CI: show more failed `config.log` on Circle CI

Show last 1000 lines of `config.log` if `./configure` fails. This was
already done for one job, this patch extends it to all.

Ref:

CI: show more failed `config.log` on Circle CI

Show last 1000 lines of `config.log` if `./configure` fails. This was
already done for one job, this patch extends it to all.

Ref: #13438
Closes #13462

show more ...

telnet: check return code from fileno()

and return error if necessary

Spotted by CodeSonar

Closes #13457

tls: fix SecureTransport + BearSSL cmake unity builds

Avoid clashing static function names by namespacing them.

Pointed-out-by: Jan Venekamp
Ref: https://github.com/curl/curl/pu

tls: fix SecureTransport + BearSSL cmake unity builds

Avoid clashing static function names by namespacing them.

Pointed-out-by: Jan Venekamp
Ref: https://github.com/curl/curl/pull/13442#discussion_r1576350700
Closes #13450

show more ...

dllmain: Call OpenSSL thread cleanup for Windows and Cygwin

- Call OPENSSL_thread_stop on thread termination (DLL_THREAD_DETACH)
to prevent a memory leak in case OpenSSL is linked stat

dllmain: Call OpenSSL thread cleanup for Windows and Cygwin

- Call OPENSSL_thread_stop on thread termination (DLL_THREAD_DETACH)
to prevent a memory leak in case OpenSSL is linked statically.

- Warn in libcurl-thread.3 that if OpenSSL is linked statically then it
may require thread cleanup.

OpenSSL may need per-thread cleanup to stop a memory leak. For Windows
and Cygwin if libcurl was built as a DLL then we can do that for the
user by calling OPENSSL_thread_stop on thread termination. However, if
libcurl was built statically then we do not have notification of thread
termination and cannot do that for the user.

Also, there are several other unusual cases where it may be necessary
for the user to call OPENSSL_thread_stop, so in the libcurl-thread
warning I added a link to the OpenSSL documentation.

Co-authored-by: Viktor Szakats

Reported-by: southernedge@users.noreply.github.com
Reported-by: zmcx16@users.noreply.github.com

Ref: https://www.openssl.org/docs/man3.0/man3/OPENSSL_thread_stop.html#NOTES

Fixes https://github.com/curl/curl/issues/12327
Closes https://github.com/curl/curl/pull/12408

show more ...

rustls: remove incorrect SSLSUPP_TLS13_CIPHERSUITES flag

The rustls backend advertises SSLSUPP_TLS13_CIPHERSUITES, but
the code does not actually seem to support it (yet?). Removed
t

rustls: remove incorrect SSLSUPP_TLS13_CIPHERSUITES flag

The rustls backend advertises SSLSUPP_TLS13_CIPHERSUITES, but
the code does not actually seem to support it (yet?). Removed
the flag and corrected documentation.

Closes #13452

show more ...

quiche: expire all active transfers on connection close

- when a connection close is detected, all ongoing transfers
need to expire bc no more POLL events are likely to happen
fo

quiche: expire all active transfers on connection close

- when a connection close is detected, all ongoing transfers
need to expire bc no more POLL events are likely to happen
for them.

Fixes #13439
Reported-by: Jay Satiro
Closes #13447

show more ...

tests: fix feature case in test1481

This test was being skipped everywhere because the feature never
matched.

Closes #13445

tool_operate: don't truncate the etag save file by default

This fixes a regression of 75d79a4486b279100209ddf8c7fdb12955fb66e9. The
code in tool-operate truncated the etag save file, und

tool_operate: don't truncate the etag save file by default

This fixes a regression of 75d79a4486b279100209ddf8c7fdb12955fb66e9. The
code in tool-operate truncated the etag save file, under the assumption
that the file would be written with a new etag value. However since
75d79a4486b279100209ddf8c7fdb12955fb66e9 that might not be the case
anymore and could result in the file being truncated when --etag-compare
and --etag-save was used and that the etag value matched with what the
server responded. Instead the truncation should not be done when a new
etag value should be written.

Test 3204 was added to verify that the file with the etag value doesn't
change the contents when used by --etag-compare and --etage-save and
that value matches with what the server returns on a non 2xx response.

Closes #13432

show more ...

tests: enable test 1117 for hyper

Closes #13436

sendf: useless assignment in cr_lc_read()

Spotted by CodeSonar

Closes #13437

tool_paramhlp: remove duplicate assign

Spotted by CodeSonar

Closes #13433

transfer: remove useless assignment

in Curl_xfer_recv_resp

Spotted by CodeSonar

Closes #13435

http: acknowledge a returned error code

... and do not overwrite it with a new value that could then hide the
problem.

Spotted by CodeSonar

Closes #13434

tool_operate: init vars unconditionally in post_per_transfer

In case of (the unlikely) early return, they could otherwise remain
uninitialized

Spotted by CodeSonar

Clos

tool_operate: init vars unconditionally in post_per_transfer

In case of (the unlikely) early return, they could otherwise remain
uninitialized

Spotted by CodeSonar

Closes #13430

show more ...

RELEASE-NOTES: synced

urlapi: allow setting port number zero

Also set and check errno when strtoul() parsing numbers for better error
checking.

Updated test 1560

Closes #13427

http_aws_sigv4: remove useless assignment

This code assigned the variable the same value it already had

Spotted by CodeSonar

Closes #13426

file: remove useless assignment

This code assigned the variable the same value it already had.

Spotted by CodeSonar

Closes #13425

test2406: verify -f with HTTP/2

http2 + ngtcp2: pass CURLcode errors from callbacks

- errors returned by Curl_xfer_write_resp() and the header variant are
not errors in the protocol. The result needs to be returned o

http2 + ngtcp2: pass CURLcode errors from callbacks

- errors returned by Curl_xfer_write_resp() and the header variant are
not errors in the protocol. The result needs to be returned on the
next recv() from the protocol filter.

- make xfer write errors for response data cause the stream to be
cancelled

- added pytest test_02_14 and test_02_15 to verify that also for
parallel processing

Reported-by: Laramie Leavitt
Fixes #13411
Closes #13424

show more ...

request: make Curl_req_init return void

Since it could not return error and therefore this change removes dead
code for the caller.

Spotted by CodeSonar.

Closes #13423

multi: remove the unused Curl_preconnect function

The implementation has been removed, no point in keeping it around.

Follow-up to 476adfeac019ed

Closes #13422

Curl_creader_read: init two variables to avoid using them uninited

Spotted by CodeSonar

Closes #13419

http: reject HTTP major version switch mid connection

A connection that has seen an HTTP major version now refuses any other
major HTTP version in future responses. Previously, a HTTP/1.

http: reject HTTP major version switch mid connection

A connection that has seen an HTTP major version now refuses any other
major HTTP version in future responses. Previously, a HTTP/1.x
connection would just silently accept HTTP/2 or HTTP/3 in the status
lines as long as it had support for those built-in. It would then just
lead to confusion and badness.

Indirectly Spotted by CodeSonar which identified a duplicate assignment
in this function.

Add test 471 to verify

Closes #13421

show more ...

mqtt: when Curl_xfer_recv returns error, don't use nread

A returned error code makes other return value unreliable, and in this
case potentially uninitialized. On error, do not read othe

mqtt: when Curl_xfer_recv returns error, don't use nread

A returned error code makes other return value unreliable, and in this
case potentially uninitialized. On error, do not read other return
values like the nread counter.

Spotted by CodeSonar

Closes #13418

show more ...