| Age | Commit message (Collapse) | Author |
|---|
|
bitbake-selftest was failing on a github url on hosts using buildtools.
The issue was tracked down to the curl upgrade 8.6.0 -> 8.7.1. Whilst there
is a fix in upstream git to workaround the issue in this version, backport
the fix from curl upstream to ensure there are no other related issues to
the bug.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This includes 4 security fixes:
CVE-2024-2466 - TLS certificate check bypass with mbedTLS
CVE-2024-2398 - HTTP/2 push headers memory-leak
CVE-2024-2379 - QUIC certificate check bypass with wolfSSL
CVE-2024-2004 - Usage of disabled protocol
Along with many other changes, mostly bugfixes: https://curl.se/changes.html
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
nativesdk-curl package contains host references in output files.
remove them.
Signed-off-by: Oleh Matiusha <omatiush@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The list of test labels to disable shouldn't be quoted, and this meant
that tests were running when they should not.
[ YOCTO #15268 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We often see multiple curl tests fail during ptest runs, the actual test
varies but the output is like this:
FAIL: 337: protoc!
There was no content at all in the file log/3/server.input.
Server glitch? Total curl failure? Returned: 28
Error code 28 is CURLE_OPERATION_TIMEDOUT, so this is almost certainly
due to a loaded machine resulting in the tests running slowly.
It is notable that the test runner explicitly passes --max-time=13 to
curl, so experiment and change this to 600 to see if this solves the
problem.
[ YOCTO #15268 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There's no need to run the output of runtests.pl through a sed to get
automake-style output, as you can pass -am to get this formatting.
Don't run timing dependent tests, as the ptests can run on loaded
systems.
Add a dependency on the en_US locale because some of the tests require
this.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a bug fix and feature update. Release notes are available at:
https://curl.se/changes.html#8_6_0
Disable test 1478, it's comparing help output to documentation.
License-Update: Copyright year updated
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Disable another test that intermittently fails on the autobuilder.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These two tests seem to fail semi-regularly so just stop running them.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
update include fix for CVE-2023-46218.
skip test 1477 which check that libcurl-errors.3 and the public
header files have the same set of error codes.
Notes: This test is not included in the source tarball.
https://github.com/curl/curl/issues/12462
Release Notes:
curl and libcurl 8.5.0
Public curl releases: 253
Command line options: 258
curl_easy_setopt() options: 303
Public functions in libcurl: 93
Contributors: 3039
This release includes the following changes:
o gnutls: support CURLSSLOPT_NATIVE_CA [31]
o HTTP3: ngtcp2 builds are no longer experimental [77]
This release includes the following bugfixes:
o appveyor: make VS2008-built curl tool runnable [93]
o asyn-thread: use pipe instead of socketpair for IPC when available [4]
o autotools: accept linker flags via `CURL_LDFLAGS_{LIB,BIN}` [128]
o autotools: avoid passing `LDFLAGS` twice to libcurl [127]
o autotools: delete LCC compiler support bits [137]
o autotools: fix/improve gcc and Apple clang version detection [136]
o autotools: stop setting `-std=gnu89` with `--enable-warnings` [135]
o autotools: update references to deleted `crypt-auth` option [46]
o BINDINGS: add V binding [54]
o build: add `src/.checksrc` to source tarball [1]
o build: add more picky warnings and fix them [172]
o build: always revert `#pragma GCC diagnostic` after use [143]
o build: delete `HAVE_STDINT_H` and `HAVE_INTTYPES_H` [107]
o build: delete support bits for obsolete Windows compilers [106]
o build: fix 'threadsafe' feature detection for older gcc [19]
