tool_operate: fix a scan-build warning

... and avoid the temp storing of the return code in a diff variable.

Closes #8565

test375: verify that --proxy errors out if proxy is disabled in the build

Closes #8565

curl: error out when options need features not present in libcurl

Trying to use a proxy when libcurl was built with proxy support disabled
should make curl error out properly.

R

curl: error out when options need features not present in libcurl

Trying to use a proxy when libcurl was built with proxy support disabled
should make curl error out properly.

Remove knowledge of disabled features from the tool code and instead
make it properly respond to what libcurl returns. Update all tests to
properly require the necessary features to be present/absent so that the
test suite can still be run even with libcurl builds with disabled
features.

Ref: https://curl.se/mail/archive-2022-03/0013.html
Closes #8565

show more ...

ngtcp2: disconnect the QUIC connection proper

Reported-by: mehatzri on github
Reviewed-by: Tatsuhiro Tsujikawa
Fixes #8534
closes #8569

test386: Fix an incorrect test markup tag

nonblock: restore setsockopt method to curlx_nonblock

The implementation using setsockopt was removed when BeOS support was
purged. However this functionality wasn't BeOS specific, it is

nonblock: restore setsockopt method to curlx_nonblock

The implementation using setsockopt was removed when BeOS support was
purged. However this functionality wasn't BeOS specific, it is still
used by for example Orbis OS (Playstation 4/5 OS).

Closes #8562

show more ...

openssl: fix CN check error code

Due to a missing 'else' this returns error too easily.

Regressed in: d15692ebb

Reported-by: Kristoffer Gleditsch
Fixes #8559
Closes

openssl: fix CN check error code

Due to a missing 'else' this returns error too easily.

Regressed in: d15692ebb

Reported-by: Kristoffer Gleditsch
Fixes #8559
Closes #8560

show more ...

connect: make Curl_getconnectinfo work with conn cache from share handle

Closes #8524

openssl: enable CURLOPT_SSL_EC_CURVES with BoringSSL

The CURLOPT_SSL_EC_CURVES option (used by the '--curves' flag) in
libcurl was ignored when compiling with BoringSSL because
HAVE_

openssl: enable CURLOPT_SSL_EC_CURVES with BoringSSL

The CURLOPT_SSL_EC_CURVES option (used by the '--curves' flag) in
libcurl was ignored when compiling with BoringSSL because
HAVE_SSL_CTX_SET_EC_CURVES was explicitly disabled if BoringSSL was
detected. However, this feature is supported in BoringSSL since
5fd1807d. This commit enables it, and also reduces the required minimal
OpenSSL version to 1.0.2 as per OpenSSL's official documentation.

Fixes #8553
Closes #8556

show more ...

json.d: fix typo (overriden -> overridden)

Closes #8557

wolfssl: fix compiler error without IPv6

Reported-by: Joseph Chen
Fixes #8550
Closes #8552

RELEASE-NOTES: synced

and bump pending version to 7.82.1

runtests: make 'oldlibssh' be before 0.9.4

The 'oldlibssh' feature indicates that the error code returned by libssh
for a broken known_hosts file should be 67 rather than 60 (test1459).

runtests: make 'oldlibssh' be before 0.9.4

The 'oldlibssh' feature indicates that the error code returned by libssh
for a broken known_hosts file should be 67 rather than 60 (test1459).
This feature was added as part of #8444 with 'oldlibssh' mapping to
libssh versions prior to 0.9.6, and then refined as part of #8511 to map
to versions prior to 0.9.5.

In Red Hat Enterprise Linux 8.5 there is a patched version of libssh
version 0.9.4 (https://git.centos.org/rpms/libssh/blob/c8/f/SOURCES) in
which test1459 fails because it returns the "new" value rather than the
"old" one. It's plausible that one of the patches is responsible for
this rather than the underlying code but I don't think so.

This change therefore drops the 'oldlibssh' version check to map to
libssh versions older than 0.9.4, which fixes builds on RHEL-8.

Closes #8548

show more ...

ipv4/6.d: clarify that they are about using IP addresses

... they may still *resolve* other families, but not use those
addresses.

Ref: #8530
Closes #8543

curl/system.h: update ifdef condition for MCST-LCC compiler

in mcst-lcc compiler => 1.25 added a new macro definition to determine
compiler

Closes #8546

CI: install Python package impacket to run SMB test 1451

Install Python package impacket in relevant CI workflows.

Follow up to #7935
Supersedes #7940
Closes #8544

connect: use TCP_KEEPALIVE only if TCP_KEEPIDLE is not defined

Closes #8539

docs/HYPER.md: updated to reflect current hyper build needs

GHA: build hyper with nightly rustc

Closes #8545

RELEASE-NOTES: synced

The 7.82.0 release

THANKS: updates from the 7.82.0 release notes

misc: update copyright year ranges

unit1610: init SSL library before calling SHA256 functions

The SSL library must be initialized (via global initialization) because
libcurl's SHA256 functions may call SHA256 functions in

unit1610: init SSL library before calling SHA256 functions

The SSL library must be initialized (via global initialization) because
libcurl's SHA256 functions may call SHA256 functions in the SSL library.

Reported-by: Gisle Vanem

Fixes https://github.com/curl/curl/issues/8538
Closes https://github.com/curl/curl/pull/8540

show more ...

examples/curlx: support building with OpenSSL 1.1.0+

- Access members of X509_STORE_CTX in OpenSSL 1.1.0+ by using API
functions.

The X509_STORE_CTX struct has been opaque sin

examples/curlx: support building with OpenSSL 1.1.0+

- Access members of X509_STORE_CTX in OpenSSL 1.1.0+ by using API
functions.

The X509_STORE_CTX struct has been opaque since OpenSSL 1.1.0.

Ref: https://curl.se/mail/lib-2022-03/0004.html

Closes https://github.com/curl/curl/pull/8529

show more ...

h2h3: fix typo

Bug: https://github.com/curl/curl/issues/8381#issuecomment-1055440241
Reported-by: Michael Kaufmann