build: fix builds that disable protocols but not digest auth

- Build base64 functions if digest auth is not disabled.

Prior to this change if some protocols were disabled but not di

build: fix builds that disable protocols but not digest auth

- Build base64 functions if digest auth is not disabled.

Prior to this change if some protocols were disabled but not digest auth
then a build error would occur due to missing base64 functions.

Fixes https://github.com/curl/curl/issues/12440
Closes https://github.com/curl/curl/pull/12442

show more ...

connect: reduce number of transportation providers

Use only the ones necessary - the ones that are built-in. Saves a few
bytes in the resulting code.

Closes #12438

vtls: consistently use typedef names for OpenSSL structs

The foo_st names don't appear in OpenSSL public API documentation. The
FOO typedefs are more common. This header was already refe

vtls: consistently use typedef names for OpenSSL structs

The foo_st names don't appear in OpenSSL public API documentation. The
FOO typedefs are more common. This header was already referencing
SSL_CTX via <openssl/ssl.h>. There is a comment about avoiding
<openssl/x509v3.h>, but OpenSSL actually declares all the typedefs in
<openssl/ossl_typ.h>, which is already included by <openssl/ssl.h> (and
every other OpenSSL header), so just use that. Though I've included it
just to be explicit.

(I'm also fairly sure including <openssl/ssl.h> already triggers the
Schannel conflicts anyway. The comment was probably just out of date.)

Closes #12439

show more ...

libcurl-security.3: fix typo

Fixed minimal typo.

Closes #12437

ngtcp2: fix races in stream handling

- fix cases where ngtcp2 invokes callbacks on streams that
nghttp3 has already forgotten. Ignore the NGHTTP3_ERR_STREAM_NOT_FOUND
in these ca

ngtcp2: fix races in stream handling

- fix cases where ngtcp2 invokes callbacks on streams that
nghttp3 has already forgotten. Ignore the NGHTTP3_ERR_STREAM_NOT_FOUND
in these cases as it is normal behaviour.

Closes #12435

show more ...

tool_writeout_json: fix JSON encoding of non-ascii bytes

char variables if unspecified can be either signed or unsigned depending
on the platform according to the C standard; in most pla

tool_writeout_json: fix JSON encoding of non-ascii bytes

char variables if unspecified can be either signed or unsigned depending
on the platform according to the C standard; in most platforms, they are
signed.

This meant that the *i<32 waas always true for bytes with the top bit
set. So they were always getting encoded as \uXXXX, and then since they
were also signed negative, they were getting extended with 1s causing
'\xe2' to be expanded to \uffffffe2, for example:

$ curl --variable 'v=“' --expand-write-out '{{v:json}}\n' file:///dev/null
\uffffffe2\uffffff80\uffffff9c

I fixed this bug by making the code use explicitly unsigned char*
variables instead of char* variables.

Test 268 verifies

Reported-by: iconoclasthero
Closes #12434

show more ...

cf-socket: TCP trace output local address used in connect

Closes #12427

CURLINFO_PRETRANSFER_TIME_T.3: fix time explanation

- Change CURLINFO_PRETRANSFER_TIME_T explanation to say that it
includes protocol-specific instructions that trigger a transfer.

CURLINFO_PRETRANSFER_TIME_T.3: fix time explanation

- Change CURLINFO_PRETRANSFER_TIME_T explanation to say that it
includes protocol-specific instructions that trigger a transfer.

Prior to this change it explicitly said that it did not include those
instructions in the time, but that is incorrect.

The change is a copy of the fixed explanation already in
CURLINFO_PRETRANSFER_TIME, fixed by ec8dcd7b.

Reported-by: eeverettrbx@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/12431
Closes https://github.com/curl/curl/pull/12432

show more ...

multi: during ratelimit multi_getsock should return no sockets

... as there is nothing to wait for then, it just waits. Otherwise, this
causes much more CPU work and updates than necessa

multi: during ratelimit multi_getsock should return no sockets

... as there is nothing to wait for then, it just waits. Otherwise, this
causes much more CPU work and updates than necessary during ratelimit
periods.

Ref: https://curl.se/mail/lib-2023-11/0056.html
Closes #12430

show more ...

transfer: abort pause send when connection is marked for closing

This handles cases of some bi-directional "upgrade" scenarios
(i.e. WebSockets) where sending is paused until some "upgra

transfer: abort pause send when connection is marked for closing

This handles cases of some bi-directional "upgrade" scenarios
(i.e. WebSockets) where sending is paused until some "upgrade" handshake
is completed, but server rejects the handshake and closes the
connection.

Closes #12428

show more ...