o build: fix builds that disable protocols but not digest auth [174]
o build: fix compiler warning with auths disabled [85]
o build: fix libssh2 + `CURL_DISABLE_DIGEST_AUTH` + `CURL_DISABLE_AWS` [120]
o build: picky warning updates [125]
o build: require Windows XP or newer [86]
o cfilter: provide call to tell connection to forget a socket [65]
o checksrc.pl: support #line instructions
o CI: add autotools, out-of-tree, debug build to distro check job [14]
o CI: ignore test 286 on Appveyor gcc 9 build [6]
o cmake: add `CURL_DISABLE_BINDLOCAL` option [146]
o cmake: add test for `DISABLE` options, add `CURL_DISABLE_HEADERS_API` [138]
o cmake: dedupe Windows system libs [114]
o cmake: fix `HAVE_H_ERRNO_ASSIGNABLE` detection [2]
o cmake: fix CURL_DISABLE_GETOPTIONS [12]
o cmake: fix multiple include of CURL package [96]
o cmake: fix OpenSSL quic detection in quiche builds [56]
o cmake: option to disable install & drop `curlu` target when unused [72]
o cmake: pre-fill rest of detection values for Windows [50]
o cmake: replace `check_library_exists_concat()` [23]
o cmake: speed up threads setup for Windows [68]
o cmake: speed up zstd detection [69]
o config-win32: set `HAVE_SNPRINTF` for mingw-w64 [123]
o configure: better --disable-http [80]
o configure: check for the fseeko declaration too [55]
o conncache: use the closure handle when disconnecting surplus connections [173]
o content_encoding: make Curl_all_content_encodings allocless [101]
o cookie: lowercase the domain names before PSL checks [160]
o curl.h: delete Symbian OS references [162]
o curl.h: on FreeBSD include sys/param.h instead of osreldate.h [21]
o curl.rc: switch out the copyright symbol for plain ASCII [167]
o curl: improved IPFS and IPNS URL support [87]
o curl_easy_duphandle.3: clarify how HSTS and alt-svc are duped [99]
o Curl_http_body: cleanup properly when Curl_getformdata errors [152]
o curl_setup: disallow Windows IPv6 builds missing getaddrinfo [57]
o curl_sspi: support more revocation error names in error messages [95]
o CURLINFO_PRETRANSFER_TIME_T.3: fix time explanation [181]
o CURLMOPT_MAX_CONCURRENT_STREAMS: make sure the set value is within range [165]
o CURLOPT_CAINFO_BLOB.3: explain what CURL_BLOB_COPY does [113]
o CURLOPT_WRITEFUNCTION.3: clarify libcurl returns for CURL_WRITEFUNC_ERROR [45]
o CURPOST_POSTFIELDS.3: add CURLOPT_COPYPOSTFIELDS in SEE ALSO
o docs/example/keepalive.c: show TCP keep-alive options [73]
o docs/example/localport.c: show off CURLOPT_LOCALPORT [83]
o docs/examples/interface.c: show CURLOPT_INTERFACE use [84]
o docs/libcurl: fix three minor man page format mistakes [26]
o docs/libcurl: SYNSOPSIS cleanup [150]
o docs: add supported version for the json write-out [92]
o docs: clarify that curl passes on input unfiltered [47]
o docs: fix function typo in curl_easy_option_next.3 [36]
o docs: KNOWN_BUGS cleanup
o docs: make all examples in all libcurl man pages compile [175]
o docs: preserve the modification date when copying the prebuilt man page [89]
o docs: remove bold from some man page SYNOPSIS sections [90]
o docs: use SOURCE_DATE_EPOCH for generated manpages [16]
o doh: provide better return code for responses w/o addresses [133]
o doh: use PIPEWAIT when HTTP/2 is attempted [63]
o duphandle: also free 'outcurl->cookies' in error path [122]
o duphandle: make dupset() not return with pointers to old alloced data [109]
o duphandle: use strdup to clone *COPYPOSTFIELDS if size is not set [132]
o easy: in duphandle, init the cookies for the new handle [131]
o easy: remove duplicate wolfSSH init call [37]
o easy_lock: add a pthread_mutex_t fallback [13]
o examples/rtsp-options.c: add [157]
o fopen: create new file using old file's mode [153]
o fopen: create short(er) temporary file name [155]
o getenv: PlayStation doesn't have getenv() [41]
o GHA: move mod_h2 version in CI to v2.0.25 [43]
o hostip: show the list of IPs when resolving is done [35]
o hostip: silence compiler warning `-Wparentheses-equality` [62]
o hsts: skip single-dot hostname [67]
