wolfssl: coexist with openssl, further work

Build wolfSSL master with

./configure --prefix=/path --enable-ip-alt-name --enable-quic
--enable-earlydata --enable-psk --enable-open

wolfssl: coexist with openssl, further work

Build wolfSSL master with

./configure --prefix=/path --enable-ip-alt-name --enable-quic
--enable-earlydata --enable-psk --enable-opensslcoexist

and configure curl with openssl + wolfssl. Normal tests run.

pytest session resumption fails, as wolfssl does not handle the
new_session callback without opensslextra right now.

Closes #15481

show more ...

tidy-up: indentation in autotools sources

Indentation in `configure.ac` and `.m4` files.

Closes #14692

configure: fix indentation more

Follow-up to 0052b4b52dfbd6455a24dd95837e5236dc8e1f5d #14628

Closes #14682

configure: fix indentation

Also:
- move `then`s and an `in` inline.
- whitespace.

Closes #14628

tidy-up: adjust casing of project names

Mostly TLS/SSH project name.

Closes #14160

libcurl.pc: add `Requires.private`, `Requires` for static linking

- cmake: populate for dependencies.
- autotools: populate for dependencies.
(including mbedtls, though the script

libcurl.pc: add `Requires.private`, `Requires` for static linking

- cmake: populate for dependencies.
- autotools: populate for dependencies.
(including mbedtls, though the script does not detect
mbedtls through pkgconfig. mbedtls 3.6.0 now supports it.)

Skip dealing with gssapi in this patch.

Fixes #864
Closes #13911

show more ...

configure: when enabling QUIC, check that TLS supports QUIC

Most importantly perhaps is when using OpenSSL that the used
build/flavor has the QUIC API: the vanilla OpenSSL does not, only

configure: when enabling QUIC, check that TLS supports QUIC

Most importantly perhaps is when using OpenSSL that the used
build/flavor has the QUIC API: the vanilla OpenSSL does not, only
BoringSSL, libressl, AWS-LC and quictls do.

Ref: https://github.com/curl/curl/commit/5d044ad9480a9f556f4b6a252d7533b1ba7fe57e#r136780413

Closes #12683

show more ...

tidy-up: mostly whitespace nits

- delete completed TODO from `./CMakeLists.txt`.
- convert a C++ comment to C89 in `./CMake/CurlTests.c`.
- delete duplicate EOLs from EOF.
- add

tidy-up: mostly whitespace nits

- delete completed TODO from `./CMakeLists.txt`.
- convert a C++ comment to C89 in `./CMake/CurlTests.c`.
- delete duplicate EOLs from EOF.
- add missing EOL at EOF.
- delete whitespace at EOL (except from expected test results).
- convert tabs to spaces.
- convert CRLF EOLs to LF in GHA yaml.
- text casing fixes in `./CMakeLists.txt`.
- fix a codespell typo in `packages/OS400/initscript.sh`.

Closes #11772

show more ...

copyright: update all copyright lines and remove year ranges

- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- save

copyright: update all copyright lines and remove year ranges

- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING

checksrc is updated to allow non-year using copyright statements

Closes #10205

show more ...

tls: backends use connection filters for IO, enabling HTTPS-proxy

- OpenSSL (and compatible)
- BearSSL
- gnutls
- mbedtls
- rustls
- schannel
- secure-transpor

tls: backends use connection filters for IO, enabling HTTPS-proxy

- OpenSSL (and compatible)
- BearSSL
- gnutls
- mbedtls
- rustls
- schannel
- secure-transport
- wolfSSL (v5.0.0 and newer)

This leaves only the following without HTTPS-proxy support:
- gskit
- nss
- wolfSSL (versions earlier than v5.0.0)

Closes #9962

show more ...

curl-wolfssl.m4: error out if wolfSSL is not usable

When I explicitly declare, that I would like to have curl built with
wolfSSL support using `--with-wolfssl` configure option, then I w

curl-wolfssl.m4: error out if wolfSSL is not usable

When I explicitly declare, that I would like to have curl built with
wolfSSL support using `--with-wolfssl` configure option, then I would
expect, that either I endup with curl having that support, for example
in form of https support or it wouldn't be available at all.

Downstream projects like for example OpenWrt build curl wolfSSL variant
with `--with-wolfssl` already, but in certain corner cases it does fail:

configure:25299: checking for wolfSSL_Init in -lwolfssl
configure:25321: x86_64-openwrt-linux-musl-gcc -o conftest [snip]
In file included from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/dsa.h:33,
from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/asn_public.h:35,
from target-x86_64_musl/usr/include/wolfssl/ssl.h:35,
from conftest.c:47:
target-x86_64_musl/usr/include/wolfssl/wolfcrypt/integer.h:37:14: fatal error: wolfssl/wolfcrypt/sp_int.h: No such file or directory
#include <wolfssl/wolfcrypt/sp_int.h>
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.

and in the end thus produces curl without https support:

curl: (1) Protocol "https" not supported or disabled in libcurl

So fix it, by making the working wolfSSL mandatory and error out in
configure step when that's not the case:

checking for wolfSSL_Init in -lwolfssl... no
configure: error: --with-wolfssl but wolfSSL was not found or doesn't work

References: https://github.com/openwrt/packages/issues/19005
References: https://github.com/openwrt/packages/issues/19547
Signed-off-by: Petr Štetiar <ynezz@true.cz>

Closes #9682

show more ...

configure: introduce CURL_SIZEOF

This is a rewrite of the previously used GPLv3+exception licensed
file. With this change, there is no more reference to GPL so we can
remove that fro

configure: introduce CURL_SIZEOF

This is a rewrite of the previously used GPLv3+exception licensed
file. With this change, there is no more reference to GPL so we can
remove that from LICENSES/.

Ref: #9220
Closes #9291

show more ...

curl-wolfssl.m4: add options header when building test code

Needed for certain configurations of wolfSSL. Otherwise, missing header
error may occur.

Tested with OpenWrt.

curl-wolfssl.m4: add options header when building test code

Needed for certain configurations of wolfSSL. Otherwise, missing header
error may occur.

Tested with OpenWrt.

Closes #9187

show more ...

copyright: make repository REUSE compliant

Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the

copyright: make repository REUSE compliant

Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.

This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.

Closes #8869

show more ...

wolfSSL: explicitly use compatibility layer

This change removes adding an include `$prefix/wolfssl` or similar to
allow for openssl include aliasing. Include paths of `wolfssl/openssl/`

wolfSSL: explicitly use compatibility layer

This change removes adding an include `$prefix/wolfssl` or similar to
allow for openssl include aliasing. Include paths of `wolfssl/openssl/`
are used to explicitly use wolfSSL includes. This fixes cmake builds as
well as avoiding potentially using openSSL headers since include path
order is not guaranteed.

Closes #8864

show more ...

wolfssl: remove SSLv3 support leftovers

Closes #7088

curl-wolfssl.m4: without custom include path, assume /usr/include

... so that we can point out the root of the OpenSSL emulation headers.
Previously this used the '$includedir' variable

curl-wolfssl.m4: without custom include path, assume /usr/include

... so that we can point out the root of the OpenSSL emulation headers.
Previously this used the '$includedir' variable which is wrong since
that defaults to the dir where the current configure invoke will install
the built libcurl headers: /usr/local by default.

Fixes #7085
Reported-by: Joel Jakobsson
Closes #7087

show more ...

configure: split out each TLS library detector into its own function

... and put those functions in separate m4 files per TLS library.