Makefile.mk: delete redundant `HAVE_LDAP_SSL` macro [ci skip]

Since abebb2b8939c6b3e0f951eb2d9ec3729b569aa2c, we set this macro for
all Windows `wldap32` builds using `Makefile.mk`.

Makefile.mk: delete redundant `HAVE_LDAP_SSL` macro [ci skip]

Since abebb2b8939c6b3e0f951eb2d9ec3729b569aa2c, we set this macro for
all Windows `wldap32` builds using `Makefile.mk`.

For OpenLDAP builds this macro is not enough to enable LDAPS, and
OpenLDAP is not an option in `Makefile.mk`. For Novell LDAP it might
have helped, but it's also not an option anymore in `Makefile.mk`.

The future for LDAPS is that we should enable it by default without
extra build knobs.

Reviewed-by: Marcel Raad
Closes #10681

show more ...

cmake: skip CA-path/bundle auto-detection in cross-builds

Also remove issue from KNOWN_BUGS.

Reported-by: Cristian Morales Vega
Reviewed-by: Marcel Raad
Fixes #6178
Clos

cmake: skip CA-path/bundle auto-detection in cross-builds

Also remove issue from KNOWN_BUGS.

Reported-by: Cristian Morales Vega
Reviewed-by: Marcel Raad
Fixes #6178
Closes #10676

show more ...

schannel: loop over the algos to pick the selected one

Avoid using the funny macro and the extra buffer copy.

Closes #10647

wildcard: remove files and move functions into ftplistparser.c

ftp: allocate the wildcard struct on demand

The feature is rarely used so this frees up data for the vast majority
of easy handles that don't use it.

Rename "protdata" to "ftpwc

ftp: allocate the wildcard struct on demand

The feature is rarely used so this frees up data for the vast majority
of easy handles that don't use it.

Rename "protdata" to "ftpwc" since it is always an FTP wildcard struct
pointer. Made the state struct field an unsigned char to save space.

Closes #10639

show more ...

lib1560: test parsing URLs with ridiculously large fields

In the order of 120K.

Closes #10665

urlapi: parse IPv6 literals without ENABLE_IPV6

This makes the URL parser API stable and working the same way
independently of libcurl supporting IPv6 transfers or not.

Closes #

urlapi: parse IPv6 literals without ENABLE_IPV6

This makes the URL parser API stable and working the same way
independently of libcurl supporting IPv6 transfers or not.

Closes #10660

show more ...

build: drop the use of XC_AMEND_DISTCLEAN

Because automake used to delete depdirs at once (.deps) and there was an issue
with portability, curl's XC_AMEND_DISTCLEAN greps the Makefiles i

build: drop the use of XC_AMEND_DISTCLEAN

Because automake used to delete depdirs at once (.deps) and there was an issue
with portability, curl's XC_AMEND_DISTCLEAN greps the Makefiles in an attempt
to build a list of all depfiles and delete them individually instead.

Since commit 08849db866b44510f6b8fd49e313c91a43a3dfd3, automake switched from
deleting directories to individual files. curl's custom logic now finds a lot
more results with the grep (the filtering of these results isn't great), which
causes a massive bloating of the Makefile in the order of O(n^2).

Also remove now-unused XC_AMEND_DISTCLEAN macro group

References: https://github.com/curl/curl/issues/9843
References: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=59288

Reported-by: Ilmari Lauhakangas
Fixes #9843
Closes #10661

show more ...

test1470: test socks proxy using unix sockets and connect to https

Similar to test1468 except using https instead of http

Closes #10662

test1960: verify CURL_SOCKOPT_ALREADY_CONNECTED

When returned from the CURLOPT_SOCKOPTFUNCTION, like when we have a
custom socket connected in the app, passed in to libcurl.

Ver

test1960: verify CURL_SOCKOPT_ALREADY_CONNECTED

When returned from the CURLOPT_SOCKOPTFUNCTION, like when we have a
custom socket connected in the app, passed in to libcurl.

Verifies the fix in #10648

Closes #10651

show more ...

tests: rename tests/tests-httpd to tests/http

- httpd is only one server we test with
- the suite coveres the HTTP protocol in general where
the default test cases need a more b

tests: rename tests/tests-httpd to tests/http

- httpd is only one server we test with
- the suite coveres the HTTP protocol in general where
the default test cases need a more beefy environment

Closes #10654

show more ...

socket: detect "dead" connections better, e.g. not fit for reuse

- refs #10646 where reuse was attempted on closed connections in the
cache, leading to an exhaustion of retries on a tr

socket: detect "dead" connections better, e.g. not fit for reuse

- refs #10646 where reuse was attempted on closed connections in the
cache, leading to an exhaustion of retries on a transfer
- the mistake was that poll events like POLLHUP, POLLERR, etc
were regarded as "not dead".
- change cf-socket filter check to regard such events as inidication
of corpsiness.
- vtls filter checks: fixed interpretation of backend check result
when inconclusive to interrogate status further down the filter
chain.