o HTTP/2, HTTP/3: handle detach of onoing transfers [134]
o http2: header conversion tightening [33]
o http2: provide an error callback and failf the message [53]
o http2: safer invocation of populate_binsettings [8]
o http: allow longer HTTP/2 request method names [112]
o http: avoid Expect: 100-continue if Upgrade: is used [15]
o http: consider resume with CURLOPT_FAILONERRROR and 416 to be fine [81]
o http: fix `-Wunused-parameter` with no auth and no proxy [149]
o http: fix `-Wunused-variable` compiler warning [115]
o http: fix empty-body warning [76]
o http_aws_sigv4: canonicalise valueless query params [88]
o hyper: temporarily remove HTTP/2 support [139]
o INSTALL: update list of ports and CPU archs
o IPFS: fix IPFS_PATH and file parsing [119]
o keylog: disable if unused [145]
o lib: add and use Curl_strndup() [97]
o lib: apache style infof and trace macros/functions [71]
o lib: fix gcc warning in printf call [7]
o libcurl-errors.3: sync with current public headers [156]
o libcurl-thread.3: simplify the TLS section [79]
o Makefile.am: drop vc10, vc11 and vc12 projects from dist [103]
o Makefile.mk: fix `-rtmp` option for non-Windows
o mime: store "form escape" as a single bit [170]
o misc: fix -Walloc-size warnings [118]
o msh3: error when built with CURL_DISABLE_SOCKETPAIR set [61]
o multi: during ratelimit multi_getsock should return no sockets [182]
o multi: use pipe instead of socketpair to *wakeup() [18]
o ngtcp2: fix races in stream handling [178]
o ngtcp2: ignore errors on unknown streams [158]
o ntlm_wb: use pipe instead of socketpair when possible [44]
o openldap: move the alloc of ldapconninfo to *connect() [29]
o openldap: set the callback argument in oldap_do [30]
o openssl: avoid BN_num_bits() NULL pointer derefs [9]
o openssl: fix building with v3 `no-deprecated` + add CI test [161]
o openssl: fix infof() to avoid compiler warning for %s with null [70]
o openssl: identify the "quictls" backend correctly [82]
o openssl: include SIG and KEM algorithms in verbose [52]
o openssl: make CURLSSLOPT_NATIVE_CA import Windows intermediate CAs [58]
o openssl: two multi pointer checks should probably rather be asserts [91]
o openssl: when a session-ID is reused, skip OCSP stapling [142]
o page-footer: clarify exit code 25 [51]
o projects: add VC14.20 project files [104]
o pytest: use lower count in repeat tests [98]
o quic: make eyeballers connect retries stop at weird replies [140]
o quic: manage connection idle timeouts [5]
o quiche: use quiche_conn_peer_transport_params() [116]
o rand: fix build error with autotools + LibreSSL [111]
o resolve.d: drop a multi use-sentence [100]
o RTSP: improved RTP parser [32]
o rustls: implement connect_blocking [154]
o sasl: fix `-Wunused-function` compiler warning [124]
o schannel: add CA cache support for files and memory blobs [121]
o setopt: check CURLOPT_TFTP_BLKSIZE range on set [171]
o setopt: remove outdated cookie comment [64]
o setopt: remove superfluous use of ternary expressions [169]
o socks: better buffer size checks for socks4a user and hostname [20]
o socks: make SOCKS5 use the CURLOPT_IPRESOLVE choice [38]
o symbols-in-versions: the CLOSEPOLICY options are deprecated
o test1683: remove commented-out check alternatives
o test3103: add missing quotes around a test tag attribute
o test613: stop showing an error on missing output file
o tests/README: SOCKS tests are not using OpenSSH, it has its own server [48]
o tests/server: add more SOCKS5 handshake error checking [27]
o tests: Fix Windows test helper tool search & use it for handle64 [17]
o tidy-up: casing typos, delete unused Windows version aliases [144]
o tool: fix --capath when proxy support is disabled [28]
o tool: support bold headers in Windows [117]
o tool_cb_hdr: add an additional parsing check [129]
o tool_cb_prg: make the carriage return fit for wide progress bars [159]
o tool_cb_wrt: fix write output for very old Windows versions [24]
o tool_getparam: limit --rate to be smaller than number of ms [3]
o tool_operate: do not mix memory models [108]
