CURLOPT_HEADERFUNCTION.md: do not modify the passed in buffer

Closes #15148

asyn-ares: remove typecast, fix expire

- Use the appropriate variable type for the curlx_tvtoms() return code:
timediff_t and remove the typecast.

- Simplify the function and

asyn-ares: remove typecast, fix expire

- Use the appropriate variable type for the curlx_tvtoms() return code:
timediff_t and remove the typecast.

- Simplify the function and avoid the odd expire adjustment that
probably is a rest from ancient days when the expire function did not
handle zero millisecond timeouts.

Closes #15145

show more ...

cmake: add missed variable to comment [ci skip]

Follow-up to 9f56bb608ecfbb8978c6cb72a04d9e8b23162d82 #14681

test1915: add tracing and connect timeout

Since we see Windows fails of 1915, add tracing and a connect timeout.
The test uses a port no one is supposed to listen on, but Windows has

test1915: add tracing and connect timeout

Since we see Windows fails of 1915, add tracing and a connect timeout.
The test uses a port no one is supposed to listen on, but Windows has
this weird wait logic. So, set a short timeout.

Closes #15107

show more ...

urlapi: normalize the IPv6 address

As the parsing and address "regeneration" are done anyway, we might as
well use the updated version in the result and thereby A) get a
normalized (

urlapi: normalize the IPv6 address

As the parsing and address "regeneration" are done anyway, we might as
well use the updated version in the result and thereby A) get a
normalized (and lower cased) version of the address and B) avoid a
strcpy().

Updated test 1560 to verify.

Closes #15143

show more ...

tests/valgrind.supp: remove a travis suppression, add a Debian

We have not used Travis for years. The Debian one appears on my dev
machine since a while back.

Closes #15142

openssl quic: populate x509 store before handshake

Since OpenSSL does its own send/recv internally, we may miss the moment
to populate the x509 store right before the server response. Do

openssl quic: populate x509 store before handshake

Since OpenSSL does its own send/recv internally, we may miss the moment
to populate the x509 store right before the server response. Do it
instead before we start the handshake, at the loss of the time to set
this up.

Closes #15137

show more ...

pytest: improve pytest_07_42a reliability

Due to timings on paused response receive, the error code may vary due
to the location where it is detected that the server closed the transfer

pytest: improve pytest_07_42a reliability

Due to timings on paused response receive, the error code may vary due
to the location where it is detected that the server closed the transfer
prematurely.

Be more lenient in always allowing PARTIAL_FILE as ok.

Closes #15138

show more ...

test1515: add tracing and more debug info

Test failed on some Windows CI and log files did not really
tell why. Add more output.

Closes #15140

GHA/curl-for-win: tidy up `DOCKER_CONTENT_TRUST`

Follow-up to 08d13c0e46ab535b04c4099d6c51d51f7c288b6c
Closes #15141

bufq: unwrite fix

`Curl_bufq_unwrite()` used the head instead of the tail chunk to shrink
the bufq's content. Fix this and add test case that checks correct
behaviour.

Amend

bufq: unwrite fix

`Curl_bufq_unwrite()` used the head instead of the tail chunk to shrink
the bufq's content. Fix this and add test case that checks correct
behaviour.

Amended test 2601 accordingly.

Reported-by: Chris Stubbs
Closes #15136

show more ...

GHA/curl-for-win: re-enable image verification for debian:bookworm-slim

Follow-up to a35f223cd8b29739dab7e8490674093c4024191d

GHA/windows: add workaround for upstream vcpkg issue

Fixes:
```
error: https://github.com/google/brotli/archive/v1.1.0.tar.gz: WinHttpSendRequest failed with exit code 10106
```

GHA/windows: add workaround for upstream vcpkg issue

Fixes:
```
error: https://github.com/google/brotli/archive/v1.1.0.tar.gz: WinHttpSendRequest failed with exit code 10106
```

Apply workaround:
https://github.com/microsoft/vcpkg/issues/41199#issuecomment-2378255699

Bug commit: https://github.com/microsoft/vcpkg-tool/commit/d3fc35774f86782f356ef0f9352ba857fa57302e#diff-33cf7c311a76d4a838f91b078c2f8cbc984557379f7b345a268ec6deb665a91eR666-R675
Fix commit: https://github.com/microsoft/vcpkg-tool/commit/3122da72b1e4bf98bfc3d51937e6ad6cc4292cdf
Fix PR: https://github.com/microsoft/vcpkg-tool/pull/1501

Fixes #15128
Reported-by: Viktor Szakats
Closes #15133

show more ...

