docs/libcurl/curl_getdate.3: minor whitespace edit

To avoid a fccp quirk that made it render wrongly on the website

transfer: break the read loop when RECV is cleared

When the RECV bit is cleared because the response reading for this
transfer is complete, the read loop should be stopped. data_pending(

transfer: break the read loop when RECV is cleared

When the RECV bit is cleared because the response reading for this
transfer is complete, the read loop should be stopped. data_pending()
can otherwise still return TRUE and another read would be attempted.

Reported-by: Hide Ishikawa
Fixes #10172
Closes #10174

show more ...

multihandle: turn bool struct fields into bits

Closes #10179

ftpserver: lower the normal DATA connect timeout to speed up torture tests

- tests/ftpserver.pl blocks when expecting a DATA connection from the
client.

- the previous 10 seco

ftpserver: lower the normal DATA connect timeout to speed up torture tests

- tests/ftpserver.pl blocks when expecting a DATA connection from the
client.

- the previous 10 seconds were encountered repeatedly in torture tests
and let to long waits.

- 2 seconds should still be sufficient for current hw, but CI will show.

Closes #10178

show more ...

msh3: add support for request payload

Closes #10136

openssl: remove attached easy handles from SSL instances

- keeping the "current" easy handle registered at SSL* is no longer
necessary, since the "calling" data object is already sto

openssl: remove attached easy handles from SSL instances

- keeping the "current" easy handle registered at SSL* is no longer
necessary, since the "calling" data object is already stored in the
cfilter's context (and used by other SSL backends from there).
- The "detach" of an easy handle that goes out of scope is then avoided.
- using SSL_set0_wbio for clear reference counting where available.

Closes #10151

show more ...

socketpair: allow localhost MITM sniffers

Windows allow programs to MITM connections to localhost. The previous
check here would detect that and error out. This new method writes data

socketpair: allow localhost MITM sniffers

Windows allow programs to MITM connections to localhost. The previous
check here would detect that and error out. This new method writes data
to verify the pipe thus allowing MITM.

Reported-by: SerusDev on github
Fixes #10144
Closes #10169

show more ...

HTTP3: mention what needs to be in place to remove EXPERIMENTAL label

Closes #10168

MANUAL.md: add pipe to apt-key example

Closes #10170

test417: verify %{certs} output

runtests: make 'mbedtls' a testable feature

Also add to FILEFORMAT.md

writeout: add %{certs} and %{num_certs}

Let users get the server certificate chain using the command line

Closes #10019

haxproxy: send before TLS handhshake

- reverse order of haproxy and final ssl cfilter

- make haproxy avaiable on PROXY builds, independent of HTTP support as
it can be used wi

haxproxy: send before TLS handhshake

- reverse order of haproxy and final ssl cfilter

- make haproxy avaiable on PROXY builds, independent of HTTP support as
it can be used with any protocol.

Reported-by: Sergio-IME on github
Fixes #10165
Closes #10167

show more ...

RELEASE-NOTES: synced

test446: verify hsts with two URLs

runtests: support crlf="yes" for verify/proxy

hsts: handle adding the same host name again

It will then use the largest expire time of the two entries.

tool_operate: share HSTS between handles

share: add sharing of HSTS cache among handles

Closes #10138

Makefile.mk: fix wolfssl and mbedtls default paths

Fix the defaults for `WOLFSSL_PATH` and `MBEDTLS_PATH` to have
meaningful values instead of the copy-pasted wrong ones.

Ref: h

Makefile.mk: fix wolfssl and mbedtls default paths

Fix the defaults for `WOLFSSL_PATH` and `MBEDTLS_PATH` to have
meaningful values instead of the copy-pasted wrong ones.

Ref: https://github.com/curl/curl/commit/66e68ca47f7fd00dff2cb7c45ba6725d40099585#r94275172

Reported-by: Ryan Schmidt
Closes #10164

show more ...

INTERNALS: cleanup

- remove "operating systems" (mostly outdated)

- upodate the "build tools"

Closes #10162

cmake: bump requirement to 3.7

Because this is the cmake version (released in November 2016) that
introduced GREATER_EQUAL, which is used already.

Reported-by: nick-telia on git

cmake: bump requirement to 3.7

Because this is the cmake version (released in November 2016) that
introduced GREATER_EQUAL, which is used already.

Reported-by: nick-telia on github
Fixes #10128
Closes #10161

show more ...

cfilters:Curl_conn_get_select_socks: use the first non-connected filter

When there are filters addded for both socket and SSL, the code
previously checked the SSL sockets during connect

cfilters:Curl_conn_get_select_socks: use the first non-connected filter

When there are filters addded for both socket and SSL, the code
previously checked the SSL sockets during connect when it *should* first
check the socket layer until that has connected.

Fixes #10157
Fixes #10146
Closes #10160

Reviewed-by: Stefan Eissing

show more ...

urlapi: add CURLU_PUNYCODE

Allows curl_url_get() get the punycode version of host names for the
host name and URL parts.

Extend test 1560 to verify.

Closes #10109

RELEASE-NOTES: synced