o tool_operate: fix links in ipfs errors [22]
o tool_parsecfg: make warning output propose double-quoting [164]
o tool_urlglob: fix build for old gcc versions [25]
o tool_urlglob: make multiply() bail out on negative values [11]
o tool_writeout_json: fix JSON encoding of non-ascii bytes [179]
o transfer: abort pause send when connection is marked for closing [183]
o transfer: avoid calling the read callback again after EOF [130]
o transfer: only reset the FTP wildcard engine in CLEAR state [42]
o url: don't touch the multi handle when closing internal handles [40]
o url: find scheme with a "perfect hash" [141]
o url: fix `-Wzero-length-array` with no protocols [147]
o url: fix builds with `CURL_DISABLE_HTTP` [148]
o url: protocol handler lookup tidy-up [66]
o url: proxy ssl connection reuse fix [94]
o urlapi: avoid null deref if setting blank host to url encode [75]
o urlapi: skip appending NULL pointer query [74]
o urlapi: when URL encoding the fragment, pass in the right length [59]
o urldata: make maxconnects a 32 bit value [166]
o urldata: move async resolver state from easy handle to connectdata [34]
o urldata: move cookielist from UserDefined to UrlState [126]
o urldata: move hstslist from 'set' to 'state' [105]
o urldata: move the 'internal' boolean to the state struct [39]
o vssh: remove the #ifdef for Curl_ssh_init, use empty macro
o vtls: cleanup SSL config management [78]
o vtls: consistently use typedef names for OpenSSL structs [176]
o vtls: late clone of connection ssl config [60]
o vtls: use ALPN "http/1.1" for HTTP/1.x, including HTTP/1.0 [102]
o VULN-DISCLOSURE-POLICY: escape sequences are not a security flaw [110]
o windows: use built-in `_WIN32` macro to detect Windows [163]
o wolfssh: remove redundant static prototypes [168]
o wolfssl: add default case for wolfssl_connect_step1 switch [49]
o wolfssl: require WOLFSSL_SYS_CA_CERTS for loading system CA [10]
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
curl and libcurl 8.4.0
Public curl releases: 252
Command line options: 258
curl_easy_setopt() options: 303
Public functions in libcurl: 93
Contributors: 2995
This release includes the following changes:
o curl: add support for the IPFS protocols via HTTP gateway [46]
o curl_multi_get_handles: get easy handles from a multi handle [20]
o mingw: delete support for legacy mingw.org toolchain [45]
This release includes the following bugfixes:
o acinclude.m4: Document proper system truststore on FreeBSD [83]
o appveyor: fix yamlint issues, indent [67]
o appveyor: rewrite batch in PowerShell + CI improvements [109]
o autotools: adjust `CURL_CA_PATH` value to CMake [53]
o autotools: restore `HAVE_IOCTL_*` detections [111]
o base64: also build for curl [78]
o bufq: remove Curl_bufq_skip_and_shift (unused) [47]
o build: delete checks for C89 standard headers [65]
o build: do not publish `HAVE_BORINGSSL`, `HAVE_AWSLC` macros [114]
o cf-socket: simulate slow/blocked receives in debug [120]
o cmake, configure: also link with CoreServices [32]
o cmake: add check for suseconds_t [91]
o cmake: add feature checks for `memrchr` and `getifaddrs` [57]
o cmake: add missing checks [86]
o cmake: delete old `HAVE_LDAP_URL_PARSE` logic [105]
o cmake: detect `HAVE_CLOCK_GETTIME_MONOTONIC_RAW` [75]
o cmake: detect `HAVE_GETADDRINFO_THREADSAFE` [76]
o cmake: detect `sys/wait.h` and `netinet/udp.h` [61]
o cmake: detect TLS-SRP in OpenSSL/wolfSSL/GnuTLS [93]
o cmake: disable unity mode with Windows Unicode + TrackMemory [108]
o cmake: fix `HAVE_LDAP_SSL`, `HAVE_LDAP_URL_PARSE` on non-Windows [110]
o cmake: fix `HAVE_WRITABLE_ARGV` detection [77]
o cmake: fix duplicate symbols when linking tests [73]
o cmake: fix missing `zlib.h` when compiling `libcurltool` [72]
o cmake: fix stderr initialization in unity builds [71]
o cmake: fix the help text to the static build option in CMakeLists.txt [10]
o cmake: fix unity builds for more build combinations [96]
o cmake: fix unity symbol collisions in h2 builds [48]
o cmake: fix unity with Windows Unicode + TrackMemory [107]
o cmake: improve OpenLDAP builds [92]
