alt-svc: add protocol version selection masking

So that users can mask in/out specific HTTP versions when Alt-Svc is
used.

- Removed "h2c" and updated test case accordingly

alt-svc: add protocol version selection masking

So that users can mask in/out specific HTTP versions when Alt-Svc is
used.

- Removed "h2c" and updated test case accordingly
- Changed how the altsvc struct is laid out
- Added ifdefs to make the unittest run even in a quiche-tree

Closes #4201

show more ...

http3: fix the HTTP/3 in the request, make alt-svc set right versions

Closes #4200

alt-svc: send Alt-Used: in redirected requests

RFC 7838 section 5:

When using an alternative service, clients SHOULD include an Alt-Used
header field in all requests.

alt-svc: send Alt-Used: in redirected requests

RFC 7838 section 5:

When using an alternative service, clients SHOULD include an Alt-Used
header field in all requests.

Removed CURLALTSVC_ALTUSED again (feature is still EXPERIMENTAL thus
this is deemed ok).

You can disable sending this header just like you disable any other HTTP
header in libcurl.

Closes #4199

show more ...

CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly

Even though it cannot fall-back to a lower HTTP version automatically. The
safer way to upgrade remains via CURLOPT_ALTS

CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly

Even though it cannot fall-back to a lower HTTP version automatically. The
safer way to upgrade remains via CURLOPT_ALTSVC.

CURLOPT_H3 no longer has any bits that do anything and might be removed
before we remove the experimental label.

Updated the curl tool accordingly to use "--http3".

Closes #4197

show more ...

docs/ALTSVC: remove what works and the experimental explanation

Also, put the TODO items at the bottom.

Closes #4198

docs/EXPERIMENTAL: explain what it means and what's experimental now

curl: make use of CURLINFO_RETRY_AFTER when retrying

If a Retry-After: header was used in the response, that value overrides
other retry timing options.

Fixes #3794
Closes #

curl: make use of CURLINFO_RETRY_AFTER when retrying

If a Retry-After: header was used in the response, that value overrides
other retry timing options.

Fixes #3794
Closes #4195

show more ...

curl: use CURLINFO_PROTOCOL to check for HTTP(s)

... instead of CURLINFO_EFFECTIVE_URL to avoid string operations.

CURLINFO_RETRY_AFTER: parse the Retry-After header value

This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new

CURLINFO_RETRY_AFTER: parse the Retry-After header value

This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new tests for the
parser.

Ref: #3794

show more ...

docs/ALTSVC.md: first basic file format description

curl: have -w's 'http_version' show '3' for HTTP/3

Closes #4196

curl.h: add CURL_HTTP_VERSION_3 to the version enum

It can't be set for CURLOPT_HTTP_VERSION, but it can be extracted with
CURLINFO_HTTP_VERSION.

quiche: make use of the connection timeout API properly

quiche: make POSTFIELDS posts work

quiche: improved error handling and memory cleanups

quiche: flush egress in h3_stream_recv() too

RELEASE-NOTES: synced

os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid().

Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit

os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid().

Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186

show more ...

tests: Fix the line endings for the SASL alt-auth tests

- Change data and protocol sections to CRLF line endings.

Prior to this change the tests would fail or hang, which is because

tests: Fix the line endings for the SASL alt-auth tests

- Change data and protocol sections to CRLF line endings.

Prior to this change the tests would fail or hang, which is because
certain sections such as protocol require CRLF line endings.

Follow-up to grandparent commit which added the tests.

Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186

show more ...

examples: Added SASL PLAIN authorisation identity (authzid) examples

Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit

examples: Added SASL PLAIN authorisation identity (authzid) examples

Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186

show more ...

curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool

Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This com

curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool

Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186

show more ...

sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID

Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in

sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID

Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixes #3653
Closes #3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186

show more ...

docs/HTTP3: refreshed as it is now in master and HTTP/3 can be tested

mesalink: implement client authentication

Closes #4184

curl_multi_poll: a sister to curl_multi_wait() that waits more

Repeatedly we see problems where using curl_multi_wait() is difficult or
just awkward because if it has no file descriptor

curl_multi_poll: a sister to curl_multi_wait() that waits more

Repeatedly we see problems where using curl_multi_wait() is difficult or
just awkward because if it has no file descriptor to wait for
internally, it returns immediately and leaves it to the caller to wait
for a small amount of time in order to avoid occasional busy-looping.

This is often missed or misunderstood, leading to underperforming
applications.

This change introduces curl_multi_poll() as a replacement drop-in
function that accepts the exact same set of arguments. This function
works identically to curl_multi_wait() - EXCEPT - for the case when
there's nothing to wait for internally, as then this function will by
itself wait for a "suitable" short time before it returns. This
effectiely avoids all risks of busy-looping and should also make it less
likely that apps "over-wait".

This also changes the curl tool to use this funtion internally when
doing parallel transfers and changes curl_easy_perform() to use it
internally.

Closes #4163

show more ...