that *can* be done.

- 1.7 Deflate error after all content was received

This is not a curl bug. This happens due to broken servers.

- 2.1 CURLINFO_SSL_VERIFYRESULT has limited support

This is not a bug. This is just the nature of the implementation.

- 2.2 DER in keychain

This is not a bug.

- 5.7 Visual Studio project gaps

This is not a bug.

- 15.14 cmake build is not thread-safe

Fixed in 109e9730ee

- 11.3 Disconnects do not do verbose

This is not a bug.

Closes #9871
2022-11-09 09:37:21 +01:00
Daniel Stenberg a55256cfb2
curl: timeout in the read callback
The read callback can timeout if there's nothing to read within the
given maximum period. Example use case is when doing "curl -m 3
telnet://example.com" or anything else that expects input on stdin or
similar that otherwise would "hang" until something happens and then not
respect the timeout.

This fixes KNOWN_BUG 8.1, first filed in July 2009.

Bug: https://sourceforge.net/p/curl/bugs/846/

Closes #9815
2022-10-28 17:57:14 +02:00
Ayesh Karunaratne 4484270afc
misc: typo and grammar fixes
- Replace `Github` with `GitHub`.
- Replace `windows` with `Windows`
- Replace `advice` with `advise` where a verb is used.
- A few fixes on removing repeated words.
- Replace `a HTTP` with `an HTTP`

Closes #9802
2022-10-27 10:01:30 +02:00
Daniel Stenberg 1e9a538e05
noproxy: support proxies specified using cidr notation
For both IPv4 and IPv6 addresses. Now also checks IPv6 addresses "correctly"
and not with string comparisons.

Split out the noproxy checks and functionality into noproxy.c

Added unit test 1614 to verify checking functions.

Reported-by: Mathieu Carbonneaux

Fixes #9773
Fixes #5745
Closes #9775
2022-10-21 13:39:20 +02:00
Daniel Stenberg fd1ce3d4b0
docs: spellfixes
Pointed by the new CI job
2022-09-21 15:20:08 +02:00
rcombs 07f80f968d
multi: use a pipe instead of a socketpair on apple platforms
Sockets may be shut down by the kernel when the app is moved to the
background, but pipes are not.

Removed from KNOWN_BUGS

Fixes #6132
Closes #9368
2022-08-25 17:43:08 +02:00
Jay Satiro ebe3fdb0e3 KNOWN_BUGS: Windows Unicode builds use homedir in current locale
Bug: https://github.com/curl/curl/pull/7252
Reported-by: dEajL3kA@users.noreply.github.com

Ref: https://github.com/curl/curl/pull/7281

Closes https://github.com/curl/curl/pull/9305
2022-08-16 11:30:47 -04:00
Daniel Stenberg 440fb67755
KNOWN_BUGS: FTPS directory listing hangs on Windows with Schannel
Closes #9161
2022-08-13 00:32:12 +02:00
Daniel Stenberg 5554e45405
KNOWN_BUGS: CURLOPT_CERTINFO results in CURLE_OUT_OF_MEMORY with Schannel
Closes #8741
2022-08-13 00:27:57 +02:00
Daniel Stenberg 46d1b95e69
KNOWN_BUGS: libssh blocking and infinite loop problem
Closes #8632
2022-08-13 00:25:31 +02:00
Jay Satiro 586cfc3c2c KNOWN_BUGS: long paths are not fully supported on Windows
Bug: https://github.com/curl/curl/issues/8361
Reported-by: Gisle Vanem

Closes https://github.com/curl/curl/pull/9288
2022-08-11 03:37:25 -04:00
Daniel Stenberg 09f1e58cfe
KNOWN_BUGS: Negotiate authentication against Hadoop HDFS
Closes #8264
2022-08-08 16:45:51 +02:00
Daniel Stenberg ba2ccf368e
KNOWN_BUGS: cmake build is not thread-safe
The cmake build does not check for and verify presence of a working
Atomic type, which then makes curl_global_init() to not build
thread-safe on non-Windows platforms.

Closes https://github.com/curl/curl/issues/8973
Closes https://github.com/curl/curl/pull/8982
2022-08-08 16:00:17 +02:00
Daniel Gustafsson c92c650413 KNOWN_BUGS: fix typo in problem description
s/TSL/TLS/
2022-05-20 13:43:35 +02:00
Daniel Stenberg fdb5e21b4d
quiche: support ca-fallback
Follow-up to b01f3e679f which added this for ngtcp2/openssl

Removed from KNOWN_BUGS

Fixes #8696
Closes #8830
2022-05-11 10:49:31 +02:00
Daniel Stenberg a15fa1c357
KNOWN_BUGS: timeout when reusing a http3 connection
Closes #8764
2022-05-06 09:20:18 +02:00
Daniel Stenberg 06fd9736b7
KNOWN_BUGS: configure --with-ca-fallback is not supported by h3
Closes #8696
2022-05-06 09:15:46 +02:00
Daniel Stenberg adb3ecff8d
KNOW_BUGS: HTTP3/Transfer closed with n bytes remaining to read
"HTTP/3 does not support client certs" considered fixed, at least with
the ngtcp2 backend.

Closes #8523
2022-03-30 10:35:12 +02:00