o cmake: lib `CURL_STATICLIB` fixes (Windows) [74]
o cmake: move global headers to specific checks [58]
o cmake: pre-cache `HAVE_BASENAME` for mingw-w64 and MSVC [85]
o cmake: pre-cache `HAVE_POLL_FINE` on Windows [36]
o cmake: tidy-up `NOT_NEED_LBER_H` detection
o cmake: validate `CURL_DEFAULT_SSL_BACKEND` config value [50]
o configure: check for the capath by default [63]
o configure: remove unused checks [87]
o configure: replace adhoc domain with `localhost` in tests [79]
o configure: sort AC_CHECK_FUNCS
o connect: expire the timeout when trying next [54]
o connect: only start the happy eyeballs timer when needed [95]
o cookie: do not store the expire or max-age strings [16]
o cookie: remove unnecessary struct fields [17]
o cookie: set ->running in cookie_init even if data is NULL [5]
o create-dirs.d: clarify it also uses --output-dirs [66]
o curl.h: mark CURLSSLBACKEND_NSS as deprecated since 8.3.0 [18]
o curl_easy_pause.3: mention h2/h3 buffering [113]
o curl_easy_pause.3: mention it works within callbacks [112]
o curl_easy_pause: set "in callback" true on exit if true [100]
o CURLOPT_DEBUGFUNCTION.3: warn about internal handles [122]
o docs/libcurl/opts/Makefile.inc: add missing manpage files
o docs: adapt SEE ALSO sections to new requirements [52]
o docs: explain how PINNEDPUBLICKEY is independent of VERIFYPEER [68]
o docs: replace made up domains with example.com [82]
o docs: update curl man page references [89]
o docs: use CURLSSLBACKEND_NONE [19]
o doh: inherit DEBUGFUNCTION/DATA [12]
o escape: replace Curl_isunreserved with ISUNRESERVED [2]
o FAQ: How do I upgrade curl.exe in Windows? [84]
o GHA/linux: run singleuse to detect single-use global functions [35]
o GHA: add workflow to compare configure vs cmake outputs [102]
o h2-proxy: remove left-over mistake in drain_tunnel() [7]
o h2: testcase and fix for pausing h2 streams [49]
o h3: add support for ngtcp2 with AWS-LC builds [103]
o http2: refused stream handling for retry [121]
o http: fix CURL_DISABLE_BEARER_AUTH breakage [28]
o http: h1/h2 proxy unification [21]
o http: remove wrong comment for http_should_fail [55]
o http: use per-request counter to check too large headers [6]
o http_aws_sigv4: fix sorting with empty parts [13]
o idn: fix WinIDN null ptr deref on bad host [90]
o idn: if idn2_check_version returns NULL, return error [27]
o inet_ntop: add typecast to silence Coverity [51]
o lib: disambiguate Curl_client_write flag semantics [24]
o lib: enable hmac for digest as well [26]
o lib: failf/infof compiler warnings [8]
o lib: let the max filesize option stop too big transfers too [44]
o lib: move handling of `data->req.writer_stack` into Curl_client_write() [97]
o lib: provide and use Curl_hexencode [62]
o lib: remove TIME_WITH_SYS_TIME [88]
o lib: use wrapper for curl_mime_data fseek callback [30]
o libssh2: fix error message on failed pubkey-from-file [22]
o libssh: cap SFTP packet size sent [14]
o Makefile.mk: always set `CURL_STATICLIB` for lib (Windows) [42]
o MANUAL.md: change domain to example.com [11]
o misc: better random strings [15]
o MQTT: improve receive of ACKs [125]
o multi: do CURLM_CALL_MULTI_PERFORM at two more places [99]
o multi: fix small timeouts [70]
o multi: remove Curl_multi_dump [37]
o multi: round the timeout up to prevent early wakeups [98]
o multi: set CURLM_CALL_MULTI_PERFORM after switch to DOING_MORE [115]
o openssl: improve ssl shutdown handling [69]
o openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR [104]
o pytest: exclude test_03_goaway in CI runs due to timing dependency [23]
o quic: set ciphers/curves the same way regular TLS does [43]
o quiche: fix build error with --with-ca-fallback [1]
o RELEASE-PROCEDURE.md: updated coming release dates
o runtests: display the test status if tests appear hung [81]
o runtests: eliminate a warning on old perl versions
o socks: return error if hostname too long for remote resolve [118]
o src/mkhelp: make generated code pass `checksrc` [59]
o test1056: disable on Windows
o test1474: disable test on NetBSD, OpenBSD and Solaris 10 [31]