GHA/curl-for-win: disable `DOCKER_CONTENT_TRUST`

As a workaround for the latest Debian image missing the necessary keys:
```
No signatures for debian:testing-20240926-slim

A

GHA/curl-for-win: disable `DOCKER_CONTENT_TRUST`

As a workaround for the latest Debian image missing the necessary keys:
```
No signatures for debian:testing-20240926-slim

Administrative keys for debian:testing-20240926-slim

Repository Key: 5717dcd81d9fb5b73aa15f2d887a6a0de543829ab9b2d411acce9219c2f8ba3a
Root Key: 575d013f89e3cbbb19e0fb06aa33566c22718318e0c9ffb1ab5cc4291e07bf84
No valid trust data for testing-20240926-slim
```
https://github.com/curl/curl/actions/runs/11067644862/job/30752034560?pr=15065

Ref: https://github.com/curl/curl-for-win/commit/0ad1ad511bcbfbad8935685f7c130b281e66f7f4

show more ...

DEPRECATE: remove hyper in January 2025

Previously this document stated we would do it after February, but now
it will be done already for the first January 2025 release.

The re

DEPRECATE: remove hyper in January 2025

Previously this document stated we would do it after February, but now
it will be done already for the first January 2025 release.

The reason being that since we decided to deprecate hyper, the
degradation speed has increased as now no one bothers to fix issues in
the hyper side of things. Also: not a single soul has yet spoken up in
favor of keeping the support.

Closes #15135

show more ...

RELEASE-NOTES: synced

lib: use bool/TRUE/FALSE properly

booleans should use the type 'bool' and set the value to TRUE/FALSE

non-booleans should not be 'bool' and should not set the value to
TRUE/FALS

lib: use bool/TRUE/FALSE properly

booleans should use the type 'bool' and set the value to TRUE/FALSE

non-booleans should not be 'bool' and should not set the value to
TRUE/FALSE

Closes #15123

show more ...

wolfssl: add proper colon separator

Follow-up to 6fd5a9777acb720e1ac872478151e8b1

Fixes #15132
Reported-by: Viktor Szakats
Closes #15134

vtls: convert Curl_pin_peer_pubkey to use dynbuf

Closes #15126

vtls: convert pubkey_pem_to_der to use dynbuf

... instead of malloc and "manual" buffer stuffing

Closes #15126

tests: let openssl generate random cert serials

Generate the certificate serial numbers automatically instead of doing
from shell (or Perl earlier).

Fixes intermittent CI failur

tests: let openssl generate random cert serials

Generate the certificate serial numbers automatically instead of doing
from shell (or Perl earlier).

Fixes intermittent CI failures due to the shell-based random generator
generating the same serial number twice:
```
$ openssl ca -config EdelCurlRoot-ca.cnf -revoke Server-localhost0h-sv.crt
Using configuration from EdelCurlRoot-ca.cnf
ERROR:Already revoked, serial number 66FDB23A
make: *** [../../../tests/certs/Server-localhost0h-sv.pem] Error 1
```
https://github.com/curl/curl/actions/runs/11151401083/job/30994755798?pr=15128#step:10:498

Follow-up to fa461b4eff52b413f88debf543b5350a6cef4724 #14486
Follow-up to fa69b41c7790fab86fd363242c81d8ef2e89e183 #13307
Closes #15129

show more ...

GHA/linux: fix wolfSSL version in cache key

This needs the version in the GHA context, so move those back
from external file `VERSIONS`.

Also move back `VERSIONS` content in it

GHA/linux: fix wolfSSL version in cache key

This needs the version in the GHA context, so move those back
from external file `VERSIONS`.

Also move back `VERSIONS` content in it previous place to
`.circleci/config.yml`. Update renovate config.

Renovate bot should keep updating the wolfSSL version, but from now on
not in one, but two files.

Follow-up to 820afa2b7cb33a0daaca5b61e8755546b46136d5 #15030
Follow-up to 73a36021207284ad2b4340ffde34a51b0ba4d47a
Closes #15130

show more ...

GHA/linux: drop duplicate names from cache keys

Closes #15131

tests: simplify `pathhelp.pm`, avoid using external tools

Instead of calling the shell and external tools, rely on Perl functions
like `Cwd::getcwd()`, `Cwd::abs_path()`, `Cygwin::posix_

tests: simplify `pathhelp.pm`, avoid using external tools

Instead of calling the shell and external tools, rely on Perl functions
like `Cwd::getcwd()`, `Cwd::abs_path()`, `Cygwin::posix_to_win_path()`,
`Cygwin::win_to_posix_path()` to retrieve the current directory and
convert between POSIX and Windows formats.

This adds native Windows Perl support, avoids most failure modes and
makes format guessing and other internal functions unnecessary.

Also:
- delete unused `sys_native_path()`.
- delete redundant `normalize_path()` because Perl `abs_path()` already
does it.

Cherry-picked from #14949
Closes #15111

show more ...

wolfssl: convert malloc + memcpys to dynbuf for cipher string

Closes #15124