CURLPROXY_HTTPS2: for HTTPS proxy that may speak HTTP/2

Setting this proxy type allows curl to negotiate and use HTTP/2 with
HTTPS proxies.

Closes #10900

write-out.d: add missing periods

Closes #10897

http2: remove check for !data after it was already dereferenced

Pointed out by Coverity

Closes #10906

http_proxy: provide missing arg to infof() call

Pointed out by Coverity

Closes #10904

content_encoding: only do tranfer-encoding compression if asked to

To reduce surprises. Update test 387 and 418 accordingly.

Closes #10899

sws: comparison of unsigned expression < 0 is always false

Follow-up to 356dd0b73a75ed6d5

Closes #10903

lib/cmake: add HAVE_WRITABLE_ARGV check

Assisted-by: Jakub Zakrzewski
Closes #10896

configure: don't set HAVE_WRITABLE_ARGV on Windows

Ref: #10888
Closes #10896

vtls: fix build error when proxy-disabled

Closes #10901

tests: increase sws timeout for more robust testing

- for https CONNECT forwarding, this was fixed at 5 seconds
which led to spurious CI test failures
- add --keepalive parameter t

tests: increase sws timeout for more robust testing

- for https CONNECT forwarding, this was fixed at 5 seconds
which led to spurious CI test failures
- add --keepalive parameter to sws to control this
- let httpserver use 30 seconds

Closes #10898

show more ...

http2: move HTTP/2 stream vars into local context

- remove NGHTTP2 members of `struct HTTP`
- add `void *h2_ctx` to `struct HTTP`
- add `void *h3_ctx` to `struct HTTP`
- separate

http2: move HTTP/2 stream vars into local context

- remove NGHTTP2 members of `struct HTTP`
- add `void *h2_ctx` to `struct HTTP`
- add `void *h3_ctx` to `struct HTTP`
- separate h2/h3 pointers are needed for eyeballing
- manage local stream_ctx in http implementations

Closes #10877

show more ...

proxy: http2 proxy tunnel implementation

- currently only on debug build and when env variable
CURL_PROXY_TUNNEL_H2 is present.
- will ALPN negotiate with the proxy server and swit

proxy: http2 proxy tunnel implementation

- currently only on debug build and when env variable
CURL_PROXY_TUNNEL_H2 is present.
- will ALPN negotiate with the proxy server and switch
tunnel filter based on the protocol negotiated.
- http/1.1 tunnel code moved into cf-h1-proxy.[ch]
- http/2 tunnel code implemented in cf-h2-proxy.[ch]
- tunnel start and ALPN set remains in http_proxy.c
- moving all haproxy related code into cf-haproxy.[ch]

VTLS changes
- SSL filters rely solely on the "alpn" specification they
are created with and no longer check conn->bits.tls_enable_alpn.
- checks on which ALPN specification to use (or none at all) are
done in vtls.c when creating the filter.

Testing
- added a nghttpx forward proxy to the pytest setup that
speaks HTTP/2 and forwards all requests to the Apache httpd
forward proxy server.
- extending test coverage in test_10 cases
- adding proxy tests for direct/tunnel h1/h2 use of basic auth.
- adding test for http/1.1 and h2 proxy tunneling to pytest

Closes #10780

show more ...

vtls and h2 improvements

- eliminate receive loop in vtls to fill buffer. This may
lead to partial reads of data which is counter productive
- let http2 instead loop smarter to pro

vtls and h2 improvements

- eliminate receive loop in vtls to fill buffer. This may
lead to partial reads of data which is counter productive
- let http2 instead loop smarter to process pending network
data without transfer switches

scorecard improvements
- do not start caddy when only httpd is requested
- allow curl -v to stderr file on --curl-verbose

Closes #10891

show more ...

tests: 1078 1288 1297 use valid IPv4 addresses

With the enhanced URL parser, these tests failed because of their bad
IPv4 use.

urlapi: detect and error on illegal IPv4 addresses

Using bad numbers in an IPv4 numerical address now returns
CURLUE_BAD_HOSTNAME.

I noticed while working on trurl and it was or

urlapi: detect and error on illegal IPv4 addresses

Using bad numbers in an IPv4 numerical address now returns
CURLUE_BAD_HOSTNAME.

I noticed while working on trurl and it was originally reported here:
https://github.com/curl/trurl/issues/78

Updated test 1560 accordingly.

Closes #10894

show more ...

RELEASE-NOTES: synced

urlapi: URL encoding for the URL missed the fragment

Meaning that it would wrongly still store the fragment using spaces
instead of %20 if allowing space while also asking for URL encodi

urlapi: URL encoding for the URL missed the fragment

Meaning that it would wrongly still store the fragment using spaces
instead of %20 if allowing space while also asking for URL encoding.

Discovered when playing with trurl.

Added test to lib1560 to verify the fix.

Closes #10887

show more ...

rtsp: convert mallocs to dynbuf for RTP buffering

Closes #10786

tool_writeout: add URL component variables

Output specific components from the used URL. The following variables
are added for this purpose:

url.scheme, url.user, url.password

tool_writeout: add URL component variables

Output specific components from the used URL. The following variables
are added for this purpose:

url.scheme, url.user, url.password, url.options, url.host, url.port,
url.path, url.query, url.fragment, url.zoneid

Add the following for outputting parts of the "effective URL":

urle.scheme, urle.user, urle.password, urle.options, urle.host, urle.port,
urle.path, urle.query, urle.fragment, urle.zoneid

Added test 423 and 424 to verify.

Closes #10853

show more ...

tests/http: improved httpd detection

- better error messages when not found/complete
- handling of `--without-test-httpd`

Reported-by: kwind on github
Fixes #10879
Close

tests/http: improved httpd detection

- better error messages when not found/complete
- handling of `--without-test-httpd`

Reported-by: kwind on github
Fixes #10879
Closes #10883

show more ...

configure: make quiche require quiche_conn_send_ack_eliciting

curl now requires quiche version >= 1.17.1 to be used and this function
was added in this version and makes a convenient che

configure: make quiche require quiche_conn_send_ack_eliciting

curl now requires quiche version >= 1.17.1 to be used and this function
was added in this version and makes a convenient check.

This requirement is because this is the lowest quiche version that
supports peer-initiated key updates correctly.

Closes #10886

show more ...

unit tests: use the unit test infrastructure better

Allow UNITTEST_STOP to return the error code, use the fail & abort
macros to indicate test failure and return success instead of fail

unit tests: use the unit test infrastructure better

Allow UNITTEST_STOP to return the error code, use the fail & abort
macros to indicate test failure and return success instead of fail if
the unit test can't test anything because of missing features at
compile-time. A couple of tests could never fail because they were
overriding the failure return code.

show more ...

runtests: strip EOL on precheck output on Windows, too

Precheck failures would show on two lines in the test summary output
otherwise.

tests: move server config files under the pid dir

These files are generated by the test servers and must therefore be
found in the log directory to make them available to only those serv

tests: move server config files under the pid dir

These files are generated by the test servers and must therefore be
found in the log directory to make them available to only those servers
once multiple test runners are executing in parallel. They must also not
be deleted with the log files, so they are stored in the pidfile
directory.

Ref: #10818
Closes #10875

show more ...

runtests: use the ssh key filenames from the sshhelp package