curl: add support for the IPFS protocols:

- ipfs://<cid>
- ipns://<cid>

This allows you tu use ipfs in curl like:
curl ipfs://<cid>
and
curl ipns://<cid>

Fo

curl: add support for the IPFS protocols:

- ipfs://<cid>
- ipns://<cid>

This allows you tu use ipfs in curl like:
curl ipfs://<cid>
and
curl ipns://<cid>

For more information consult the readme at:
https://curl.se/docs/ipfs.html

Closes #8805

show more ...

test3103: CURLOPT_COOKIELIST test

test498: total header size for all redirects is larger than accepted

schannel: fix ordering of cert chain info

- Use CERT_CONTEXT's pbCertEncoded to determine chain order.

CERT_CONTEXT from SECPKG_ATTR_REMOTE_CERT_CONTEXT contains
end-entity/serv

schannel: fix ordering of cert chain info

- Use CERT_CONTEXT's pbCertEncoded to determine chain order.

CERT_CONTEXT from SECPKG_ATTR_REMOTE_CERT_CONTEXT contains
end-entity/server certificate in pbCertEncoded. We can use this pointer
to determine the order of certificates when enumerating hCertStore using
CertEnumCertificatesInStore.

This change is to help ensure that the ordering of the certificate chain
requested by the user via CURLINFO_CERTINFO has the same ordering on all
versions of Windows.

Prior to this change Schannel certificate order was reversed in 8986df80
but that was later reverted in f540a39b when it was discovered that
Windows 11 22H2 does the reversal on its own.

Ref: https://github.com/curl/curl/issues/9706

Closes https://github.com/curl/curl/pull/11632

show more ...

test439: verify query canonization for aws-sigv4

lib: fix aws-sigv4 having date header twice in some cases

When the user was providing the header X-XXX-Date, the header was
re-added during signature computation, and we had it twice in

lib: fix aws-sigv4 having date header twice in some cases

When the user was providing the header X-XXX-Date, the header was
re-added during signature computation, and we had it twice in the
request.

Reported-by: apparentorder@users.noreply.github.com

Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>

Fixes: https://github.com/curl/curl/issues/11738
Closes: https://github.com/curl/curl/pull/11754

show more ...

tool: change some fopen failures from warnings to errors

- Error on missing input file for --data, --data-binary,
--data-urlencode, --header, --variable, --write-out.

Prior to

tool: change some fopen failures from warnings to errors

- Error on missing input file for --data, --data-binary,
--data-urlencode, --header, --variable, --write-out.

Prior to this change if a user of the curl tool specified an input file
for one of the above options and that file could not be opened then it
would be treated as zero length data instead of an error. For example, a
POST using `--data @filenametypo` would cause a zero length POST which
is probably not what the user intended.

Closes https://github.com/curl/curl/pull/11677

show more ...

altsvc: accept and parse IPv6 addresses in response headers

Store numerical IPv6 addresses in the alt-svc file with the brackets
present.

Verify with test 437 and 438

F

altsvc: accept and parse IPv6 addresses in response headers

Store numerical IPv6 addresses in the alt-svc file with the brackets
present.

Verify with test 437 and 438

Fixes #11737
Reported-by: oliverpool on github
Closes #11743

show more ...

http: close the connection after a late 417 is received

In this situation, only part of the data has been sent before aborting
so the connection is no longer usable.

Assisted-by

http: close the connection after a late 417 is received

In this situation, only part of the data has been sent before aborting
so the connection is no longer usable.

Assisted-by: Jay Satiro
Fixes #11678
Closes #11679

show more ...

test687/688: two more basic --xattr tests

Closes #11697

tool/var: also error when expansion result starts with NUL

Expansions whose output starts with NUL were being expanded to the empty
string, and not being recognised as values that contai

tool/var: also error when expansion result starts with NUL

Expansions whose output starts with NUL were being expanded to the empty
string, and not being recognised as values that contain a NUL byte, and
should error.

Closes #11694

show more ...

test1554: check translatable string options in OS400 wrapper

This test runs a perl script that checks all string options are properly
translated by the OS400 character code conversion wr

test1554: check translatable string options in OS400 wrapper

This test runs a perl script that checks all string options are properly
translated by the OS400 character code conversion wrapper. It also
verifies these options are listed in alphanumeric order in the wrapper
switch statement.

Closes #11650

show more ...

headers: accept leading whitespaces on first response header

This is a bad header fold but since the popular browsers accept this
violation, so does curl now. Unless built with hyper.

headers: accept leading whitespaces on first response header

This is a bad header fold but since the popular browsers accept this
violation, so does curl now. Unless built with hyper.

Add test 1473 to verify and adjust test 2306.

Reported-by: junsik on github
Fixes #11605
Closes #11607

show more ...

test497: verify rejecting too large incoming headers

tests: ensure `libcurl.def` contains all exports

Add `test1279` to verify that `libcurl.def` lists all exported API
functions found in libcurl headers.

Also:

- extend t

tests: ensure `libcurl.def` contains all exports

Add `test1279` to verify that `libcurl.def` lists all exported API
functions found in libcurl headers.

Also:

- extend test suite XML `stdout` tag with the `loadfile` attribute.

- fix `tests/extern-scan.pl` and `test1135` to include websocket API.

