curl: set CURLOPT_NEW_FILE_PERMS if requested

The --create-file-mode code logic accepted the value but never actually
passed it on to libcurl!

Follow-up to a7696c73436f (shipped

curl: set CURLOPT_NEW_FILE_PERMS if requested

The --create-file-mode code logic accepted the value but never actually
passed it on to libcurl!

Follow-up to a7696c73436f (shipped in 7.75.0)
Reported-by: Johannes Lesr
Fixes #6657
Closes #6666

show more ...

tool_operate: check argc before accessing argv[1]

Follow-up to 09363500b
Reported-by: Emil Engler
Reviewed-by: Daniel Gustafsson
Closes #6668

openssl: remove get_ssl_version_txt in favor of SSL_get_version

openssl: use SSL_get_version to get connection protocol

Replace our bespoke get_ssl_version_txt in favor of SSL_get_v

openssl: remove get_ssl_version_txt in favor of SSL_get_version

openssl: use SSL_get_version to get connection protocol

Replace our bespoke get_ssl_version_txt in favor of SSL_get_version.
We can get rid of few lines of code, since SSL_get_version achieve
the exact same thing

Closes #6665
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Signed-off-by: Jean-Philippe Menil <jpmenil@gmail.com>

show more ...

gnutls: Fix nettle discovery

Commit e06fa7462ac258c removed support for libgcrypt leaving only
support for nettle which has been the default crypto library in
GnuTLS for a long time.

gnutls: Fix nettle discovery

Commit e06fa7462ac258c removed support for libgcrypt leaving only
support for nettle which has been the default crypto library in
GnuTLS for a long time. There were however a few conditionals on
USE_GNUTLS_NETTLE which cause compilation errors in the metalink
code (as it used the gcrypt fallback instead as a result). See the
below autobuild for an example of the error:

https://curl.se/dev/log.cgi?id=20210225123226-30704#prob1

This removes all uses of USE_GNUTLS_NETTLE and also removes the
gcrypt support from the metalink code while at it.

Closes #6656
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

show more ...

cookies: Support multiple -b parameters

Previously only a single -b cookie parameter was supported with the last
one winning. This adds support for supplying multiple -b params to have

cookies: Support multiple -b parameters

Previously only a single -b cookie parameter was supported with the last
one winning. This adds support for supplying multiple -b params to have
them serialized semicolon separated. Both cookiefiles and cookies can be
entered multiple times.

Closes #6649
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

show more ...

build: remove all traces of USE_BLOCKING_SOCKETS

libcurl doesn't behave properly with the define set

Closes #6655

RELEASE-NOTES: synced

docs: Fix typos

Random typos spotted when skimming docs.

cookies: Use named parameters in header prototypes

Align header with project style of using named parameters in the
function prototypes to aid readability and self-documentation.

cookies: Use named parameters in header prototypes

Align header with project style of using named parameters in the
function prototypes to aid readability and self-documentation.

Closes #6653
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

show more ...

urldata: make 'actions[]' use unsigned char instead of int

... as it only needs a few bits per index anyway.

Reviewed-by: Daniel Gustafsson
Closes #6648

configure: fail if --with-quiche is used and quiche isn't found

Closes #6652

cmake: use CMAKE_INSTALL_INCLUDEDIR indirection

Reviewed-by: Sergei Nikulov
Closes #6440

mingw: enable using strcasecmp()

This makes the 'Features:' list sorted case-insensitively,
bringing output in-line with *nix builds.

Reviewed-by: Jay Satiro
Closes #6644

build: delete unused feature guards

- `HAVE_STRNCASECMP`
- `HAVE_TCGETATTR`
- `HAVE_TCSETATTR`

Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Closes #6645

docs: add CURLOPT_CURLU to 'See also' in curl_url_ functions

Closes https://github.com/curl/curl/pull/6639

configure: make hyper opt-in, and fail if missing

Previously, configure would look for hyper by default, and use it if
found; otherwise it would not use hyper, and not error.

No

configure: make hyper opt-in, and fail if missing

Previously, configure would look for hyper by default, and use it if
found; otherwise it would not use hyper, and not error.

Now, configure will not look for hyper unless --with-hyper is passed. If
configure looks for hyper and fails, it will error.

Also, add -ld -lpthread -lm to Hyper's libs. I think they are required.

Closes #6598

show more ...

multi: do once-per-transfer inits in before_perform in DID state

... since the state machine might go to RATELIMITING and then back to
PERFORMING doing once-per-transfer inits in that fu

multi: do once-per-transfer inits in before_perform in DID state

... since the state machine might go to RATELIMITING and then back to
PERFORMING doing once-per-transfer inits in that function is wrong and
it caused problems with receiving chunked HTTP and it set the
PRETRANSFER time much too often...

