Builder curl-threaded-solaris10-i386 Build #4446

Build In Progress:

SourceStamp:

BuildSlave:

Reason:

The SingleBranchScheduler scheduler named 'schedule-curl-threaded-solaris10-i386' triggered this build

Steps and Logfiles:

1. git update ( 14 secs )
   1. stdio
2. Runtest './tests/testcurl.pl --nogitpull ...' ( running )
   1. stdio
   2. resultlog
3. Mail result  
   1. - no logs -

Build Properties:

Forced Build Properties:

Responsible Users:

1. Daniel Stenberg

   danielohnoyoudont@haxx.se
2. Joshua Rogers

   MegaManSecohnoyoudont@users.noreply.github.com
3. Stefan Eissing

   stefanohnoyoudont@eissing.org
4. Viktor Szakats

   commitohnoyoudont@vsz.me

Timing:

All Changes:

:

1. Change #269136

   Category	curl
   Changed by	Stefan Eissing <stefanohnoyoudont@eissing.org>
   Changed at	Tue 02 Jun 2026 08:27:00
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	31cb54e1fa52cd954dba5ee1a902c6d4ae3746d1

   Comments

   cfilters: remove close method
   closing a filter chain and reconnecting it again is a complication
   that only the HTTP/1.x proxy filter used. Remove it from all filters.
   
   Instead, a filter can return CURLE_AGAIN during the connect phase
   and the cf-setup filter will tear down all "sub filters" and restart
   over.
   
   With this, a filter never resets to the initial phase but progresses
   through connect -> connected -> shutdown -> destroy once.
   
   Closes #21831

   Changed files

   • lib/cf-capsule.c
   • lib/cf-dns.c
   • lib/cf-h1-proxy.c
   • lib/cf-h2-proxy.c
   • lib/cf-h3-proxy.c
   • lib/cf-haproxy.c
   • lib/cf-https-connect.c
   • lib/cf-ip-happy.c
   • lib/cf-socket.c
   • lib/cfilters.c
   • lib/cfilters.h
   • lib/connect.c
   • lib/cshutdn.c
   • lib/ftp.c
   • lib/http2.c
   • lib/http_proxy.c
   • lib/socks.c
   • lib/vquic/curl_ngtcp2.c
   • lib/vquic/curl_quiche.c
   • lib/vtls/vtls.c
   • tests/unit/unit2600.c

2. Change #269143

   Category	curl
   Changed by	Viktor Szakats <commitohnoyoudont@vsz.me>
   Changed at	Tue 02 Jun 2026 08:44:11
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	669e795e9427cbda973a0ba9f8f4028716f0cdd4

   Comments

   Makefile.am: drop test1190 listed twice
   Spotted by GitHub Code Quality
   
   Closes #21839

   Changed files

   • tests/data/Makefile.am

3. Change #269144

   Category	curl
   Changed by	Daniel Stenberg <danielohnoyoudont@haxx.se>
   Changed at	Tue 02 Jun 2026 08:45:48
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	7d2382ebfacc7a3c7bdfb47994be9341beee645a

   Comments

   tool_help: rectify a bad assert
   The condition was wrong, and now it also verifies 'tlen'.
   
   Reported-by: Gao Liyou
   Ref: #21825
   Closes #21837

   Changed files

   • src/tool_help.c

4. Change #269145

   Category	curl
   Changed by	Daniel Stenberg <danielohnoyoudont@haxx.se>
   Changed at	Tue 02 Jun 2026 08:48:19
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	b825417043faa016a52ee400ce3a1c94f719a6e4

   Comments

   tool_operhlp: avoid NULL to %s
   If the filename allocation fails.
   
   Reported-by: Gao Liyou
   Ref: #21825
   Closes #21836

   Changed files

   • src/tool_operhlp.c

5. Change #269158

   Category	curl
   Changed by	Viktor Szakats <commitohnoyoudont@vsz.me>
   Changed at	Tue 02 Jun 2026 10:05:39
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	4c49ed1b7b817d5a4e991a88aa1b5a68e6c7975e

   Comments

   os400sys: fix theoretical length overflows
   When converting a `size_t` to `unsigned int`.
   
   Another instance spotted by Copilot.
   
