Builder curl-ares-solaris10-i386 Build #4453

Build In Progress:

ETA: 11:36:37 [4 mins, 21 secs]

SourceStamp:

BuildSlave:

Reason:

The SingleBranchScheduler scheduler named 'schedule-curl-ares-solaris10-i386' triggered this build

Steps and Logfiles:

1. git  
   1. - no logs -
2. setproperty  
   1. - no logs -
3. setproperty_1  
   1. - no logs -
4. Runtest  
   1. - no logs -
5. Mail result  
   1. - no logs -

Build Properties:

Forced Build Properties:

Responsible Users:

1. Daniel Stenberg

   danielohnoyoudont@haxx.se
2. Dave Walker

   daveohnoyoudont@daviey.com
3. Stefan Eissing

   stefanohnoyoudont@eissing.org
4. Tobias Frauenschläger

   tobiasohnoyoudont@wolfssl.com
5. Viktor Szakats

   commitohnoyoudont@vsz.me

Timing:

All Changes:

:

1. Change #271167

   Category	curl
   Changed by	Viktor Szakats <commitohnoyoudont@vsz.me>
   Changed at	Mon 15 Jun 2026 16:57:21
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	adb606eae752eaeea9a5fcea77fc46498e2ecf05

   Comments

   curl_formdata: fix to pass long where missing, document `CURLFORM_NAMELENGTH`
   - lib650: pass `long` to `CURLFORM_NAMELENGTH` in test.
     Spotted by Copilot.
     https://github.com/curl/curl/pull/22011#discussion_r3412407235
     Follow-up to 3620e569b312476f1e63b298106f942079b5afe8
   
   - lib650: drop an interim variable, and interim casts.
     Follow-up to 60776a0515c2a8f572902ad5bcc9f63eeaeafa84 #2747
   
   - curl_formdata.md: document `CURLFORM_NAMELENGTH` on man page.
   
   - curl_formdata.md: pass `long` to `CURLFORM_BUFFERLENGTH` on man page.
   
   - formdata: pass `long` to `CURLFORM_CONTENTSLENGTH` in comment.
   
   Closes #22017

   Changed files

   • docs/libcurl/curl_formadd.md
   • lib/formdata.c
   • tests/libtest/lib650.c

2. Change #271189

   Category	curl
   Changed by	Viktor Szakats <commitohnoyoudont@vsz.me>
   Changed at	Mon 15 Jun 2026 18:38:29
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	46ba384b1b03fec7115e2caa3fdc4587f6973e37

   Comments

   winldap: avoid NULL pointer deref on `ldap_get_dn()` fail
   In non-Unicode builds.
   
   Assisted-by: Jay Satiro
   
   Closes #22000

   Changed files

   • lib/ldap.c

3. Change #271190

   Category	curl
   Changed by	Viktor Szakats <commitohnoyoudont@vsz.me>
   Changed at	Mon 15 Jun 2026 18:38:29
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	5687d211c48b38facb9e77c59b233dc25dadb330

   Comments

   servers: fix off-by-3 OOB write for large `loghex()` inputs
   Spotted by GitHub Code Quality
   
   Closes #22031

   Changed files

   • tests/server/util.c

4. Change #271217

   Category	curl
   Changed by	Viktor Szakats <commitohnoyoudont@vsz.me>
   Changed at	Mon 15 Jun 2026 22:04:39
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	526d3b8a53f19874544a8cc9695ac88ddbde3493

   Comments

   servers: silence `-Wunused-result` with pragma
   In some configurations the `write()` functions gets the
   `warn_unused_result` attribute, that makes casting to `(void)`
   ineffective to silence this warning. Seen with glibc, in 5 CI jobs.
   The warning option appeared in GCC 4.5 and comes enabled by default.
   
