NTLM: use DES_set_key_unchecked with OpenSSL

... as the previously used function DES_set_key() will in some cases
reject using a key that it deems "weak" which will cause curl to
con

NTLM: use DES_set_key_unchecked with OpenSSL

... as the previously used function DES_set_key() will in some cases
reject using a key that it deems "weak" which will cause curl to
continue using the unitialized buffer content as key instead.

Assisted-by: Harry Sintonen
Fixes #7779
Closes #7781

show more ...

CI: align make and test flags in various config files

1. Use Makefile target to run tests in autotools builds on AppVeyor.
2. Disable testing of SCP protocol on native Windows environmen

CI: align make and test flags in various config files

1. Use Makefile target to run tests in autotools builds on AppVeyor.
2. Disable testing of SCP protocol on native Windows environments.
3. Remove redundant parameters -a -p from target test-nonflaky.
4. Don't use -vc parameter which is reserved for debugging.

Replaces #7591
Closes #7690

show more ...

mailmap: unify Max!

CURLOPT_PREREQFUNCTION: add new callback

Triggered before a request is made but after a connection is set up

Changes:

- callback: Update docs and callback for pre-request c

CURLOPT_PREREQFUNCTION: add new callback

Triggered before a request is made but after a connection is set up

Changes:

- callback: Update docs and callback for pre-request callback
- Add documentation for CURLOPT_PREREQDATA and CURLOPT_PREREQFUNCTION,
- Add redirect test and callback failure test
- Note that the function may be called multiple times on a redirection
- Disable new 2086 test due to Windows weirdness

Closes #7477

show more ...

KNOWN_BUGS: HTTP/2 connections through HTTPS proxy frequently stall

Closes #6936

TODO: make configure use --cache-file more and better

Closes #7753

urlapi: support UNC paths in file: URLs on Windows

- file://host.name/path/file.txt is a valid UNC path
\\host.name\path\files.txt to a non-local file transformed into URI
(RFC 8

urlapi: support UNC paths in file: URLs on Windows

- file://host.name/path/file.txt is a valid UNC path
\\host.name\path\files.txt to a non-local file transformed into URI
(RFC 8089 Appendix E.3)

- UNC paths on other OSs must be smb: URLs

Closes #7366

show more ...

urlapi: add curl_url_strerror()

Add curl_url_strerror() to convert CURLUcode into readable string and
facilitate easier troubleshooting in programs using URL API.
Extend CURLUcode wi

urlapi: add curl_url_strerror()

Add curl_url_strerror() to convert CURLUcode into readable string and
facilitate easier troubleshooting in programs using URL API.
Extend CURLUcode with CURLU_LAST for iteration in unit tests.
Update man pages with a mention of new function.
Update example code and tests with new functionality where it fits.

Closes #7605

show more ...

RELEASE-NOTES: synced

libssh2: add SHA256 fingerprint support

Added support for SHA256 fingerprint in command line curl and in
libcurl.

Closes #7646

libcurl.rc: switch out the copyright symbol for plain ASCII

Reported-by: Vitaly Varyvdin
Assisted-by: Viktor Szakats
Fixes #7765
Closes #7776

ngtcp2: fix QUIC transport parameter version

fix inappropriate version setting for QUIC transport parameters.
this patch keeps curl with ngtcp2 uses QUIC draft version (h3-29).

ngtcp2: fix QUIC transport parameter version

fix inappropriate version setting for QUIC transport parameters.
this patch keeps curl with ngtcp2 uses QUIC draft version (h3-29).

Closes #7771

show more ...

examples/imap-append: fix end-of-data check

Reported-by: Alexander Chuykov
Fixes #7774
Closes #7775

vtls: Fix a memory leak if an SSL session cannot be added to the cache

On connection shutdown, a new TLS session ticket may arrive after the
SSL session cache has already been destructed

vtls: Fix a memory leak if an SSL session cannot be added to the cache

On connection shutdown, a new TLS session ticket may arrive after the
SSL session cache has already been destructed. In this case, the new
SSL session cannot be added to the SSL session cache.

The callers of Curl_ssl_addsessionid() need to know whether the SSL
session has been added to the cache. If it has not been added, the
reference counter of the SSL session must not be incremented, or memory
used by the SSL session must be freed. This is now possible with the new
output parameter "added" of Curl_ssl_addsessionid().

Fixes #7683
Closes #7752

show more ...

HTTP3.md: use 'autoreconf -fi' instead of buildconf

buildconf is not used since #5853

Closes #7746

GIT-INFO: rephrase to adapt to s/buildconf/autoreconf

llist: remove redundant code, branch will not be executed

Closes #7770

HTTP-COOKIES.md: remove duplicate 'each'

Closes #7772

libssh2: Get the version at runtime if possible

Previously this code used a compile time constant, meaning that libcurl
always reported the libssh2 version that libcurl was built with. T

libssh2: Get the version at runtime if possible

Previously this code used a compile time constant, meaning that libcurl
always reported the libssh2 version that libcurl was built with. This
could differ from the libssh2 version actually being used. The new code
uses the CURL_LIBSSH2_VERSION macro, which is defined in ssh.h. The
macro calls the libssh2_version function if it is available, otherwise
it falls back to the compile time version.

Closes https://github.com/curl/curl/pull/7768

show more ...

schannel: fix typo

Closes https://github.com/curl/curl/pull/7769

cmake: with OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED

To avoid the "... is deprecated" warnings brought by OpenSSL v3.
(We need to address the underlying code at some point of course.)

cmake: with OpenSSL, define OPENSSL_SUPPRESS_DEPRECATED

To avoid the "... is deprecated" warnings brought by OpenSSL v3.
(We need to address the underlying code at some point of course.)

Assisted-by: Jakub Zakrzewski
Closes #7767

show more ...

curl-openssl: pass argument to sed single-quoted

... instead of using an escaped double-quote. This is an attempt to make
this work better with ksh that otherwise would insist on a doubl

curl-openssl: pass argument to sed single-quoted

... instead of using an escaped double-quote. This is an attempt to make
this work better with ksh that otherwise would insist on a double
escape!

Reported-by: Randall S. Becker
Fixes #7758
Closes #7764

show more ...

RELEASE-NOTES: synced

Bumped curlver to 7.80.0-dev

misc: fix typos in docs and comments

No user facing output from curl/libcurl is changed by this, just
comments.

Closes #7747

ci: update Lift config to match requirements of curl build

Also renamed Muse -> Lift, the new tool name.

Closes #7761