docs: add AWS HTTP v4 Signature

curl.se: new home

Closes #6172

hsts: add read/write callbacks

- read/write callback options
- man pages for the 4 new setopts
- test 1915 verifies the callbacks

Closes #5896

hsts: add support for Strict-Transport-Security

- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION

hsts: add support for Strict-Transport-Security

- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION_HSTS bit
- curl_version_info support
- curl -V output
- curl-config --features
- CURLOPT_HSTS_CTRL
- man page for CURLOPT_HSTS_CTRL
- curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl)
- man page for --hsts
- save cache to disk
- load cache from disk
- CURLOPT_HSTS
- man page for CURLOPT_HSTS
- added docs/HSTS.md
- fixed --version docs
- adjusted curl_easy_duphandle

Closes #5896

show more ...

tls: add CURLOPT_SSL_EC_CURVES and --curves

Closes #5892

CURLE_PROXY: new error code

Failures clearly returned from a (SOCKS) proxy now causes this return
code. Previously the situation was not very clear as what would be
returned and when

CURLE_PROXY: new error code

Failures clearly returned from a (SOCKS) proxy now causes this return
code. Previously the situation was not very clear as what would be
returned and when.

In addition: when this error code is returned, an application can use
CURLINFO_PROXY_ERROR to query libcurl for the detailed error, which then
returns a value from the new 'CURLproxycode' enum.

Closes #5770

show more ...

CURLINFO_EFFECTIVE_METHOD: added

Provide the HTTP method that was used on the latest request, which might
be relevant for users when there was one or more redirects involved.

Cl

CURLINFO_EFFECTIVE_METHOD: added

Provide the HTTP method that was used on the latest request, which might
be relevant for users when there was one or more redirects involved.

Closes #5511

show more ...

setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency

Closes #5431

setopt: support certificate options in memory with struct curl_blob

This change introduces a generic way to provide binary data in setopt
options, called BLOBs.

This change intr

setopt: support certificate options in memory with struct curl_blob

This change introduces a generic way to provide binary data in setopt
options, called BLOBs.

This change introduces these new setopts:

CURLOPT_ISSUERCERT_BLOB, CURLOPT_PROXY_SSLCERT_BLOB,
CURLOPT_PROXY_SSLKEY_BLOB, CURLOPT_SSLCERT_BLOB and CURLOPT_SSLKEY_BLOB.

Reviewed-by: Daniel Stenberg
Closes #5357

show more ...

copyright: fix out-of-date copyright ranges and missing headers

Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyrigh

copyright: fix out-of-date copyright ranges and missing headers

Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.

Removed three (mostly usesless) README files from docs/

Closes #5141

show more ...

smtp: Allow RCPT TO command to fail for some recipients

Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.

Verified with the new tests 3002-3007

Closes #4816

CURLMOPT_MAX_CONCURRENT_STREAMS: new setopt

Closes #4410

CURLOPT_H3: removed

There's no use for this anymore and it was never in a release.

Closes #4206

CURLINFO_RETRY_AFTER: parse the Retry-After header value

This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new

CURLINFO_RETRY_AFTER: parse the Retry-After header value

This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new tests for the
parser.

Ref: #3794

show more ...

sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID

Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in

sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID

Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixes #3653
Closes #3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186

show more ...

HTTP3: initial (experimental) support

USe configure --with-ngtcp2 or --with-quiche

Using either option will enable a HTTP3 build.
Co-authored-by: Alessandro Ghedini <alessandro@

HTTP3: initial (experimental) support

USe configure --with-ngtcp2 or --with-quiche

Using either option will enable a HTTP3 build.
Co-authored-by: Alessandro Ghedini <alessandro@ghedini.me>

Closes #3500

show more ...

Revert all SASL authzid (new feature) commits

- Revert all commits related to the SASL authzid feature since the next
release will be a patch release, 7.65.1.

Prior to this ch

Revert all SASL authzid (new feature) commits

- Revert all commits related to the SASL authzid feature since the next
release will be a patch release, 7.65.1.

Prior to this change CURLOPT_SASL_AUTHZID / --sasl-authzid was destined
for the next release, assuming it would be a feature release 7.66.0.
However instead the next release will be a patch release, 7.65.1 and
will not contain any new features.

After the patch release after the reverted commits can be restored by
using cherry-pick:

git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690

Details for all reverted commits:

Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()."

This reverts commit 0edf6907ae37e2020722e6f61229d8ec64095b0a.

Revert "tests: Fix the line endings for the SASL alt-auth tests"

This reverts commit c2a8d52a1356a722ff9f4aeb983cd4eaf80ef221.

Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples"

This reverts commit 8c1cc369d0c7163c6dcc91fd38edfea1f509ae75.

Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool"

This reverts commit a9499ff136d89987af885e2d7dff0a066a3e5817.

Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID"

This reverts commit a14d72ca2fec5d4eb5a043936e4f7ce08015c177.

show more ...

sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID

Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in

sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID

Added the ability for the calling program to specify the authorisation
identity (authzid), the identity to act as, in addition to the
authentication identity (authcid) and password when using SASL PLAIN
authentication.

Fixed #3653
Closes #3790

show more ...

CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse

... and disconnect too old ones instead of trying to reuse.

Default max age is set to 118 seconds.

Ref: #372

CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse

... and disconnect too old ones instead of trying to reuse.

Default max age is set to 118 seconds.

Ref: #3722
Closes #3782

show more ...

alt-svc: the libcurl bits

http: added options for allowing HTTP/0.9 responses

Added CURLOPT_HTTP09_ALLOWED and --http0.9 for this purpose.

For now, both the tool and library allow HTTP/0.9 by default.
do

http: added options for allowing HTTP/0.9 responses

Added CURLOPT_HTTP09_ALLOWED and --http0.9 for this purpose.

For now, both the tool and library allow HTTP/0.9 by default.
docs/DEPRECATE.md lays out the plan for when to reverse that default: 6
months after the 7.64.0 release. The options are added already now so
that applications/scripts can start using them already now.

Fixes #2873
Closes #3383

show more ...

http: Implement trailing headers for chunked transfers

This adds the CURLOPT_TRAILERDATA and CURLOPT_TRAILERFUNCTION
options that allow a callback based approach to sending trailing head

http: Implement trailing headers for chunked transfers

This adds the CURLOPT_TRAILERDATA and CURLOPT_TRAILERFUNCTION
options that allow a callback based approach to sending trailing headers
with chunked transfers.

The test server (sws) was updated to take into account the detection of the
end of transfer in the case of trailing headers presence.

Test 1591 checks that trailing headers can be sent using libcurl.

Closes #3350

show more ...

setopt: add CURLOPT_CURLU

Allows an application to pass in a pre-parsed URL via a URL handle.

Closes #3227

curl_easy_upkeep: removed 'conn' from the name

... including the associated option.

Fixes #2951
Closes #2952

upkeep: add a connection upkeep API: curl_easy_conn_upkeep()

Add functionality so that protocols can do custom keepalive on their
connections, when an external API function is called.

upkeep: add a connection upkeep API: curl_easy_conn_upkeep()

Add functionality so that protocols can do custom keepalive on their
connections, when an external API function is called.

Add docs for the new options in 7.62.0

Closes #1641

show more ...