mlc_config.json: remove this linkcheck CI job config file

Closes #11113

ssh: Add support for libssh2 read timeout

Hook the new (1.11.0 or newer) libssh2 support for setting a read timeout
into the SERVER_RESPONSE_TIMEOUT option. With this done, clients can

ssh: Add support for libssh2 read timeout

Hook the new (1.11.0 or newer) libssh2 support for setting a read timeout
into the SERVER_RESPONSE_TIMEOUT option. With this done, clients can use
the standard curl response timeout setting to also control the time that
libssh2 will wait for packets from a slow server. This is necessary to
enable use of very slow SFTP servers.

Signed-off-by: Daniel Silverstone <daniel.silverstone@codethink.co.uk>

Closes #10965

show more ...

GIT-INFO: add --with-openssl

Closes #11110

RELEASE-NOTES: synced

md(4|5): don't use deprecated iOS functions

They are marked as deprecated in iOS 13.0, which might result in
warnings-as-errors.

Also, use `*_MIN_REQUIRED` instead of `*_MIN_ALL

md(4|5): don't use deprecated iOS functions

They are marked as deprecated in iOS 13.0, which might result in
warnings-as-errors.

Also, use `*_MIN_REQUIRED` instead of `*_MIN_ALLOWED`, which seems to
be what's currently used.

Bug: https://github.com/curl/curl/issues/11098
Closes https://github.com/curl/curl/pull/11102

show more ...

md4: only build when used

Its only usage in curl_ntlm_core.c is guarded by `USE_CURL_NTLM_CORE`,
so let's use this here too.

Ref: https://github.com/curl/curl/issues/11098
C

md4: only build when used

Its only usage in curl_ntlm_core.c is guarded by `USE_CURL_NTLM_CORE`,
so let's use this here too.

Ref: https://github.com/curl/curl/issues/11098
Closes https://github.com/curl/curl/pull/11102

show more ...

write-out.d: Use response_code in example

Closes #11107

url: fix null dispname for --connect-to option

Closes #11106

test2306: verify getting a second response with folded headers

Reproduces the isue #11101 and verifies the fix.

Verifies a17b2a503f

headers: clear (possibly) lingering pointer in init

The "prevhead" pointer is used for the headers storage but was not
cleared correctly in init, which made it possible to act up when a

headers: clear (possibly) lingering pointer in init

The "prevhead" pointer is used for the headers storage but was not
cleared correctly in init, which made it possible to act up when a
handle is reused.

Reported-by: Steve Herrell
Fixes #11101
Closes #11103

show more ...

RELEASE-NOTES: synced

ngtcp2: use 0.15.0

- nghttp3 0.11.0
- nghttp2 1.53.0

Adapt to new API calls

Closes #11031

openssl: fix indent

CURLOPT_DNS_CACHE_TIMEOUT.3: fix spelling

Follow-up to 9ed7d56e044f5aa1b29

Closes #11096

hostip: use time_t for storing oldest DNS entry

Theoretically, the oldest time could overflow an int. In practice that
won't happen, but let's do this to please analyzers.

Follo

hostip: use time_t for storing oldest DNS entry

Theoretically, the oldest time could overflow an int. In practice that
won't happen, but let's do this to please analyzers.

Follow-up to 9ed7d56e044f5aa1b2928ccde6245d0

Pointed out by Coverity.
Closes #11094

show more ...

http: free the url before storing a new copy

To avoid a memory-leak.

Reported-by: Hiroki Kurosawa

Closes #11093

compressed.d: clarify the words on "not notifying headers"

Reported-by: Dylan Anthony
Fixes #11091
Closes #11092

libssh2: free fingerprint better

Reported-by: Wei Chong Tan
Closes #11088

CURLOPT_IPRESOLVE.3: clarify that this for host names, not IP addresses

Reported-by: Harry Sintonen
Closes #11087

hostip: enforce a maximum DNS cache size independent of timeout value

To reduce the damage an application can cause if using -1 or other
ridiculous timeout values and letting the cache l

hostip: enforce a maximum DNS cache size independent of timeout value

To reduce the damage an application can cause if using -1 or other
ridiculous timeout values and letting the cache live long times.

The maximum number of entries in the DNS cache is now totally
arbitrarily and hard-coded set to 29999.

Closes #11084

show more ...

hostip: store dns timeout as 'int'

... because it set and held as an 'int' elsewhere and can never be
larger.

RELEASE-NOTES: synced

tool_operate: refuse (--data or --form) and --continue-at combo

libcurl assumes that a --continue-at resumption is done to continue an
upload using the read callback and neither --data n

tool_operate: refuse (--data or --form) and --continue-at combo

libcurl assumes that a --continue-at resumption is done to continue an
upload using the read callback and neither --data nor --form use
that and thus won't do what the user wants. Whatever the user wants
with this strange combination.

Add test 426 to verify.

Reported-by: Smackd0wn on github
Fixes #11081
Closes #11083

show more ...

transfer: refuse POSTFIELDS + RESUME_FROM combo

The code assumes that such a resume is wanting to continue an upload
using the read callback, and since POSTFIELDS is done without callbac

transfer: refuse POSTFIELDS + RESUME_FROM combo

The code assumes that such a resume is wanting to continue an upload
using the read callback, and since POSTFIELDS is done without callback
libcurl will just misbehave.

This combo will make the transfer fail with CURLE_BAD_FUNCTION_ARGUMENT
with an explanation in the error message.

Reported-by: Smackd0wn on github
Fixes #11081
Closes #11083

show more ...

ipv4.d/ipv6.d: they are "mutex", not "boolean"

... which for example means they do not have --no-* versions.

Reported-by: Harry Sintonen
Fixes #11085
Closes #11086