o test1592: greatly increase the maximum test timeout
o test1903: actually verify the cookies after the test [116]
o test1906: set a lower timeout since it's hit on Windows [117]
o test2600: remove special case handling for USE_ALARM_TIMEOUT [3]
o test650: fix an end tag typo
o test661: return from test early in case of curl error
o test: add missing <feature>s
o tests: close the shell used to start sshd [41]
o tests: fix a race condition in ftp server disconnect [101]
o tests: fix compiler warnings [38]
o tests: Fix zombie processes left behind by FTP tests. [80]
o tests: improve SLOWDOWN test reliability by reducing sent data
o tests: increase lib571 timeout from 3s to 30s [106]
o tests: log the test result code after each libtest
o tests: propagate errors in libtests
o tests: set --expect100-timeout to improve test reliability
o tests: show which curl tool `runtests.pl` is using [60]
o tests: stop overriding the lock timeout
o tftpd: always use curl's own tftp.h [25]
o tool: use our own stderr variable [94]
o tool_cb_wrt: fix debug assertion [4]
o tool_getparam: accept variable expansion on file names too [123]
o tool_setopt: remove unused function tool_setopt_flags [56]
o upload-file.d: describe the file name slash/backslash handling [9]
o url: fall back to http/https proxy env-variable if ws/wss not set [119]
o url: fix netrc info message [39]
o warnless: remove unused functions [33]
o wolfssh: do cleanup in Curl_ssh_cleanup [40]
o wolfssl: allow capath with CURLOPT_CAINFO_BLOB [29]
o wolfssl: if CURLOPT_CAINFO_BLOB is set, ignore the CA files [34]
o wolfssl: ignore errors in CA path [64]
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some tests can fail intermittently and upstream has marked these as
flaky so they can easily be skipped. At present there are 12 tests
marked flaky with 10 of them running in the default recipe
configuration. Skip them to avoid the failures.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
NSS support was removed, so adjust PACKAGECONFIG options.
The --enable-crypto-auth option was removed and split into separate
options for basic-auth, bearer-auth, digest-auth, kerberos-auth,
negotiate-auth, and aws. Enable these new options since upstream enables
them by default.
Disable test 1279 since this requires libcurl and hangs the tests.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Not running make in the top level tests/ directory
excluded about a third of them (those that consisted
of running small test binaries).
Also, run tests in parallel, which reduces total time
from five minutes to about 75 seconds.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changelog:
=========
amigaos: fix sys/mbuf.h m_len macro clash
amissl: add missing signal.h include
amissl: fix AmiSSL v5 detection
cfilters: rename close/connect functions to avoid clashes
ciphers.d: put URL in first column
cmake: add `libcurlu`/`libcurltool` for unit tests
cmake: update ngtcp2 detection
configure: check for nghttp2_session_get_stream_local_window_size
CONTRIBUTE: drop mention of copyright year ranges
CONTRIBUTE: fix syntax in commit message description
curl_multi_wait.3: fix arg quoting to doc macro .BR
docs: mark two TLS options for TLS, not SSL
docs: provide more see also for cipher options
hostip: return IPv6 first for localhost resolves
http2: fix regression on upload EOF handling
http: VLH, very large header test and fixes
libcurl-errors.3: add CURLUE_OK
os400: correct EXPECTED_STRING_LASTZEROTERMINATED
quiche: fix lookup of transfer at multi
quiche: fix segfault and other things
rustls: update rustls-ffi 0.10.0
socks: print ipv6 address within brackets
src/mkhelp: strip off escape sequences
tool: fix tool_seek_cb build when SIZEOF_CURL_OFF_T > SIZEOF_OFF_T
transfer: do not clear the credentials on redirect to absolute URL
unittest: remove unneeded *_LDADD
websocket: rename arguments/variables to match docs
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Piping results through sed is masking failures that aren't
picked up by sed expressions.
