test566: adjust to work with hyper mode

Closes #7209

CURLOPT_WRITEFUNCTION.3: minor update of the example

Safely avoid chunk.size garbage value if declared non globally.

Closes #7219

configure: rename get-easy-option configure option to get-easy-options

"get-easy-options" is the configure option advertised by the help text
anyway, so use that.

Fixes #7211

configure: rename get-easy-option configure option to get-easy-options

"get-easy-options" is the configure option advertised by the help text
anyway, so use that.

Fixes #7211
Closes #7213

Follow-up to ad691b191 ("configure: added --disable-get-easy-options")
Suggested-by: Daniel Stenberg <daniel@haxx.se>
Signed-off-by: Bastian Krause <bst@pengutronix.de>

show more ...

runtests: skip disabled tests unless -f is used

To make it easier to write ranges like '115 to 229' without that
explicitly enabling tests that are listed in DISABLED, this makes
run

runtests: skip disabled tests unless -f is used

To make it easier to write ranges like '115 to 229' without that
explicitly enabling tests that are listed in DISABLED, this makes
runtests always skip disabled tests unless the -f command line option is
used.

Previously the code attempted to not run such tests, but didn't do it
correctly.

Closes #7212

show more ...

ngtcp2: disable TLSv1.3 compatible mode when using GnuTLS

The latest GnuTLS-3.7.2 implements disable switch for TLSv1.3 compatible
mode for middle box but it is enabled by default, which

ngtcp2: disable TLSv1.3 compatible mode when using GnuTLS

The latest GnuTLS-3.7.2 implements disable switch for TLSv1.3 compatible
mode for middle box but it is enabled by default, which is unnecessary
for QUIC.

Fixes #6896
Closes #7202

show more ...

test644: remove as duplicate of test 587

Closes #7208

RELEASE-NOTES: synced

cookies: track expiration in jar to optimize removals

Removing expired cookies needs to be a fast operation since we want to
be able to perform it often and speculatively. By tracking th

cookies: track expiration in jar to optimize removals

Removing expired cookies needs to be a fast operation since we want to
be able to perform it often and speculatively. By tracking the timestamp
of the next known expiration we can exit early in case the timestamp is
in the future.

Closes: #7172
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

show more ...

GHA: add several libcurl tests to the hyper job

500 to 512

test500: adjust to work with hyper mode

c-hyper: support CURLINFO_STARTTRANSFER_TIME

Closes #7204

c-hyper: support CURLOPT_HEADER

When enabled, the headers are passed to the body write callback as well.

Like in test 500

Closes #7204

GHA: run the newly fixed tests with hyper

Closes #7205

test433: adjust for hyper mode

Closes #7205

test395: hyper cannot work around > 64 bit content-lengths like built-in

Closes #7205

test394: hyper returns a different error

Closes #7205

test393: make Content-Length fit within 64 bit for hyper

Closes #7205

test347: CRLFify to work in hyper mode

Closes #7205

test339: CRLFify better to work in hyper mode

Closes #7205

travis: remove the hyper build

GHA: add a linux-hyper job

Closes #7206

test328: avoid a header-looking body to make hyper mode work

The test still works the same, just modified two bytes in the content.

Closes #7203

release-notes.pl: also spot common 'closes' typo

metalink: remove

Warning: this will make existing curl command lines that use metalink to
stop working.

Reasons for removal:

1. We've found several security problems an

metalink: remove

Warning: this will make existing curl command lines that use metalink to
stop working.

Reasons for removal:

1. We've found several security problems and issues involving the
metalink support in curl. The issues are not detailed here. When
working on those, it become apparent to the team that several of the
problems are due to the system design, metalink library API and what
the metalink RFC says. They are very hard to fix on the curl side
only.

2. The metalink usage with curl was only very briefly documented and was
not following the "normal" curl usage pattern in several ways, making
it surprising and non-intuitive which could lead to further security
issues.

3. The metalink library was last updated 6 years ago and wasn't so
active the years before that either. An unmaintained library means
there's a security problem waiting to happen. This is probably reason
enough.

4. Metalink requires an XML parsing library, which is complex code (even
the smaller alternatives) and to this day often gets security
updates.

5. Metalink is not a widely used curl feature. In the 2020 curl user
survey, only 1.4% of the responders said that they'd are using it. In
2021 that number was 1.2%. Searching the web also show very few
traces of it being used, even with other tools.

6. The torrent format and associated technology clearly won for
downloading large files from multiple sources in parallel.

Cloes #7176

show more ...

docs/INSTALL: remove mentions of configure --with-darwin-ssl

... as it isn't supported since a while back.

Make configure fail with a warning if used.

Reported-by: Vadim Gr

docs/INSTALL: remove mentions of configure --with-darwin-ssl

... as it isn't supported since a while back.

Make configure fail with a warning if used.

Reported-by: Vadim Grinshpun
Bug: https://curl.se/mail/lib-2021-06/0008.html
Closes #7200

show more ...