   Reported-by: Gao Liyou
   Ref: #21825
   Closes #21840

   Changed files

   • projects/OS400/os400sys.c

6. Change #269178

   Category	curl
   Changed by	Daniel Stenberg <danielohnoyoudont@haxx.se>
   Changed at	Tue 02 Jun 2026 11:13:50
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	277db5490c3b0be58020cfdec17cd11e5cfb8c08

   Comments

   URL-SYNTAX: document more URL parsing details
   - IPv4 numerical address
   - IPv6 numerical address + zone id mention
   - No IPvFuture support
   - Some path parsing details
   
   Closes #21841

   Changed files

   • docs/URL-SYNTAX.md

7. Change #269179

   Category	curl
   Changed by	Daniel Stenberg <danielohnoyoudont@haxx.se>
   Changed at	Tue 02 Jun 2026 11:17:48
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	d2f8e231a7548ef77db5438f21d484936775b72f

   Comments

   KNOWN_BUGS: Digest does not care for 'domain'
   Room for improvement.
   
   Closes #21838

   Changed files

   • docs/KNOWN_BUGS.md

8. Change #269182

   Category	curl
   Changed by	Daniel Stenberg <danielohnoyoudont@haxx.se>
   Changed at	Tue 02 Jun 2026 11:31:46
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	9d19b4730277e94c330d15c4ae2e1cb271514ff7

   Comments

   lib1560: verify a few more URL variations
   Closes #21842

   Changed files

   • tests/data/test1560
   • tests/libtest/lib1560.c

9. Change #269185

   Category	curl
   Changed by	Joshua Rogers <MegaManSecohnoyoudont@users.noreply.github.com>
   Changed at	Tue 02 Jun 2026 11:43:00
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	d191de891a4d2be48908c6964e5cb157d002dae6

   Comments

   telnet: honor CURLOPT_TIMEOUT in send_telnet_data()
   The poll-before-write loop used -1 (infinite) as the Curl_poll timeout,
   so a peer that stops reading could stall the transfer indefinitely,
   bypassing CURLOPT_TIMEOUT. Use Curl_timeleft_ms() instead and return
   CURLE_OPERATION_TIMEDOUT when the deadline is reached or exceeded.
   
   Closes #21685

   Changed files

   • lib/telnet.c

10. Change #269196

    Category	curl
    Changed by	Joshua Rogers <MegaManSecohnoyoudont@users.noreply.github.com>
    Changed at	Tue 02 Jun 2026 13:30:35
    Repository	https://github.com/curl/curl.git
    Project	curl
    Branch	master
    Revision	be6c4ee7faaa55c62567a8c3fb0f4e98a482292e

    Comments

    gtls: verify OCSP response signature in gtls_verify_ocsp_status
    Since aeb1a281ca ("gtls: fix OCSP stapling management"), the function
    parses the stapled OCSP response and reads the certificate status via
    gnutls_ocsp_resp_get_single(), but never calls gnutls_ocsp_resp_verify()
    or gnutls_ocsp_resp_verify_direct(). A response with a forged or
    corrupted signature is accepted without question.
    
    Fix by calling gnutls_ocsp_resp_verify() against the trust list obtained
    from the session credentials immediately after gnutls_ocsp_resp_import().
    This handles both directly-signed responses and delegated OCSP responders
    without requiring the issuer certificate to be present in the peer chain.
    
    The missing check only affects the CURLOPT_SSL_VERIFYSTATUS code path
    when CURLOPT_SSL_VERIFYPEER is disabled. With peer verification enabled,
    gnutls_certificate_verify_peers2() independently catches the invalid
    response via GNUTLS_CERT_INVALID_OCSP_STATUS before
    gtls_verify_ocsp_status() is reached. As a result, no attack is possible
    that is not already trivially achievable without OCSP stapling when peer
    verification is off. This is a correctness and consistency fix, not a
    security vulnerability.
    
    Reported-by: Joshua Rogers
    
    Closes #21677

    Changed files

    • lib/vtls/gtls.c

11. Change #269205

    Category	curl
    Changed by	Viktor Szakats <commitohnoyoudont@vsz.me>
    Changed at	Tue 02 Jun 2026 15:31:48
    Repository	https://github.com/curl/curl.git
    Project	curl
    Branch	master
    Revision	89683e05b9e0884ccb860a3e01822c20145a12ef

    Comments

    tidy-up: use test/example domains more
    Closes #21849

    Changed files

    • docs/examples/ephiperfifo.c
    • docs/examples/evhiperfifo.c
    • docs/examples/ghiper.c
    • docs/examples/hiperfifo.c
    • tests/data/test536
    • tests/libtest/lib536.c
    • tests/unit/unit2600.c