CI: move Azure jobs to GHA, fix fallouts, sshserver, runtests tweaks

CI:

- GHA/windows: enable OpenSSH server, SysInternals `handle`, `impacket`.
Skip `impacket` on MSYS2 due

CI: move Azure jobs to GHA, fix fallouts, sshserver, runtests tweaks

CI:

- GHA/windows: enable OpenSSH server, SysInternals `handle`, `impacket`.
Skip `impacket` on MSYS2 due to install failure.
Skip OpenSSH server for old/standalone mingw-w64 (building curl
without SSH there.)
- GHA/windows: make test tool installs a separate step.
- GHA/cygwin: enable OpenSSH server.
Skip `impacket`: it's compiling for 7 minutes then breaks.
Skip `stunnel` due to sluggish test run performance.
(This update is unrelated to Azure jobs.)
- GHA/linux: migrate Linux jobs from Azure CI.
- GHA/linux: migrate scanbuild job from Azure CI.
- GHA/linux: enable libssh2 in a job. Also enable valgrind.
- CI/windows: enable SSPI in two jobs.
- CI/windows: disable zlib in one more job.
- CI/windows: improve `if` condition checking GnuTLS.
- CI/windows: ignore SFTP/SCP tests as necessary.
- universally ignore SCP tests, they fail everywhere.
- ignore test 612.
- ignore test 613 616 618 with MSYS2 mingw-w64.
- ignore test 614 with libssh.
- ignore all SFTP with MSYS2 native.
- ignore all SFTP with vcpkg with `libssh2[core,zlib]`.
- ignore a couple of SFTP tests with MSYS2 mingw-w64.
(This matches settings on Azure CI.)
- GHA/windows: ignore failing 1451 'Basic SMB request' test for
old mingw-w64 7.3.0 (but not for 9.5.0!):
```
2024-09-11 21:45:59,738 ERROR smbComNegotiate: b'NT LM 0.12\x00' is not in list
[...]
curl: (7) Could not connect to server
[...]
FAIL 1451: 'Basic SMB request' SMB
```
Ref: https://github.com/curl/curl/actions/runs/10816280746/job/30007130770#step:13:3546
- CI/Azure: delete, now moved to GHA.

sshserver:

- sshserver: fix permissions for SSH host key on Windows, allowing sshd
to launch.
- sshserver: fix initializing config paths with Cygwin/MSYS2 sshd.
- sshserver: fix initializing config paths in parallel builds.
- sshserver: delete redundant `DenyUsers`. This also opens the way
to allow multiple usernames.
- sshserver: fix `AllowUsers` for GHA/windows, by allowing the
domainless username again.
Follow-up to 3ee7c676ec8ef32e3a9cb4d0fb2929a8335d58db #5721
- sshserver: fix `Deprecated option` warnings in `sshd_config`:
```
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 7: Deprecated option AuthorizedKeysFile2
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 25: Deprecated option KeyRegenerationInterval
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 35: Deprecated option RhostsRSAAuthentication
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 36: Deprecated option RSAAuthentication
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 37: Deprecated option ServerKeyBits
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 41: Deprecated option UseLogin
```
- sshserver: fix `Deprecated option` warnings in `ssh_config` with
Cygwin/MSYS2.
- sshserver: fix dumping config files due to the filenames missing their
full paths.
- sshserver: add workaround to make `logmsg` messages visible.
Before this patch they only went to a file and never shown.

runtests:

- runtests: log details when these Windows commands are called:
`handle`, `taskkill`, `tasklist`.
- runtests: add documentation links to Windows tools:
`handle`, `taskkill`, `tasklist`, `icacls`.
- runtests: add `-t` (kill whole tree) option to `taskkill` in
`servers.pm`, syncing it with the other `taskkill` call.
Follow-up to bc72a78a11764558639131d51fa8e7c81ee1e113 #14488
- runtests: show warning if Sysinternals `handle` tool is missing.
- runtests: drop Windows XP Home compatibility `tskill` call.
The call was made on all Windows versions. It's possibly overkill to
do this, because XP Home is probably rarely used for running curl
tests these days. In case it's needed, it'd be better to put it under
an explicit option.
- runtests: show Perl version and path.

