nss: support using libnss on macOS

The file suffix for dynamically loadable objects on macOS is .dylib,
which need to be added for the module definitions in order to get the
NSS TLS

nss: support using libnss on macOS

The file suffix for dynamically loadable objects on macOS is .dylib,
which need to be added for the module definitions in order to get the
NSS TLS backend to work properly on macOS.

Closes https://github.com/curl/curl/pull/4046

show more ...

nss: don't set unused parameter

The value of the maxPTDs parameter to PR_Init() has since at least
NSPR 2.1, which was released sometime in 1998, been marked ignored
as is accordingl

nss: don't set unused parameter

The value of the maxPTDs parameter to PR_Init() has since at least
NSPR 2.1, which was released sometime in 1998, been marked ignored
as is accordingly not used in the initialization code. Setting it
to a value when calling PR_Init() is thus benign, but indicates an
intent which may be misleading. Reset the value to zero to improve
clarity.

Closes https://github.com/curl/curl/pull/4054

show more ...

nss: only cache valid CRL entries

Change the logic around such that we only keep CRLs that NSS actually
ended up caching around for later deletion. If CERT_CacheCRL() fails
then the

nss: only cache valid CRL entries

Change the logic around such that we only keep CRLs that NSS actually
ended up caching around for later deletion. If CERT_CacheCRL() fails
then there is little point in delaying the freeing of the CRL as it
is not used.

Closes https://github.com/curl/curl/pull/4053

show more ...

lib: Use UTF-8 encoding in comments

Some editors and IDEs assume that source files use UTF-8 file encodings.
It also fixes the build with MSVC when /utf-8 command line option is
used

lib: Use UTF-8 encoding in comments

Some editors and IDEs assume that source files use UTF-8 file encodings.
It also fixes the build with MSVC when /utf-8 command line option is
used (this option is mandatory for some other open-source projects, this
is useful when using the same options is desired for building all
libraries of a project).

Closes https://github.com/curl/curl/pull/4087

show more ...

CURLOPT_HEADEROPT.3: Fix example

Fix an issue where example builds a curl_slist, but fails to actually
use it, or free it.

Closes https://github.com/curl/curl/pull/4090

winbuild: Change Makefile to honor ENABLE_OPENSSL_AUTO_LOAD_CONFIG

- Made changes so that ENABLE_OPENSSL_AUTO_LOAD_CONFIG will be honored.

- Also removed some ^M chars from file.

winbuild: Change Makefile to honor ENABLE_OPENSSL_AUTO_LOAD_CONFIG

- Made changes so that ENABLE_OPENSSL_AUTO_LOAD_CONFIG will be honored.

- Also removed some ^M chars from file.

Prior to this change while building on Windows platform even if we pass
the ENABLE_OPENSSL_AUTO_LOAD_CONFIG option with value as "no" it does
not set the CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG flag.

Closes https://github.com/curl/curl/pull/4086

show more ...

doh-url.d: added in 7.62.0

docs: Fix links to OpenSSL docs

OpenSSL changed their manual locations and does not redirect to the new
locations.

Bug: https://curl.haxx.se/mail/lib-2019-06/0056.html
Repor

docs: Fix links to OpenSSL docs

OpenSSL changed their manual locations and does not redirect to the new
locations.

Bug: https://curl.haxx.se/mail/lib-2019-06/0056.html
Reported-by: Daniel Stenberg

show more ...

curl_multi_wait.3: escape backslash in example

The backslash in the character Line Feed must be escaped.

The current man-page outputs the code as following:

fprintf

curl_multi_wait.3: escape backslash in example

The backslash in the character Line Feed must be escaped.

The current man-page outputs the code as following:

fprintf(stderr, "curl_multi failed, code %d.0, mc);

The commit fixes it as follow:

fprintf(stderr, "curl_multi failed, code %d\n", mc);

Closes #4079

show more ...

openssl: disable engine if OPENSSL_NO_UI_CONSOLE is defined

... since that needs UI_OpenSSL() which isn't provided when OpenSSL is
built with OPENSSL_NO_UI_CONSOLE which happens when Ope

openssl: disable engine if OPENSSL_NO_UI_CONSOLE is defined

... since that needs UI_OpenSSL() which isn't provided when OpenSSL is
built with OPENSSL_NO_UI_CONSOLE which happens when OpenSSL is built for
UWP (with "VC-WIN32-UWP").

Reported-by: Vasily Lobaskin
Fixes #4073
Closes #4077

show more ...

test1521: adapt to SLISTPOINT

The header now has the slist-using options marked as SLISTPOINT so this
makes sure test 1521 understands that.

Follow-up to ae99b4de1c443ae989

test1521: adapt to SLISTPOINT

The header now has the slist-using options marked as SLISTPOINT so this
makes sure test 1521 understands that.

Follow-up to ae99b4de1c443ae989

Closes #4074

show more ...

win32: make DLL loading a no-op for UWP

Reported-by: Michael Brehm
Fixes #4060
Closes #4072

configure: fix typo '--disable-http-uath'

Closes #4076

docs: fix string suggesting HTTP/2 is not the default

Commit 25fd1057c9c86e3 made HTTP2 the default, and further down in the
man page that new default is mentioned, but the section at th

docs: fix string suggesting HTTP/2 is not the default

Commit 25fd1057c9c86e3 made HTTP2 the default, and further down in the
man page that new default is mentioned, but the section at the top
contradicted it until now.

Also remove claim that setting the HTTP version is not sensible.

Closes #4075

show more ...

RELEASE-NOTES: synced

tests: update fixed IP for hostip/clientip split

These tests give differences for me on linux when using a hostip
pointing to the external ip address for the local machine.

Clos

tests: update fixed IP for hostip/clientip split

These tests give differences for me on linux when using a hostip
pointing to the external ip address for the local machine.

Closes #4070

show more ...

http: clarify header buffer size calculation

The header buffer size calculation can from static analysis seem to
overlow as it performs an addition between two size_t variables and
s

http: clarify header buffer size calculation

The header buffer size calculation can from static analysis seem to
overlow as it performs an addition between two size_t variables and
stores the result in a size_t variable. Overflow is however guarded
against elsewhere since the input to the addition is regulated by
the maximum read buffer size. Clarify this with a comment since the
question was asked.

Reviewed-by: Daniel Stenberg <daniel@haxx.se>

show more ...

KNOWN_BUGS: Don't clear digest for single realm

Closes #3267

KNOWN_BUGS: Schannel disable CURLOPT_SSL_VERIFYPEER and verify hostname

Closes #3284

http2: call done_sending on end of upload

To make sure a HTTP/2 stream registers the end of stream.

Bug #4043 made me find this problem but this fix doesn't correct the
reported

http2: call done_sending on end of upload

To make sure a HTTP/2 stream registers the end of stream.

Bug #4043 made me find this problem but this fix doesn't correct the
reported issue.

Closes #4068

show more ...

c-ares: honor port numbers in CURLOPT_DNS_SERVERS

By using ares_set_servers_ports_csv on new enough c-ares.

Fixes #4066
Closes #4067

CURLMOPT_SOCKETFUNCTION.3: fix typo

curl: skip CURLOPT_PROXY_CAPATH for disabled-proxy builds

Closes #4061

test153: fix content-length to avoid occasional hang

Closes #4065

RELEASE-NOTES: synced