url: only acknowledge fresh_reuse for non-followed transfers

... to make sure NTLM auth sticks to the connection it needs, as
verified by 2032.

Follow-up to fa0b9227616e

url: only acknowledge fresh_reuse for non-followed transfers

... to make sure NTLM auth sticks to the connection it needs, as
verified by 2032.

Follow-up to fa0b9227616e

Assisted-by: Stefan Eissing
Closes #9905

show more ...

netrc.d: provide mutext info

Reported-by: xianghongai on github
Fixes #9899
Closes #9901

cmdline-opts/page-footer: remove long option nroff formatting

As gen.pl adds them

nroff-scan.pl: detect double highlights

cmdline-opts/gen.pl: fix the linkifier

Improved logic for finding existing --options in text and replacing with
the full version with nroff syntax. This also makes the web version link

cmdline-opts/gen.pl: fix the linkifier

Improved logic for finding existing --options in text and replacing with
the full version with nroff syntax. This also makes the web version link
options better.

Reported-by: xianghongai on github
Fixes #9899
Closes #9902

show more ...

tool: use feature names instead of bit mask, when possible

If the run-time libcurl is too old to support feature names, the name
array is created locally from the bit masks. This is the

tool: use feature names instead of bit mask, when possible

If the run-time libcurl is too old to support feature names, the name
array is created locally from the bit masks. This is the only sequence
left that uses feature bit masks.

Closes #9583

show more ...

docs: curl_version_info is not thread-safe before libcurl initialization

Closes #9583

version: add a feature names array to curl_version_info_data

Field feature_names contains a null-terminated sorted array of feature
names. Bitmask field features is deprecated.

version: add a feature names array to curl_version_info_data

Field feature_names contains a null-terminated sorted array of feature
names. Bitmask field features is deprecated.

Documentation is updated. Test 1177 and tests/version-scan.pl updated to
match new documentation format and extended to check feature names too.

Closes #9583

show more ...

negtelnetserver.py: have it call its close() method

Closes #9894

ntlm: silence ubsan warning about copying from null target_info pointer.

runtime error: null pointer passed as argument 2, which is declared to
never be null

Closes #9898

RELEASE-NOTES: synced

Websocket: fixes for partial frames and buffer updates.

- buffers updated correctly when handling partial frames
- callbacks no longer invoked for incomplete payload data of 0 length

Websocket: fixes for partial frames and buffer updates.

- buffers updated correctly when handling partial frames
- callbacks no longer invoked for incomplete payload data of 0 length
- curl_ws_recv no longer returns with 0 length partial payload

Closes #9890

show more ...

tool_operate: provide better errmsg for -G with bad URL

If the URL that -G would try to add a query to could not be parsed, it would
display

curl: (27) Out of memory

I

tool_operate: provide better errmsg for -G with bad URL

If the URL that -G would try to add a query to could not be parsed, it would
display

curl: (27) Out of memory

It now instead shows:

curl: (2) Could not parse the URL, failed to set query

Reported-by: Alex Xu
Fixes #9889
Closes #9892

show more ...

vtls: fix build without proxy support

Follow-up to dafdb20a26d0c890

Closes #9895

tool_getparam: make --no-get work as the opposite of --get

... as documented.

Closes #9891

http: mark it 'this_is_a_follow' in the Location: logic

To make regular auth "reloads" to not count as redirects.

Verified by test 3101

Fixes #9885
Closes #9887

config-win32: fix SIZEOF_OFF_T for MSVC and old MinGW

The previously set default value of 8 (64-bit) is only correct for
mingw-w64 and only when we set `_FILE_OFFSET_BITS` to 64 (the def

config-win32: fix SIZEOF_OFF_T for MSVC and old MinGW

The previously set default value of 8 (64-bit) is only correct for
mingw-w64 and only when we set `_FILE_OFFSET_BITS` to 64 (the default
when building curl). For MSVC, old MinGW and other Windows compilers,
the correct value is 4 (32-bit). Adjust condition accordingly. Also
drop the manual override option.

Regression in 7.86.0 (from 68fa9bf3f5d7b4fcbb57619f70cb4aabb79a51f6)

Bug: https://github.com/curl/curl/pull/9712#issuecomment-1307330551

Reported-by: Peter Piekarski
Reviewed-by: Jay Satiro

Closes #9872

show more ...

lib: remove bad set.opt_no_body assignments

This struct field MUST remain what the application set it to, so that
handle reuse and handle duplication work.

Instead, the request

lib: remove bad set.opt_no_body assignments

This struct field MUST remain what the application set it to, so that
handle reuse and handle duplication work.

Instead, the request state bit 'no_body' is introduced for code flows
that need to change this in run-time.

Closes #9888

show more ...

lib: connection filters (cfilter) addition to curl:

- general construct/destroy in connectdata
- default implementations of callback functions
- connect: cfilters for connect and

lib: connection filters (cfilter) addition to curl:

- general construct/destroy in connectdata
- default implementations of callback functions
- connect: cfilters for connect and accept
- socks: cfilter for socks proxying
- http_proxy: cfilter for http proxy tunneling
- vtls: cfilters for primary and proxy ssl
- change in general handling of data/conn
- Curl_cfilter_setup() sets up filter chain based on data settings,
if none are installed by the protocol handler setup
- Curl_cfilter_connect() boot straps filters into `connected` status,
used by handlers and multi to reach further stages
- Curl_cfilter_is_connected() to check if a conn is connected,
e.g. all filters have done their work
- Curl_cfilter_get_select_socks() gets the sockets and READ/WRITE
indicators for multi select to work
- Curl_cfilter_data_pending() asks filters if the have incoming
data pending for recv
- Curl_cfilter_recv()/Curl_cfilter_send are the general callbacks
installed in conn->recv/conn->send for io handling
- Curl_cfilter_attach_data()/Curl_cfilter_detach_data() inform filters
and addition/removal of a `data` from their connection
- adding vtl functions to prevent use of Curl_ssl globals directly
in other parts of the code.

Reviewed-by: Daniel Stenberg
Closes #9855

show more ...

curl-rustls.m4: on macOS, rustls also needs the Security framework

Closes #9883

rtsp: only store first_host once

Suggested-by: Erik Janssen
URL: https://github.com/curl/curl/pull/9870#issuecomment-1309499744
Closes #9882

test3028: verify PROXY

http: do not send PROXY more than once

Unlike `CONNECT`, currently we don't keep track whether `PROXY` is
already sent or not. This causes `PROXY` header to be sent twice during
`MST

http: do not send PROXY more than once

Unlike `CONNECT`, currently we don't keep track whether `PROXY` is
already sent or not. This causes `PROXY` header to be sent twice during
`MSTATE_TUNNELING` and `MSTATE_PROTOCONNECT`.

Closes #9878
Fixes #9442

show more ...

lib: add CURL_WRITEFUNC_ERROR to signal write callback error

Prior to this change if the user wanted to signal an error from their
write callbacks they would have to use logic to return

lib: add CURL_WRITEFUNC_ERROR to signal write callback error

Prior to this change if the user wanted to signal an error from their
write callbacks they would have to use logic to return a value different
from the number of bytes (nmemb) passed to the callback. Also, the
inclination of some users has been to just return 0 to signal error,
which is incorrect as that may be the number of bytes passed to the
callback.

To remedy this the user can now return CURL_WRITEFUNC_ERROR instead.

Ref: https://github.com/curl/curl/issues/9873

Closes https://github.com/curl/curl/pull/9874

show more ...

Revert "GHA: add scorecard.yml"

This reverts commit ca76c79b34f9d90105674a2151bf228ff7b13bef.