One such failure probes the source tree, and so isn't
relevant for target testing, and can be disabled.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
RDEPEND on the specific perl modules required for the tests rather than
the perl-modules meta package.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This is a feature and bugfix update. Full release notes available at:
https://curl.se/changes.html#8_2_0
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Changelog:
===========
- lib1560: verify more scheme guessing
- page-header: minor wording polish in the URL segment
- page-header: mention curl version and how to figure out current release
- RELEASE-NOTES: synced
- configure: without pkg-config and no custom path, use -lnghttp2
- curl: cache the --trace-time value for a second
- libcurl.m4: remove trailing 'dnl' that causes this to break autoconf
- http3: send EOF indicator early as possible
- scripts/contri*sh: no longer grep -v ' '
- cf-socket: restore Curl_sock_assign_addr()
- libssh: when keyboard-interactive auth fails, try password
- configure: fix build with arbitrary CC and LD_LIBRARY_PATH
- urlapi: remove superfluous host name check
- http2: fix EOF handling on uploads with auth negotiation
- lib: remove unused functions, make single-use static
- scripts/singleuse.pl: add more API calls
- configure: quote the assignments for run-compiler
- misc: fix spelling mistakes
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This is a bugfix only release. Release notes:
https://curl.se/changes.html#8_1_1
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a feature and bugfix release. Release notes are available at:
https://curl.se/changes.html#8_1_0
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
This update contains bug, security, and feature updates. For detailed
release notes, see https://curl.se/changes.html#8_0_1
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a feature and bugfix update. Release notes available at:
https://curl.se/changes.html#7_88_0
License-Update: Copyright year updated
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
openldap is added as a dependency so the build will not fail,
as otherwise ldap headers are not found during configure phase
Note: due to upstream bug (now fixed) building LDAP/LDAPS support
with minimal configurations can sometimes not work, see details at:
https://github.com/curl/curl/pull/10445
Signed-off-by: Federico Pellegrin <fede@evolware.org>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In oe-core 27824261 --enable-debug was added to the configure arguments
to turn on debugging symbols. However, enabling debug mode does more
than turn on debugging symbols and introduces some codepaths that can be
controlled with environment variables. Bluntly, the curl maintainer
says that --enable-debug should not be used in production:
https://curl.se/mail/lib-2023-01/0039.html
I did a build and verified that the curl-dbg package doesn't massively
shrink, so the debug symbols are still being built.
Remove the debug options and hide them behind a PACKAGECONFIG, with a
comment that it should not be used in production.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
LICENSE for curl is set to MIT-open-group which is wrong and proper
license is 'curl'
I check below link and the line "Curl and libcurl are licensed under
the license below, which is inspired by MIT/X, but not identical." says
that the license is identical to MIT but actual license is identical
from the file "meta/files/common-licenses/curl"
Link: https://curl.se/docs/copyright.html
Also, I do not find the MIT-open-group license text in the entire
source-code
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Feature and security update. Fixes the following CVEs:
- CVE-2022-32221
- CVE-2022-35260
- CVE-2022-42915
- CVE-2022-42916
Release notes: https://curl.se/changes.html#7_86_0
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These modules outside of perl-modules are necessary to run curl-ptests
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Release notes are available at: https://curl.se/changes.html#7_85_0
Remove backported patches as they are included in the new release.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
|
|
NROFF can take different values depending on the filesystem layout of the
host system and this leaks onto the target ptest package through the
Makefiles. Since ptest doesn't use them, delete them to resovle that issue.
Also ensure the task can rerun even if it already deleted configurehelp.pm
[YOCTO #14863]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport a patch from upstream to fix the following build failure.
tmp-glibc/work/riscv64-wrs-linux/curl/7.84.0-r0/recipe-sysroot-native/
usr/bin/riscv64-wrs-linux/../../libexec/riscv64-wrs-linux/gcc/
riscv64-wrs-linux/12.1.0/ld: ../lib/.libs/libcurl.so:
undefined reference to `__atomic_exchange_1'
collect2: error: ld returned 1 exit status
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- curl-ptest is taking around 200 seconds to execute so
added curl-ptest to PTESTS_SLOW
- This patch is rework on an existing patch provided
by Maxin B. John (maxin.john@intel.com)
https://www.openembedded.org/pipermail/openembedded-core/2017-July/139176.html
- Below is the run log of curl-ptest
START: ptest-runner
2022-07-03T15:52
BEGIN: /usr/lib/curl/ptest
********* System characteristics ********
* curl 7.83.1 (x86_64-poky-linux-gnu)
* libcurl/7.83.1 OpenSSL/3.0.3 zlib/1.2.12 libidn2/2.3.2
* Features: alt-svc AsynchDNS Debug HSTS HTTPS-proxy IDN Largefile libz NTLM SSL TLS-SRP UnixSockets
* Disabled: headers-api
* Host: qemux86-64
* System: Linux qemux86-64 5.15.44-yocto-standard #1 SMP PREEMPT Tue May 31 20:28:59 UTC 2022 x86_64 GNU/Linux
* OS: linux
* Servers: HTTP-unix
* Env:
* Seed: 238593
*****************************************
PASS: test 0001 (1 out of 1466, remaining: 25:07, took 1.029s, duration: 00:01)
PASS: test 0002 (2 out of 1466, remaining: 13:21, took 0.065s, duration: 00:01)
...