   ```
   tests/server/util.c:329:5: error: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Werror=unused-result]
     329 |     write(STDERR_FILENO, msg, sizeof(msg) - 1);
         |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   ```
   Ref: https://github.com/curl/curl/actions/runs/27548333990/job/81427544632
   
   Refs:
   https://github.com/curl/curl/pull/22023#issuecomment-4708455631
   https://gcc.gnu.org/onlinedocs/gcc-16.1.0/gcc/Warning-Options.html#index-Wunused-result
   https://gcc.gnu.org/onlinedocs/gcc-16.1.0/gcc/Common-Attributes.html#index-warn_005funused_005fresult
   https://stackoverflow.com/questions/40576003/ignoring-warning-wunused-result
   
   Follow-up to c8d8f081fd62c68c588f8963a8e441c730a23b5b #22023
   Follow-up to e95f509c66abdd88ae02e3243cdc217f19c4a330 #16852
   
   Closes #22034

   Changed files

   • tests/server/util.c

5. Change #271222

   Category	curl
   Changed by	Tobias Frauenschläger <tobiasohnoyoudont@wolfssl.com>
   Changed at	Mon 15 Jun 2026 22:18:29
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	50ffc359e943b2b55268b6c8507524fb0c23dc9c

   Comments

   tls: wolfssl: fixes for PQC key shares
   This PR makes the wolfssl TLS backend work properly for PQC key
   exchanges. The following issues are fixed:
   * WOLFSSL_HAVE_KYBER is not present anymore in upstream wolfssl (for a
     long time actually), so it has no use and the ML-KEM functionality was
     never turned on properly.
   * Key share group selection (via --curves) is now handled via the
     generic wolfSSL_CTX_set1_groups_list() method instead of the prior
     wolfSSL_CTX_set1_curves_list() and the additonal PQC handling. This
     removes a lot of PQC related special handling and the behavior now
     matches the OpenSSL backend.
   * The default QUIC group setting has been removed. For QUIC, the key
     share as well as the list in the supported_groups extension is now
     handled all within wolfssl. This also supports --curves properly now.
   
   Closes #22030

   Changed files

   • lib/vtls/wolfssl.c

6. Change #271226

   Category	curl
   Changed by	Dave Walker <daveohnoyoudont@daviey.com>
   Changed at	Mon 15 Jun 2026 22:30:14
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	b9702f8c487135695ee07a69a24d85e4f7eba40e

   Comments

   cookie: use origin scheme for secure context check
   `Curl_secure_context()` checked `conn->scheme` to determine if Secure
   cookies may be sent. Since 73daec6, `conn->scheme` is set to the proxy's
   scheme when using an HTTPS forwarding proxy, causing the function to
   return TRUE for HTTP origins. This leaked Secure cookies over the
   plaintext connection between proxy and origin.
   
   Use `data->state.origin->scheme` instead, which always reflects the
   origin's scheme regardless of proxy configuration.
   
   Not an approved vulnerability because the regression was introduced
   after the last release and is not present in any released version.
   
   Verified by test 3401
   
   Follow-up to 73daec6620bf9983df89e8df3660bfa3b8fd501d
   Reported-by: daviey on hackerone
   URL: https://hackerone.com/reports/3803415
   Closes #22024

   Changed files

   • lib/cookie.c
   • lib/cookie.h
   • lib/http.c
   • tests/data/Makefile.am
   • tests/data/test3401

7. Change #271227

   Category	curl
   Changed by	Stefan Eissing <stefanohnoyoudont@eissing.org>
   Changed at	Mon 15 Jun 2026 22:32:15
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	bb72413b03c8f74f1bc88c7292a53a15db74cd20

   Comments

   cf-https-connect: do not engage on proxy origin
   When talking to a forwarding proxy, do not start HTTPS Eyeballing.
   We might support this in the future, but for now, the --httpx.x
   arguments to do not apply to such a setup.
   
   Add a test case for forward proxying without use of ALPN.
   
   Closes #22033

   Changed files

   • lib/cf-https-connect.c
   • tests/http/test_10_proxy.py

8. Change #271228

   Category	curl
   Changed by	Daniel Stenberg <danielohnoyoudont@haxx.se>
   Changed at	Mon 15 Jun 2026 22:35:33
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	7f57aeec40926dce22d997cf05810fb9c9c721d3

   Comments

   verify-release: don't unpack in git repo
   - Clarify that the tarball to verify should be put in the same dir you
     run the script.
   
   - Verify that the curl version number in the file name matches the
     version number within the tarball. To reduce risk for mistakes.
   
   - When verifying using git, do not unpack the tarball. It avoids the
     security risk with malicious tarball contents playing tricks on git.
   
   - Only unpack the tarball for git-less verfication.
   
   - Move the source tarball into _tarballs/ instead of overwriting it,
     which can be useful in case the verification fails
   
   Closes #22032

   Changed files

   • scripts/verify-release

9. Change #271232

   Category	curl
   Changed by	Daniel Stenberg <danielohnoyoudont@haxx.se>
   Changed at	Mon 15 Jun 2026 23:08:59
   Repository	https://github.com/curl/curl.git
   Project	curl
   Branch	master
   Revision	5d1ac48088cf4e04e689e98732024997b56d1511

   Comments

   setopt: mark function argument as unused *properly*
   Closes #22035

   Changed files

   • lib/setopt.c

10. Change #271243

    Category	curl
    Changed by	Viktor Szakats <commitohnoyoudont@vsz.me>
    Changed at	Tue 16 Jun 2026 00:41:29
    Repository	https://github.com/curl/curl.git
    Project	curl
    Branch	master
    Revision	678e63934cc4bd1941b20c5111d37a6e530d2a5d

    Comments

    perl: `|| die` -> `or die`
    Usage was fifty-fifty between these syntaxes before this patch.
    
    Closes #22036

    Changed files

    • .github/scripts/cleancmd.pl
    • docs/examples/version-check.pl
    • scripts/cdall
    • scripts/checksrc-all.pl
    • scripts/checksrc.pl
    • scripts/completion.pl
    • scripts/extract-unit-protos
    • scripts/managen
    • scripts/singleuse.pl
    • tests/certs/genserv.pl
    • tests/getpart.pm
    • tests/libtest/test1013.pl
    • tests/libtest/test1022.pl
    • tests/libtest/test610.pl
    • tests/libtest/test613.pl
    • tests/runner.pm
    • tests/runtests.pl
    • tests/secureserver.pl
    • tests/servers.pm
    • tests/sshserver.pl
    • tests/test1119.pl
    • tests/test1135.pl
    • tests/test1165.pl
    • tests/test1167.pl
    • tests/test1222.pl
    • tests/test1477.pl
    • tests/test1707.pl
    • tests/test745.pl
    • tests/test971.pl