cmake: private identifiers use CURL_ instead of CMAKE_ prefix

Since the 'CMAKE_' prefix is reserved for cmake's own private use.
Ref: https://cmake.org/cmake/help/latest/manual/cmake-var

cmake: private identifiers use CURL_ instead of CMAKE_ prefix

Since the 'CMAKE_' prefix is reserved for cmake's own private use.
Ref: https://cmake.org/cmake/help/latest/manual/cmake-variables.7.html

Reported-by: Boris Rasin
Fixes #7988
Closes #8044

show more ...

urlapi: reject short file URLs

file URLs that are 6 bytes or shorter are not complete. Return
CURLUE_MALFORMED_INPUT for those. Extended test 1560 to verify.

Triggered by #8041

urlapi: reject short file URLs

file URLs that are 6 bytes or shorter are not complete. Return
CURLUE_MALFORMED_INPUT for those. Extended test 1560 to verify.

Triggered by #8041
Closes #8042

show more ...

curl: improve error message for --head with -J

... it now focuses on the "output of headers" combined with the
--remote-header-name option, as that is actually the problem. Both
--he

curl: improve error message for --head with -J

... it now focuses on the "output of headers" combined with the
--remote-header-name option, as that is actually the problem. Both
--head and --include can output headers.

Reported-by: nimaje on github
Fixes #7987
Closes #8045

show more ...

RELEASE-NOTES: synced

urlapi: cleanup scheme parsing

Makea Curl_is_absolute_url() always leave a defined 'buf' and avoids
copying on urls that do not start with a scheme.

Closes #8043

tool_operate: only set SSH related libcurl options for SSH URLs

For example, this avoids trying to find and set the known_hosts file (or
warn for its absence) if SFTP or SCP are not used

tool_operate: only set SSH related libcurl options for SSH URLs

For example, this avoids trying to find and set the known_hosts file (or
warn for its absence) if SFTP or SCP are not used.

Closes #8040

show more ...

rustls: remove comment about checking handshaking

The comment is incorrect in two ways:
- It says the check needs to be last, but the check is actually first.
- is_handshaking actu

rustls: remove comment about checking handshaking

The comment is incorrect in two ways:
- It says the check needs to be last, but the check is actually first.
- is_handshaking actually starts out true.

Closes #8038

show more ...

openssl: use non-deprecated API to read key parameters

With OpenSSL 3.0, the parameters are read directly from the `EVP_PKEY`
using `EVP_PKEY_get_bn_param`.

Closes https://githu

openssl: use non-deprecated API to read key parameters

With OpenSSL 3.0, the parameters are read directly from the `EVP_PKEY`
using `EVP_PKEY_get_bn_param`.

Closes https://github.com/curl/curl/pull/7893

show more ...

openssl: reduce code duplication

`BN_print`'s `BIGNUM` parameter has been `const` since OpenSSL 0.9.4.

Closes https://github.com/curl/curl/pull/7893

openssl: remove `RSA_METHOD_FLAG_NO_CHECK` handling if unavailable

The flag has been deprecated without replacement in OpenSSL 3.0.

Closes https://github.com/curl/curl/pull/7893

openssl: remove usage of deprecated `SSL_get_peer_certificate`

The function name was changed to `SSL_get1_peer_certificate` in OpenSSL
3.0.

Closes https://github.com/curl/curl/p

openssl: remove usage of deprecated `SSL_get_peer_certificate`

The function name was changed to `SSL_get1_peer_certificate` in OpenSSL
3.0.

Closes https://github.com/curl/curl/pull/7893

show more ...

page-footer: fix typo

Closes #8036

http: enable haproxy support for hyper backend

This is done by having native code do the haproxy header output before
hyper issues its request. The little downside with this approach is

http: enable haproxy support for hyper backend

This is done by having native code do the haproxy header output before
hyper issues its request. The little downside with this approach is that
we need the entire Curl_buffer_send() function built, which is otherwise
not used for hyper builds.

If hyper ends up getting native support for the haproxy protocols we can
backpedal on this.

Enables test 1455 and 1456

Closes #8034

show more ...

configure: fix runtime-lib detection on macOS

With a non-standard installation of openssl we get this error:

checking run-time libs availability... failed
configure: err

configure: fix runtime-lib detection on macOS

With a non-standard installation of openssl we get this error:

checking run-time libs availability... failed
configure: error: one or more libs available at link-time are not available run-time. Libs used at link-time: -lnghttp2 -lssl -lcrypto -lssl -lcrypto -lz

There's already code to set LD_LIBRARY_PATH on Linux, so set
DYLD_LIBRARY_PATH equivalent on macOS.

Closes #8028

show more ...

cmake: don't set _USRDLL on a static Windows build

Closes #8030

page-footer: document more environment variables

... that curl might use.

Closes #8027

netrc.d: edit the .netrc example to look nicer

Works nicely thanks to d1828b470f43d

Closes #8025

tftp: mark protocol as not possible to do over CONNECT

... and make connect_init() refusing trying to tunnel protocols marked
as not working. Avoids a double-free.

Reported-by:

tftp: mark protocol as not possible to do over CONNECT

... and make connect_init() refusing trying to tunnel protocols marked
as not working. Avoids a double-free.

Reported-by: Even Rouault
Fixes #8018
Closes #8020

show more ...

docs/cmdline-opts: do not say "protocols: all"

Remove the lines saying "protocols: all". It makes the output in the
manpage look funny, and the expectation is probably by default that if

docs/cmdline-opts: do not say "protocols: all"

Remove the lines saying "protocols: all". It makes the output in the
manpage look funny, and the expectation is probably by default that if
not anything is mentioned about protocols the option apply to them all.

Closes #8021

show more ...

curl.1: require "see also" for every documented option

gen.pl now generates a warning if the "See Also" field is not filled in for a
command line option

All command line options

curl.1: require "see also" for every documented option

gen.pl now generates a warning if the "See Also" field is not filled in for a
command line option

All command line options now provide one or more related options. 167
"See alsos" added!

Closes #8019

show more ...

insecure.d: expand and clarify

Closes #8017

gen.pl: improve example output format

Treat consecutive lines that start with a space to be "examples". They
are output enclosed by .nf and .fi

Updated form.d to use this new fa

gen.pl: improve example output format

Treat consecutive lines that start with a space to be "examples". They
are output enclosed by .nf and .fi

Updated form.d to use this new fanciness

Closes #8016

show more ...

Revert "form-escape.d: double the back-slashes for proper man page output"

This reverts commit a2d8eac04a4eb1d5a98cf24b4e5cec5cec565d27.

silly me, it was intended to be one backslas

Revert "form-escape.d: double the back-slashes for proper man page output"

This reverts commit a2d8eac04a4eb1d5a98cf24b4e5cec5cec565d27.

silly me, it was intended to be one backslash!

show more ...

form-escape.d: double the back-slashes for proper man page output

page-footer: add a mention of how to report bugs to the man page