tool: fix tool_seek_cb build when SIZEOF_CURL_OFF_T > SIZEOF_OFF_T

- a variable was renamed, and some use of it wasn't. this fixes the
build.

Closes #11468

quiche: fix lookup of transfer at multi

- refs #11449 where weirdness in quiche multi connection tranfers was
observed
- fixes lookup of transfer for a quiche event to take the con

quiche: fix lookup of transfer at multi

- refs #11449 where weirdness in quiche multi connection tranfers was
observed
- fixes lookup of transfer for a quiche event to take the connection
into account
- formerly, a transfer with the same stream_id, but on another connection
could be found

Closes #11462

show more ...

RELEASE-NOTES: synced

bump to 8.2.1

ciphers.d: put URL in first column

This makes the URL turn into a link properly when "webified".

Fixes https://github.com/curl/curl-www/issues/270
Closes #11464

RELEASE-NOTES: synced

8.2.0 release

THANKS-filter: strip out "GitHub"

THANKS: add contributors from 8.2.0

RELEASE-PROCEDURE.md: adjust the release dates

quiche: fix defects found in latest coverity report

Closes #11455

quiche: avoid NULL deref in debug logging

Coverity reported "Dereference after null check"

If stream is NULL and the function exits, the logging must not deref it.

Closes #

quiche: avoid NULL deref in debug logging

Coverity reported "Dereference after null check"

If stream is NULL and the function exits, the logging must not deref it.

Closes #11454

show more ...

http2: treat initial SETTINGS as a WINDOW_UPDATE

- refs #11426 where spurious stalls on large POST requests
are reported
- the issue seems to involve the following
* first st

http2: treat initial SETTINGS as a WINDOW_UPDATE

- refs #11426 where spurious stalls on large POST requests
are reported
- the issue seems to involve the following
* first stream on connection adds up to 64KB of POST
data, which is the max default HTTP/2 stream window size
transfer is set to HOLD
* initial SETTINGS from server arrive, enlarging the stream
window. But no WINDOW_UPDATE is received.
* curl stalls
- the fix un-HOLDs a stream on receiving SETTINGS, not
relying on a WINDOW_UPDATE from lazy servers

Closes #11450

show more ...

ngtcp2: assigning timeout, but value is overwritten before used

Reported by Coverity

Closes #11453

krb5: add typecast to please Coverity

wolfssl: support setting CA certificates as blob

Closes #11445

wolfssl: detect when TLS 1.2 support is not built into wolfssl

Closes #11444

CI: bump nghttp2 from 1.55.0 to 1.55.1

Closes #11442

curl: return error when asked to use an unsupported HTTP version

When one of the following options are used but the libcurl in use does
not support it:

--http2
--http2-prior

curl: return error when asked to use an unsupported HTTP version

When one of the following options are used but the libcurl in use does
not support it:

--http2
--http2-prior-knowledge
--proxy-http2

Closes #11440

show more ...

cf-socket: don't bypass fclosesocket callback if cancelled before connect

After upgrading to 8.1.2 from 7.84.0, I found that sockets were being
closed without calling the fclosesocket ca

cf-socket: don't bypass fclosesocket callback if cancelled before connect

After upgrading to 8.1.2 from 7.84.0, I found that sockets were being
closed without calling the fclosesocket callback if a request was
cancelled after the associated socket was created, but before the socket
was connected. This lead to an imbalance of fopensocket & fclosesocket
callbacks, causing problems with a custom event loop integration using
the multi-API.

This was caused by cf_socket_close() calling sclose() directly instead
of calling socket_close() if the socket was not active. For regular TCP
client connections, the socket is activated by cf_socket_active(), which
is only called when the socket completes the connect.

As far as I can tell, this issue has existed since 7.88.0. That is,
since the code in question was introduced by:
commit 71b7e0161032927cdfb4e75ea40f65b8898b3956
Author: Stefan Eissing <stefan@eissing.org>
Date: Fri Dec 30 09:14:55 2022 +0100

lib: connect/h2/h3 refactor

Closes #11439

show more ...

tool_parsecfg: accept line lengths up to 10M

Bumped from 100K set in 47dd957daff9

Reported-by: Antoine du Hamel
Fixes #11431
Closes #11435

CI: brew fix for openssl in default path

If brew install/update links openssl into /usr/local, it will be found
before anything we add with `-isystem path` to CPP/LDLFAGS. Get rid of

CI: brew fix for openssl in default path

If brew install/update links openssl into /usr/local, it will be found
before anything we add with `-isystem path` to CPP/LDLFAGS. Get rid of
that by unlinking the keg.

Fixes #11413
Closes #11436

show more ...

RELEASE-NOTES: synced

sectransp: fix EOF handling

Regression since the large refactor from 2022

Closes #11427

checksrc: quote the file name to work with "funny" letters

Closes #11437

HTTP3.md: ngtcp2 updated to v0.17.0 and nghttp3 to v0.13.0

Follow-up to e0093b4b732f6

Closes #11433

CURLOPT_MIMEPOST.3: clarify what setting to NULL means

Follow-up to e08382a208d4e480

Closes #11430