Fix/silence fallouts:

- unit2603: fix building with disabled HTTP support.
- unit2604: silence `-Woverlength-strings` warnings in C89 mode.
- test437, test1614: fix to pass with no-IPv6 builds.

Closes #14859

show more ...

GHA: update github/codeql-action digest to 4dd1613

Closes #14725

GHA: update CI dependencies

- update github/codeql-action digest to 2c779ab
- update awslabs/aws-lc to v1.34.2
- update ngtcp2/nghttp3 to v1.5.0
- update ngtcp2/ngtcp2 to v1.7.0

GHA: update CI dependencies

- update github/codeql-action digest to 2c779ab
- update awslabs/aws-lc to v1.34.2
- update ngtcp2/nghttp3 to v1.5.0
- update ngtcp2/ngtcp2 to v1.7.0

Closes #14638
Closes #14639
Closes #14675
Closes #14676

show more ...

GHA: add yamlcheck

Uses `yamllint`.

Also:
- fix warning for existing YAML files:
```
[truthy] truthy value should be one of [false, true]
```

Closes #

GHA: add yamlcheck

Uses `yamllint`.

Also:
- fix warning for existing YAML files:
```
[truthy] truthy value should be one of [false, true]
```

Closes #14650

show more ...

GHA: update github/codeql-action digest to 883d858

Closes #14608

GHA: update github/codeql-action digest to 429e197

Closes #14425

GHA: bump deps: upload-artifact, codeql and spellcheck

- bump actions/upload-artifact from 4.3.5 to 4.3.6

Signed-off-by: dependabot[bot] <support@github.com>

Closes #14506

GHA: bump deps: upload-artifact, codeql and spellcheck

- bump actions/upload-artifact from 4.3.5 to 4.3.6

Signed-off-by: dependabot[bot] <support@github.com>

Closes #14506

- bump github/codeql-action from 3.25.15 to 3.26.0

Closes #14507

- bump rojopolis/spellcheck-github-actions digest to a0fba0c

Closes #14518

show more ...

GHA: bump github/codeql-action and msys2/setup-msys2

- bump github/codeql-action from 3.25.13 to 3.25.15

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3

GHA: bump github/codeql-action and msys2/setup-msys2

- bump github/codeql-action from 3.25.13 to 3.25.15

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.13 to 3.25.15.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/2d790406f505036ef40ecba973cc774a50395aac...afb54ba388a7dca6ecae48f608c4ff05ff4cc77a)

---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Closes #14300

- bump msys2/setup-msys2 from 2.23.0 to 2.24.0

Bumps [msys2/setup-msys2](https://github.com/msys2/setup-msys2) from 2.23.0 to 2.24.0.
- [Release notes](https://github.com/msys2/setup-msys2/releases)
- [Changelog](https://github.com/msys2/setup-msys2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/msys2/setup-msys2/compare/d0e80f58dffbc64f6a3a1f43527d469b4fc7b6c8...5df0ca6cbf14efcd08f8d5bd5e049a3cc8e07fd2)

---
updated-dependencies:
- dependency-name: msys2/setup-msys2
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Closes #14301

show more ...

GHA/non-native: improve, migrate x86_64 FreeBSD with tests from Cirrus CI

- run tests via `make test-ci` instead of `make check` with autotools.
- add `x86_64` job for FreeBSD, with test

GHA/non-native: improve, migrate x86_64 FreeBSD with tests from Cirrus CI

- run tests via `make test-ci` instead of `make check` with autotools.
- add `x86_64` job for FreeBSD, with tests.
It matches the existing Cirrus CI job, with these differences:
- finishes 3x faster (thanks to parallel tests enabled).
- librtmp is not enabled because it's slated for removal by FreeBSD.
(already past the removal deadline, thought the package still
installs.)
- DICT and TELNET servers fail to start. Couldn't figure out why.
It means skipping test 1450 and 1452.
- it runs more tests, e.g. websockets and ip6-localhost.
- no `pkg update -f`.
- it misses the `CRYPTOGRAPHY_DONT_BUILD_RUST=1`, `pkg delete curl`,
`chmod 777`, `sudo -u nobody` and `sysctl net.inet.tcp.blackhole`
tricks. The latter is the default in these runners, the others did
not affect results.
- set `-j0` for tests in the NetBSD job. Flaky otherwise.