Regression from b68dc34af341805aeb7b3715 (shipped in 7.75.0)

Reported-by: Amaury Denoyelle
Fixes #6640
Closes #6641

show more ...

RELEASE-NOTES: synced

CODE_STYLE.md: fix broken link to INTERNALS

... the link would only work if browsed on GitHub, while this link now
takes the user to the website instead and thus should work on either.

CODE_STYLE.md: fix broken link to INTERNALS

... the link would only work if browsed on GitHub, while this link now
takes the user to the website instead and thus should work on either.

Reported-by: David Demelier

show more ...

curl_url_set.3: mention CURLU_PATH_AS_IS

... it has been supported since the URL API was added.

Bug: https://curl.se/mail/lib-2021-02/0046.html

Closes #6638

time: enable 64-bit time_t in supported mingw environments

(Unless 32-bit `time_t` is selected manually via the `_USE_32BIT_TIME_T`
mingw macro.)

Previously, 64-bit `time_t` was

time: enable 64-bit time_t in supported mingw environments

(Unless 32-bit `time_t` is selected manually via the `_USE_32BIT_TIME_T`
mingw macro.)

Previously, 64-bit `time_t` was enabled on VS2005 and newer only, and
32-bit `time_t` was used on all other Windows builds.

Assisted-by: Jay Satiro
Closes #6636

show more ...

test1188: Check for --fail HTTP status

- Change the test to check for curl error on HTTP 404 Not Found.

test1188 tests "--write-out with %{onerror} and %{urlnum} to stderr".
Pri

test1188: Check for --fail HTTP status

- Change the test to check for curl error on HTTP 404 Not Found.

test1188 tests "--write-out with %{onerror} and %{urlnum} to stderr".
Prior to this change it did that by specifying a non-existent host which
would cause an error. ISPs may hijack DNS and resolve non-existent hosts
so the test would not work if that was the case.

Ref: https://en.wikipedia.org/wiki/DNS_hijacking#Manipulation_by_ISPs
Ref: https://github.com/curl/curl/issues/6621
Ref: https://github.com/curl/curl/pull/6623

Closes https://github.com/curl/curl/pull/6637

show more ...

memdebug: close debug logfile explicitly on exit

- Use atexit to register a dbg cleanup function that closes the logfile.

LeakSantizier (LSAN) calls _exit() instead of exit() when a

memdebug: close debug logfile explicitly on exit

- Use atexit to register a dbg cleanup function that closes the logfile.

LeakSantizier (LSAN) calls _exit() instead of exit() when a leak is
detected on exit so the logfile must be closed explicitly or data could
be lost. Though _exit() does not call atexit handlers such as this,
LSAN's call to _exit() comes after the atexit handlers are called.

Prior to this change the logfile was not explicitly closed so it was
possible that if LSAN detected a leak and called _exit (which does
not flush or close files like exit) then the logfile could be missing
data. That could then cause curl's memanalyze to report false leaks
(eg a malloc was recorded to the logfile but the corresponding free was
discarded from the buffer instead of written to the logfile, then
memanalyze reports that as a leak).

Ref: https://github.com/google/sanitizers/issues/1374

Bug: https://github.com/curl/curl/pull/6591#issuecomment-780396541

Closes https://github.com/curl/curl/pull/6620

show more ...

curl_multibyte: always return a heap-allocated copy of string

- Change the Windows char <-> UTF-8 conversion functions to return an
allocated copy of the passed in string instead of th

curl_multibyte: always return a heap-allocated copy of string

- Change the Windows char <-> UTF-8 conversion functions to return an
allocated copy of the passed in string instead of the original.

Prior to this change the curlx_convert_ functions would, as what I
assume was an optimization, not make a copy of the passed in string if
no conversion was required. No conversion is required in non-UNICODE
Windows builds since our tchar strings are type char and remain in
whatever the passed in encoding is, which is assumed to be UTF-8 but may
be other encoding.

In contrast the UNICODE Windows builds require conversion
(wchar <-> char) and do return a copy. That inconsistency could lead to
programming errors where the developer expects a copy, and does not
realize that won't happen in all cases.

Closes https://github.com/curl/curl/pull/6602

show more ...

http: add new files missed from referrer commit

Ref: 44872aefc2d54f297caf2b0cc887df321bc9d791
Ref: #6591