Reported-by: SendSonS on github
Fixes #10646
Closes #10652

show more ...

lib: give source files cf-http.* better fitting names

Closes #10656

http2: fix code indent

Closes https://github.com/curl/curl/pull/10655

cf-socket: if socket is already connected, return CURLE_OK

In 7.87.0, if callback method for CURLOPT_SOCKOPTFUNCTION returns
CURL_SOCKOPT_ALREADY_CONNECTED then curl library used to retu

cf-socket: if socket is already connected, return CURLE_OK

In 7.87.0, if callback method for CURLOPT_SOCKOPTFUNCTION returns
CURL_SOCKOPT_ALREADY_CONNECTED then curl library used to return
CURLE_OK. n 7.88.0, now even if callback returns
CURL_SOCKOPT_ALREADY_CONNECTED, curl library still tries to connect to
socket by invoking method do_connect().

This is regression caused by commit
https://github.com/curl/curl/commit/71b7e0161032927cdfb

Fix: Check if we are already connected and return CURLE_OK.

Fixes #10626
Closes #10648

show more ...

DYNBUF.md: note Curl_dyn_add* calls Curl_dyn_free on failure

This is the existing behavior and it has been widely assumed in the
codebase.

Closes https://github.com/curl/curl/pu

DYNBUF.md: note Curl_dyn_add* calls Curl_dyn_free on failure

This is the existing behavior and it has been widely assumed in the
codebase.

Closes https://github.com/curl/curl/pull/10645

show more ...

http2: fix upload busy loop

- Set KEEP_SEND_PAUSE when exhausting remote HTTP/2 window size of a
stream.

- Clear KEEP_SEND_PAUSE when receiving HTTP/2 window updates on a paus

http2: fix upload busy loop

- Set KEEP_SEND_PAUSE when exhausting remote HTTP/2 window size of a
stream.

- Clear KEEP_SEND_PAUSE when receiving HTTP/2 window updates on a paused
stream.

- Also fix http2 send compiler warnings reported in #10449.

Prior to this change, starting in 71b7e016 which precedes 7.88.0,
libcurl may eat CPU during HTTP/2 upload.

Reported-by: Jay Satiro

Fixes https://github.com/curl/curl/issues/10449
Fixes https://github.com/curl/curl/issues/10618
Closes https://github.com/curl/curl/pull/10627

show more ...

sectransp: make read_cert() use a dynbuf when loading

Closes #10632

transfer: limit Windows SO_SNDBUF updates to once a second

- Change readwrite_upload() to call win_update_buffer_size() no more
than once a second to update SO_SNDBUF (send buffer limi

transfer: limit Windows SO_SNDBUF updates to once a second

- Change readwrite_upload() to call win_update_buffer_size() no more
than once a second to update SO_SNDBUF (send buffer limit).

Prior to this change during an upload readwrite_upload() could call
win_update_buffer_size() anywhere from hundreds of times per second to
an extreme test case of 100k per second (which is likely due to a bug,
see #10618). In the latter case WPA profiler showed
win_update_buffer_size was the highest capture count in
readwrite_upload. In any case the calls were excessive and unnecessary.

Ref: https://github.com/curl/curl/pull/2762

Closes https://github.com/curl/curl/pull/10611

show more ...

RELEASE-NOTES: synced

http2: fix for http2-prior-knowledge when reusing connections

- refs #10634 where errors in the HTTP/2 framing layer are observed.
- the bug was that on connection reuse, the code attemp

http2: fix for http2-prior-knowledge when reusing connections

- refs #10634 where errors in the HTTP/2 framing layer are observed.
- the bug was that on connection reuse, the code attempted to switch
in yet another layer of HTTP/2 handling instead of detecting that
this was already in place.
- added pytest testcase reproducing the issue.

Reported-by: rwmjones on github
Fixes #10634
Closes #10643

show more ...

cf-socket: fix handling of remote addr for accepted tcp sockets

- do not try to determine the remote address of a listen socket. There
is none.
- Update remote address of an accept

cf-socket: fix handling of remote addr for accepted tcp sockets

- do not try to determine the remote address of a listen socket. There
is none.
- Update remote address of an accepted socket by getpeername() if
available.

Reported-by: Harry Sintonen
Fixes #10622
Closes #10642

show more ...

http: fix unix domain socket use in https connects

- when h2/h3 eyeballing was involved, unix domain socket
configurations were not honoured
- configuring --unix-socket will disabl

http: fix unix domain socket use in https connects

- when h2/h3 eyeballing was involved, unix domain socket
configurations were not honoured
- configuring --unix-socket will disable HTTP/3 as candidate for eyeballing
- combinatino of --unix-socket and --http3-only will fail during initialisation
- adding pytest test_11 to reproduce

Reported-by: Jelle van der Waa
Fixes #10633
Closes #10641

show more ...

setopt: move the CURLOPT_CHUNK_DATA pointer to the set struct

To make duphandle work etc

Closes #10635

quic/schannel: fix compiler warnings

Fixes #10603
Closes #10616