src/lib: remove redundant ternary operators

Closes #15435

lib, src, tests: added space around ternary expressions

Closes #14912

tool_cb_wrt: use "curl_response" if no file name in URL

Use the same fallback for content-disposition cases as for regular -O

Add test692: verify -JO with URL without a file name

tool_cb_wrt: use "curl_response" if no file name in URL

Use the same fallback for content-disposition cases as for regular -O

Add test692: verify -JO with URL without a file name

Reported-by: Brian Inglis
Fixes #14939
Closes #14940

show more ...

src: fix potential macro confusion in cmake unity builds

Sources used `lib/curlx.h` with both `ENABLE_CURLX_PRINTF` set and unset
before including it.

In a cmake "unity" batch w

src: fix potential macro confusion in cmake unity builds

Sources used `lib/curlx.h` with both `ENABLE_CURLX_PRINTF` set and unset
before including it.

In a cmake "unity" batch where the first included source had it unset,
the next sources did not get the macros requested with
`ENABLE_CURLX_PRINTF` because `lib/curl.x` had already been included
without them.

Fix it by by making the macros enabled permanently and globally for
internal sources, and dropping `ENABLE_CURLX_PRINTF`.

This came up while testing unity builds with smaller batches. The full,
default unity build where all `src` is bundled up in a single unit, was
not affected.

Fixes:
```
$ cmake -B build -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=15
$ make -C build
...
curl/src/tool_getparam.c: In function ‘getparameter’:
curl/src/tool_getparam.c:2409:11: error: implicit declaration of function ‘msnprintf’; did you mean ‘vsnprintf’? [-Wimplicit-function-declaration]
2409 | msnprintf(buffer, sizeof(buffer), "%" CURL_FORMAT_CURL_OFF_T "-",
| ^~~~~~~~~
| vsnprintf
curl/src/tool_getparam.c:2409:11: warning: nested extern declaration of ‘msnprintf’ [-Wnested-externs]
[...]
```

Reported-by: Daniel Stenberg
Bug: https://github.com/curl/curl/pull/14626#issuecomment-2301663491

Closes #14632

show more ...

tool_operhlp: fix "potentially uninitialized local variable 'pc' used"

A false positive by MSVC.

Closes #14389

tool_operate: for -O, use "default" as filename when the URL has none

... or pick the last directory part from the path if available.

Instead of returning error.

Add test 6

tool_operate: for -O, use "default" as filename when the URL has none

... or pick the last directory part from the path if available.

Instead of returning error.

Add test 690 and 691 to verify. Test 76 and 2036 no longer apply.

Closes #13988

show more ...

code: language cleanup in comments

Based on the standards and guidelines we use for our documentation.

- expand contractions (they're => they are etc)
- host name = > hostname

code: language cleanup in comments

Based on the standards and guidelines we use for our documentation.

- expand contractions (they're => they are etc)
- host name = > hostname
- file name => filename
- user name = username
- man page => manpage
- run-time => runtime
- set-up => setup
- back-end => backend
- a HTTP => an HTTP
- Two spaces after a period => one space after period

Closes #14073

show more ...

curl: use curl_getenv instead of the curlx_ version

The curlx one was once introduced when we still considered dropping the
libcurl function at some point. To reduce confusion and to mak

curl: use curl_getenv instead of the curlx_ version

The curlx one was once introduced when we still considered dropping the
libcurl function at some point. To reduce confusion and to make it
easier to understand when curl_free() should be used, use the actual
libcurl function call directly instead.

Closes #13230

show more ...

windows: use built-in `_WIN32` macro to detect Windows

Windows compilers define `_WIN32` automatically. Windows SDK headers
or build env defines `WIN32`, or we have to take care of it. T

windows: use built-in `_WIN32` macro to detect Windows

Windows compilers define `_WIN32` automatically. Windows SDK headers
or build env defines `WIN32`, or we have to take care of it. The
agreement seems to be that `_WIN32` is the preferred practice here.
Make the source code rely on that to detect we're building for Windows.

Public `curl.h` was using `WIN32`, `__WIN32__` and `CURL_WIN32` for
Windows detection, next to the official `_WIN32`. After this patch it
only uses `_WIN32` for this. Also, make it stop defining `CURL_WIN32`.

There is a slight chance these break compatibility with Windows
compilers that fail to define `_WIN32`. I'm not aware of any obsolete
or modern compiler affected, but in case there is one, one possible
solution is to define this macro manually.

grepping for `WIN32` remains useful to discover Windows-specific code.

Also:

- extend `checksrc` to ensure we're not using `WIN32` anymore.

- apply minor formatting here and there.

- delete unnecessary checks for `!MSDOS` when `_WIN32` is present.

Co-authored-by: Jay Satiro
Reviewed-by: Daniel Stenberg

Closes #12376

show more ...

checksrc: disallow spaces before labels

Out of 415 labels throughout the code base, 86 of those labels were
not at the start of the line. Which means labels always at the start of
th

checksrc: disallow spaces before labels

Out of 415 labels throughout the code base, 86 of those labels were
not at the start of the line. Which means labels always at the start of
the line is the favoured style overall with 329 instances.