...
PASS: test 3019 (1460 out of 1466, remaining: 00:00, took 0.012s, duration: 03:16)
PASS: test 3020 (1461 out of 1466, remaining: 00:00, took 0.011s, duration: 03:16)
test 3025...The tool set in the test case for this: 'lib3025' does not exist
TESTDONE: 1280 tests were considered during 197 seconds.
TESTDONE: 783 tests out of PASS: 783 report: 100%
DURATION: 202
END: /usr/lib/curl/ptest
2022-07-03T15:56
STOP: ptest-runner
TOTAL: 1 FAIL: 0
- disable the curl tests that are expected to fail
- remove the generated file configurehelp.pm from curl test beacuse it is causing reproducible build failure.
this file is used by some curl tests to scan symbols from curl headers. we are anyway not installing curl
headers and already have disabled those tests.
[YOCTO #6707]
Signed-off-by: Yogesh Tyagi <yogesh.tyagi@intel.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a feature and bugfix update. Release notes are available at:
https://curl.se/changes.html#7_84_0
Backport a patch fixing a compile issue where sched.h was not included
on certain platforms.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a minor feature and bugfix release. Changes include:
* curl: add %header{name} experimental support in -w handling
* curl: add %{header_json} experimental support in -w handling
* curl: add --no-clobber
* curl: add --remove-on-error
* header api: add curl_easy_header and curl_easy_nextheader
* msh3: add support for QUIC and HTTP/3 using msh3
Full changelog at: https://curl.se/changes.html#7_83_0
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Includes bug fixes and feature updates, such as addition of a --json flag
and the removal of mesalink support. Changelog available at:
https://curl.se/changes.html#7_82_0
LIC_FILES_CHKSUM changed due to copyright year update. Now that the full
SPDX license list is supported, refine the license from MIT to
MIT-open-group. The curl license contains the additional advertising
clause present in the Open Group variant.
Use a weak assignment with the RANDOM variable to make changes via
bbappend easier.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
curl requires that at least one SSL implementation or explicitly
'--without-ssl' is specified. This is particularly the case if
PACKAGECONFIG is empty.
| configure: error: select TLS backend(s) or disable TLS with
--without-ssl.
|
| Select from these:
|
| --with-amissl
| --with-bearssl
| --with-gnutls
| --with-mbedtls
| --with-mesalink
| --with-nss
| --with-openssl (also works for BoringSSL and libressl)
| --with-rustls
| --with-schannel
| --with-secure-transport
| --with-wolfssl
|
Fixes: eef6c45fc6ec ("curl: Rework openssl and random PACKAGECONFIGs")
Signed-off-by: Christian Eggers <ceggers@arri.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The existing ssl PACKAGECONFIG makes it slightly annoying to use another
crypto provider while removing openssl. Since --with-ssl is just a
deprecated version of --with-openssl, rename the PACKAGECONFIG to use
the newer preferred name. Note that --without-ssl implies no crypto
provider at all, and should only be used when trying to disable all
crypto support.
Move --with-random to it's own option, since it is useful for other
crypto providers, not just openssl.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Update URLs to refelct what upstream is presently using and add zstd
PACKAGECONFIG.
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If we add DEBUG_PREFIX_MAP into LDFLAGS, curl-dev is no longer reproducible.
Fix this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove libmetalink configure option as this rarely used option is
removed in the new version [1].
[1] https://github.com/curl/curl/commit/265b14d6b37c4298bd5556fabcbc37d36f911693
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Richard Purdie
Oleh Matiusha
Ross Burton
Robert Joslyn
Lee Chee Yang
Jose Quaresma
Alexander Kanavin
Wang Mingyu
Federico Pellegrin
Ranjitsinh Rathod
Khem Raj
He Zhe
Yogesh Tyagi
Christian Eggers
Ross Burton
Mingli Yu