Closes #14244

show more ...

GHA: bump github/codeql-action from 3.25.11 to 3.25.13

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.11 to 3.25.13.
- [Release notes](https://github.com

GHA: bump github/codeql-action from 3.25.11 to 3.25.13

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.11 to 3.25.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/b611370bb5703a7efb587f9d136a52ea24c5c38c...2d790406f505036ef40ecba973cc774a50395aac)

---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Closes #14255

show more ...

GHA: update github/codeql-action digest to b611370

Closes #14058

GHA: update pinned actions

- github/codeql-action digest to 23acc5c
- actions/checkout digest to 692973e
- rojopolis/spellcheck-github-actions digest to d354a4d

Closes #1393

GHA: update pinned actions

- github/codeql-action digest to 23acc5c
- actions/checkout digest to 692973e
- rojopolis/spellcheck-github-actions digest to d354a4d

Closes #13935
Closes #13945
Closes #13946

show more ...

ci: update github/codeql-action digest to 2e230e8

Closes #13881

ci: update github/codeql-action digest to f079b84

Closes #13837

ci: update github/codeql-action digest to 9fdb3e4

Closes #13726

GHA: bump actions/checkout from 4.1.4 to 4.1.6

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/re

GHA: bump actions/checkout from 4.1.4 to 4.1.6

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/0ad4b8fadaa221de15dcec353f45205ec38ea70b...a5ac7e51b41094c92402da3b24376905380afc29)

---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Closes #13720

show more ...

GHA: pin dependencies

Closes #13628

build(deps): bump github/codeql-action from 2 to 3

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-a

build(deps): bump github/codeql-action from 2 to 3

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Closes #12625

show more ...

appveyor: replace PowerShell with bash + parallel autotools

PowerShell works (after a steep development curve), but one property of
it stuck and kept causing unresolvable usability issue

appveyor: replace PowerShell with bash + parallel autotools

PowerShell works (after a steep development curve), but one property of
it stuck and kept causing unresolvable usability issues: With
`$ErrorActionPreference=Stop`, it does abort on failures, but shows only
the first line of the error message. In `Continue` mode, it shows the
full error message, but doesn't stop on all errors. Another issue is
PowerShell considering any stderr output as if the command failed (this
has been improved in 7.2 (2021-Nov), but fixed versions aren't running
in CI and will not be for a long time in all test images.)

Thus, we're going with bash.

Also:
- use `-j2` with autotools tests, making them finish 5-15 minutes per
job faster.
- omit `POSIX_PATH_PREFIX`.
- use `WINDIR`.
- prefer forward slashes.

Follow-up to: 75078a415d9c769419aed4153d3d525a8eba95af #11999
Ref: #12444

Fixes #12560
Closes #12572

show more ...

tidy-up: fix yamllint whitespace issues

Closes #12466

gha: bump actions to latest versions

- actions@checkout@v4 (from v3 and v2)

- fsfe/reuse-action@v2 (from v1)

Closes #12000

CI: skip some more builds when possible

When a commit only contains tests, documentation, or cmake files, skip
those builds that aren't affected by those.

The file filters avail

CI: skip some more builds when possible

When a commit only contains tests, documentation, or cmake files, skip
those builds that aren't affected by those.

The file filters available on the CI services don't seem to allow
skipping individual jobs, only the entire workflow, so we can't get any
more fine-grained than this.

show more ...

CI: don't run CI jobs if only another CI was changed

Also skip builds on non-Windows platforms when only Windows build files
have changed.

This should reduce the number of usele

CI: don't run CI jobs if only another CI was changed

Also skip builds on non-Windows platforms when only Windows build files
have changed.

This should reduce the number of useless builds and the associated
waiting time and chance of spurious failures, freeing resources for
new PRs.

Closes #10742

show more ...

copyright: update all copyright lines and remove year ranges

- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- save

copyright: update all copyright lines and remove year ranges

- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING

checksrc is updated to allow non-year using copyright statements

Closes #10205

show more ...

GHA: ignore changes to md files for most workflows

Closes #10176