RELEASE-NOTES: synced

openssl: when a session-ID is reused, skip OCSP stapling

Fixes #12399
Reported-by: Alexey Larikov
Closes #12418

test1545: test doing curl_formadd twice with missing file

Reproduces #12410
Verifies the fix
Closes #12421

Curl_http_body: cleanup properly when Curl_getformdata errors

Reported-by: yushicheng7788 on github
Based-on-work-by: yushicheng7788 on github
Fixes #12410
Closes #12421

test1477: verify that libcurl-errors.3 and public headers are synced

The script errorcodes.pl extracts all error codes from all headers and
checks that they are all documented, then chec

test1477: verify that libcurl-errors.3 and public headers are synced

The script errorcodes.pl extracts all error codes from all headers and
checks that they are all documented, then checks that all documented
error codes are also specified in a header file.

Closes #12424

show more ...

libcurl-errors.3: sync with current public headers

Closes #12424

test459: fix for parallel runs

- change warniing message to work better with varying filename
length.
- adapt test output check to new formatting

Follow-up to 97ccc4479f77

test459: fix for parallel runs

- change warniing message to work better with varying filename
length.
- adapt test output check to new formatting

Follow-up to 97ccc4479f77ba3191c6
Closes #12423

show more ...

tool_cb_prg: make the carriage return fit for wide progress bars

When the progress bar was made max width (256 columns), the fly()
function attempted to generate its output buffer too lo

tool_cb_prg: make the carriage return fit for wide progress bars

When the progress bar was made max width (256 columns), the fly()
function attempted to generate its output buffer too long so that the
trailing carriage return would not fit and then the output would show
wrongly. The fly function is called when the expected total transfer is
unknown, which could be one or more progress calls before the actual
progress meter get shown when the expected transfer size is provided.

This new take also replaces the msnprintf() call with a much simpler
memset() for speed.

Reported-by: Tim Hill
Fixes #12407
Closes #12415

show more ...

tool_parsecfg: make warning output propose double-quoting

When the config file parser detects a word that *probably* should be
quoted, mention double-quotes as a possible remedy.

tool_parsecfg: make warning output propose double-quoting

When the config file parser detects a word that *probably* should be
quoted, mention double-quotes as a possible remedy.

Test 459 verifies.

Proposed-by: Jiehong on github
Fixes #12409
Closes #12412

show more ...

curl.rc: switch out the copyright symbol for plain ASCII

.. like we already do for libcurl.rc.

libcurl.rc copyright symbol used to cause a "non-ascii 8-bit codepoint"
warning so

curl.rc: switch out the copyright symbol for plain ASCII

.. like we already do for libcurl.rc.

libcurl.rc copyright symbol used to cause a "non-ascii 8-bit codepoint"
warning so it was switched to ascii.

Ref: https://github.com/curl/curl/commit/1ca62bb5#commitcomment-133474972

Suggested-by: Robert Southee

Closes https://github.com/curl/curl/pull/12403

show more ...

conncache: use the closure handle when disconnecting surplus connections

Use the closure handle for disconnecting connection cache entries so
that anything that happens during the discon

conncache: use the closure handle when disconnecting surplus connections

Use the closure handle for disconnecting connection cache entries so
that anything that happens during the disconnect is not stored and
associated with the 'data' handle which already just finished a transfer
and it is important that details from the unrelated disconnect does not
taint meta-data in the data handle.

Like storing the response code.

This also adjust test 1506. Unfortunately it also removes a key part of
the test that verifies that a connection is closed since when this
output vanishes (because the closure handle is used), we don't know
exactly that the connection actually gets closed in this test...

Reported-by: ohyeaah on github
Fixes #12367
Closes #12405

show more ...

RELEASE-NOTES: synced

quic: make eyeballers connect retries stop at weird replies

- when a connect immediately goes into DRAINING state, do
not attempt retries in the QUIC connection filter. Instead,

quic: make eyeballers connect retries stop at weird replies

- when a connect immediately goes into DRAINING state, do
not attempt retries in the QUIC connection filter. Instead,
return CURLE_WEIRD_SERVER_REPLY
- When eyeballing, interpret CURLE_WEIRD_SERVER_REPLY as an
inconclusive answer. When all addresses have been attempted,
rewind the address list once on an inconclusive answer.
- refs #11832 where connects were retried indefinitely until
the overall timeout fired

Closes #12400

show more ...

CI: verify libcurl function SYNPOSIS sections

With the .github/scripits/verify-synopsis.pl script

Closes #12402

docs/libcurl: SYNSOPSIS cleanup

- use the correct include file
- make sure they are declared as in the header file
- fix minor nroff syntax mistakes (missing .fi)

These are

docs/libcurl: SYNSOPSIS cleanup

- use the correct include file
- make sure they are declared as in the header file
- fix minor nroff syntax mistakes (missing .fi)

These are verified by verify-synopsis.pl, which extracts the SYNPOSIS
code and runs it through gcc.

Closes #12402

show more ...