- use all headers (sorted) in `test1135` instead of a manual list.

- add options `--sort`, `--heading=` to `tests/extern-scan.pl`.

- add `libcurl.def` to the auto-labeler GHA task.

Follow-up to 2ebc74c36a19a1700af394c16855ce144d9878e3

Closes #11570

show more ...

curl: make %output{} in -w specify a file to write to

It can be used multiple times. Use %output{>>name} to append.

Add docs. Test 990 and 991 verify.

Idea: #11400
Sugg

curl: make %output{} in -w specify a file to write to

It can be used multiple times. Use %output{>>name} to append.

Add docs. Test 990 and 991 verify.

Idea: #11400
Suggested-by: ed0d2b2ce19451f2
Closes #11416

show more ...

tool: add "variable" support

Add support for command line variables. Set variables with --variable
name=content or --variable name@file (where "file" can be stdin if set
to a single

tool: add "variable" support

Add support for command line variables. Set variables with --variable
name=content or --variable name@file (where "file" can be stdin if set
to a single dash (-)).

Variable content is expanded in option parameters using "{{name}}"
(without the quotes) if the option name is prefixed with
"--expand-". This gets the contents of the variable "name" inserted, or
a blank if the name does not exist as a variable. Insert "{{" verbatim
in the string by prefixing it with a backslash, like "\\{{".

Import an environment variable with --variable %name. It makes curl exit
with an error if the environment variable is not set. It can also rather
get a default value if the variable does not exist, using =content or
@file like shown above.

Example: get the USER environment variable into the URL:

--variable %USER
--expand-url = "https://example.com/api/{{USER}}/method"

When expanding variables, curl supports a set of functions that can make
the variable contents more convenient to use. It can trim leading and
trailing white space with "trim", output the contents as a JSON quoted
string with "json", URL encode it with "url" and base 64 encode it with
"b64". To apply functions to a variable expansion, add them colon
separated to the right side of the variable. They are then performed in
a left to right order.

Example: get the contents of a file called $HOME/.secret into a variable
called "fix". Make sure that the content is trimmed and percent-encoded
sent as POST data:

--variable %HOME=/home/default
--expand-variable fix@{{HOME}}/.secret
--expand-data "{{fix:trim:url}}"
https://example.com/

Documented. Many new test cases.

Co-brainstormed-by: Emanuele Torre
Assisted-by: Jat Satiro
Closes #11346

show more ...

test979: test -u with redirect to (the same) absolute host

Verifies #11492

transfer: clear credentials when redirecting to absolute URL

Make sure the user and password for the second request is taken from the
redirected-to URL.

Add test case 899 to ver

transfer: clear credentials when redirecting to absolute URL

Make sure the user and password for the second request is taken from the
redirected-to URL.

Add test case 899 to verify.

Reported-by: James Lucas
Fixes #11410
Closes #11412

show more ...

http2: fix crash in handling stream weights

- Delay the priority handling until the stream has been opened.

- Add test2404 to reproduce and verify.

Weights may change "on t

http2: fix crash in handling stream weights

- Delay the priority handling until the stream has been opened.

- Add test2404 to reproduce and verify.

Weights may change "on the run", which is why there are checks in
general egress handling. These must not trigger when the stream has not
been opened yet.

Reported-by: jbgoog@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/11379
Closes https://github.com/curl/curl/pull/11384

show more ...

imap: Provide method to disable SASL if it is advertised

- Implement AUTH=+LOGIN for CURLOPT_LOGIN_OPTIONS to prefer plaintext
LOGIN over SASL auth.

Prior to this change there

imap: Provide method to disable SASL if it is advertised

- Implement AUTH=+LOGIN for CURLOPT_LOGIN_OPTIONS to prefer plaintext
LOGIN over SASL auth.

Prior to this change there was no method to be able to fall back to
LOGIN if an IMAP server advertises SASL capabilities. However, this may
be desirable for e.g. a misconfigured server.

Per: https://www.ietf.org/rfc/rfc5092.html#section-3.2

";AUTH=<enc-auth-type>" looks to be the correct way to specify what
authenication method to use, regardless of SASL or not.

Closes https://github.com/curl/curl/pull/10041

show more ...

test427: verify sending more cookies than fit in a 8190 bytes line

curl will then only populate the header with cookies that fit, dropping
ones that otherwise would have been sent

test427: verify sending more cookies than fit in a 8190 bytes line

curl will then only populate the header with cookies that fit, dropping
ones that otherwise would have been sent

Ref: https://curl.se/mail/lib-2023-06/0020.html

Closes #11303

show more ...

haproxy: add --haproxy-clientip flag to spoof client IPs

CURLOPT_HAPROXY_CLIENT_IP in the library

Closes #10779

test447: test PUTting a file that grows

... and have curl trim the end when it reaches the expected total amount
of bytes instead of over-sending.

Reported-by: JustAnotherArchiv

test447: test PUTting a file that grows

... and have curl trim the end when it reaches the expected total amount
of bytes instead of over-sending.

Reported-by: JustAnotherArchivist on github
Closes #11223

show more ...

test2306: verify getting a second response with folded headers

Reproduces the isue #11101 and verifies the fix.

Verifies a17b2a503f