Out of the 86 labels not at the start of the line:
* 75 were indented with the same indentation level of the following line
* 8 were indented with exactly one space
* 2 were indented with one fewer indentation level then the following
line
* 1 was indented with the indentation level of the following line minus
three space (probably unintentional)

Co-Authored-By: Viktor Szakats

Closes #11134

show more ...

src/tool_operhlp.c: fix value stored to 'uerr' is never read

Ref: https://github.com/curl/curl/pull/10974#issuecomment-1510461343
Reported-by: Viktor Szakats
Closes #10982

curl: do NOT append file name to path for upload when there's a query

Added test 425 to verify.

Reported-by: Dirk Rosenkranz
Bug: https://curl.se/mail/archive-2023-04/0008.html

curl: do NOT append file name to path for upload when there's a query

Added test 425 to verify.

Reported-by: Dirk Rosenkranz
Bug: https://curl.se/mail/archive-2023-04/0008.html
Closes #10969

show more ...

tool_operate: Fix error codes during DOS filename sanitize

It would return CURLE_URL_MALFORMAT in an OOM condition.

Closes #10414

tool_operate: Fix error codes on bad URL & OOM

curl would erroneously report CURLE_OUT_OF_MEMORY in some cases instead
of CURLE_URL_MALFORMAT. In other cases, it would erroneously return

tool_operate: Fix error codes on bad URL & OOM

curl would erroneously report CURLE_OUT_OF_MEMORY in some cases instead
of CURLE_URL_MALFORMAT. In other cases, it would erroneously return
CURLE_URL_MALFORMAT instead of CURLE_OUT_OF_MEMORY. Add a test case to
test the former condition.

Fixes #10130
Closes #10414

show more ...

copyright: update all copyright lines and remove year ranges

- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- save

copyright: update all copyright lines and remove year ranges

- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING

checksrc is updated to allow non-year using copyright statements

Closes #10205

show more ...

tool_operate: more transfer cleanup after parallel transfer fail

In some circumstances when doing parallel transfers, the
single_transfer_cleanup() would not be called and then 'inglob'

tool_operate: more transfer cleanup after parallel transfer fail

In some circumstances when doing parallel transfers, the
single_transfer_cleanup() would not be called and then 'inglob' could
leak.

Test 496 verifies

Reported-by: Trail of Bits
Closes #9749

show more ...

curl/get_url_file_name: use libcurl URL parser

To avoid URL tricks, use the URL parser for this.

This update changes curl's behavior slightly in that it will ignore the
possible

curl/get_url_file_name: use libcurl URL parser

To avoid URL tricks, use the URL parser for this.

This update changes curl's behavior slightly in that it will ignore the
possible query part from the URL and only use the file name from the
actual path from the URL. I consider it a bugfix.

"curl -O localhost/name?giveme-giveme" will now save the output in the
local file named 'name'

Updated test 1210 to verify

Assisted-by: Jay Satiro

Closes #9684

show more ...

curl/add_file_name_to_url: use the libcurl URL parser

instead of the custom error-prone parser, to extract and update the path
of the given URL

Closes #9683

copyright: make repository REUSE compliant

Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the

copyright: make repository REUSE compliant

Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.

This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.

Closes #8869

show more ...

lib: remove support for CURL_DOES_CONVERSIONS

TPF was the only user and support for that was dropped.

Closes #8378

metalink: remove

Warning: this will make existing curl command lines that use metalink to
stop working.

Reasons for removal:

1. We've found several security problems an

metalink: remove

Warning: this will make existing curl command lines that use metalink to
stop working.

Reasons for removal:

1. We've found several security problems and issues involving the
metalink support in curl. The issues are not detailed here. When
working on those, it become apparent to the team that several of the
problems are due to the system design, metalink library API and what
the metalink RFC says. They are very hard to fix on the curl side
only.

2. The metalink usage with curl was only very briefly documented and was
not following the "normal" curl usage pattern in several ways, making
it surprising and non-intuitive which could lead to further security
issues.

3. The metalink library was last updated 6 years ago and wasn't so
active the years before that either. An unmaintained library means
there's a security problem waiting to happen. This is probably reason
enough.

4. Metalink requires an XML parsing library, which is complex code (even
the smaller alternatives) and to this day often gets security
updates.

5. Metalink is not a widely used curl feature. In the 2020 curl user
survey, only 1.4% of the responders said that they'd are using it. In
2021 that number was 1.2%. Searching the web also show very few
traces of it being used, even with other tools.

6. The torrent format and associated technology clearly won for
downloading large files from multiple sources in parallel.

Cloes #7176

show more ...

curl.se: new home

Closes #6172

tool_operhlp: Copyright year out of date, should be 2020

Follow-up from 2bc373740a3

curl: avoid using strlen for testing if a string is empty

Closes #4873

curl: improved cleanup in upload error path

Memory leak found by torture test 58

Closes #4705