From b0d0f16d20d8f2c3d14c9f9d25699ba883c6d95a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 22 Jun 2026 15:52:23 +0200 Subject: [PATCH] tidy-up: make 'CA' uppercase, where missing ```sh git grep -w ca | grep -v -E -i 'ca[;"=/()%_.-]' | grep -v -E -i '[*$"=/()%_.-]ca' ``` Closes #22135 --- acinclude.m4 | 8 ++++---- configure.ac | 10 +++++----- docs/FAQ.md | 6 +++--- docs/TheArtOfHttpScripting.md | 2 +- docs/examples/cacertinmem.c | 2 +- docs/libcurl/libcurl-tutorial.md | 2 +- docs/libcurl/opts/CURLINFO_CAINFO.md | 2 +- docs/libcurl/opts/CURLINFO_CAPATH.md | 2 +- lib/config-os400.h | 2 +- lib/curl_config-cmake.h.in | 6 +++--- lib/vtls/vtls_config.c | 2 +- m4/curl-amissl.m4 | 2 +- projects/vms/generate_config_vms_h_curl.com | 2 +- scripts/firefox-db2pem.sh | 2 +- 14 files changed, 25 insertions(+), 25 deletions(-) diff --git a/acinclude.m4 b/acinclude.m4 index 11fe68c737..ed8b0499dd 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -1127,7 +1127,7 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]), capath="$want_capath" ca="no" elif test "$ca_native" != "no"; then - dnl native ca configured, do not look further + dnl native CA configured, do not look further ca="no" capath="no" else @@ -1161,7 +1161,7 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]), fi done fi - AC_MSG_NOTICE([want $want_capath ca $ca]) + AC_MSG_NOTICE([want $want_capath CA $ca]) if test "x$want_capath" = "xunset"; then check_capath="/etc/ssl/certs" fi @@ -1197,13 +1197,13 @@ AS_HELP_STRING([--without-ca-path], [Do not use a default CA path]), if test "x$ca" != "xno"; then CURL_CA_BUNDLE="$ca" - AC_DEFINE_UNQUOTED(CURL_CA_BUNDLE, "$ca", [Location of default ca bundle]) + AC_DEFINE_UNQUOTED(CURL_CA_BUNDLE, "$ca", [Location of default CA bundle]) AC_SUBST(CURL_CA_BUNDLE) AC_MSG_RESULT([$ca]) fi if test "x$capath" != "xno"; then CURL_CA_PATH="\"$capath\"" - AC_DEFINE_UNQUOTED(CURL_CA_PATH, "$capath", [Location of default ca path]) + AC_DEFINE_UNQUOTED(CURL_CA_PATH, "$capath", [Location of default CA path]) AC_MSG_RESULT([$capath (capath)]) fi if test "x$ca" = "xno" && test "x$capath" = "xno"; then diff --git a/configure.ac b/configure.ac index 1752bb10a2..a21847ea66 100644 --- a/configure.ac +++ b/configure.ac @@ -5535,11 +5535,11 @@ AC_MSG_NOTICE([Configured to build curl/libcurl: Verbose errors: ${curl_verbose_msg} Code coverage: ${curl_coverage_msg} SSPI: ${curl_sspi_msg} - ca native: ${ca_native} - ca cert bundle: ${ca}${ca_warning} - ca cert path: ${capath}${capath_warning} - ca cert embed: ${CURL_CA_EMBED_msg} - ca fallback: ${with_ca_fallback} + CA native: ${ca_native} + CA cert bundle: ${ca}${ca_warning} + CA cert path: ${capath}${capath_warning} + CA cert embed: ${CURL_CA_EMBED_msg} + CA fallback: ${with_ca_fallback} LDAP: ${curl_ldap_msg} LDAPS: ${curl_ldaps_msg} IPFS/IPNS: ${curl_ipfs_msg} diff --git a/docs/FAQ.md b/docs/FAQ.md index e6d7c43cdc..6cdf97d327 100644 --- a/docs/FAQ.md +++ b/docs/FAQ.md @@ -204,16 +204,16 @@ world wide. ## Why do you not update ca-bundle.crt In the curl project we have decided not to attempt to keep this file updated -(or even present) since deciding what to add to a ca cert bundle is an +(or even present) since deciding what to add to a CA cert bundle is an undertaking we have not been ready to accept, and the one we can get from Mozilla is perfectly fine so there is no need to duplicate that work. Today, with many services performed over HTTPS, every operating system should -come with a default ca cert bundle that can be deemed somewhat trustworthy and +come with a default CA cert bundle that can be deemed somewhat trustworthy and that collection (if reasonably updated) should be deemed to be a lot better than a private curl version. -If you want the most recent collection of ca certs that Mozilla Firefox uses, +If you want the most recent collection of CA certs that Mozilla Firefox uses, we recommend using our online [CA certificate service](https://curl.se/docs/caextract.html) setup for this purpose. diff --git a/docs/TheArtOfHttpScripting.md b/docs/TheArtOfHttpScripting.md index 7f300f0703..541cb4c2ff 100644 --- a/docs/TheArtOfHttpScripting.md +++ b/docs/TheArtOfHttpScripting.md @@ -591,7 +591,7 @@ Failing the verification causes curl to deny the connection. You must then use [`--insecure`](https://curl.se/docs/manpage.html#-k) (`-k`) in case you want to tell curl to ignore that the server cannot be verified. -More about server certificate verification and ca cert bundles can be read in +More about server certificate verification and CA cert bundles can be read in the [`SSLCERTS` document](https://curl.se/docs/sslcerts.html). At times you may end up with your own CA cert store and then you can tell diff --git a/docs/examples/cacertinmem.c b/docs/examples/cacertinmem.c index 06d088c61a..2e43a783f5 100644 --- a/docs/examples/cacertinmem.c +++ b/docs/examples/cacertinmem.c @@ -155,7 +155,7 @@ int main(void) curl_easy_setopt(curl, CURLOPT_CAINFO, NULL); curl_easy_setopt(curl, CURLOPT_CAPATH, NULL); - /* first try: retrieve page without ca certificates -> should fail + /* first try: retrieve page without CA certificates -> should fail * unless libcurl was built --with-ca-fallback enabled at build-time */ result = curl_easy_perform(curl); diff --git a/docs/libcurl/libcurl-tutorial.md b/docs/libcurl/libcurl-tutorial.md index b5cfcf2922..befcf77399 100644 --- a/docs/libcurl/libcurl-tutorial.md +++ b/docs/libcurl/libcurl-tutorial.md @@ -1420,7 +1420,7 @@ to figure out success on each individual transfer. # SSL, Certificates and Other Tricks -[ seeding, passwords, keys, certificates, ENGINE, ca certs ] +[ seeding, passwords, keys, certificates, ENGINE, CA certs ] # Sharing Data Between Easy Handles diff --git a/docs/libcurl/opts/CURLINFO_CAINFO.md b/docs/libcurl/opts/CURLINFO_CAINFO.md index 23502d2296..626abca19e 100644 --- a/docs/libcurl/opts/CURLINFO_CAINFO.md +++ b/docs/libcurl/opts/CURLINFO_CAINFO.md @@ -53,7 +53,7 @@ int main(void) char *cainfo = NULL; curl_easy_getinfo(curl, CURLINFO_CAINFO, &cainfo); if(cainfo) { - printf("default ca info path: %s\n", cainfo); + printf("default CA info path: %s\n", cainfo); } curl_easy_cleanup(curl); } diff --git a/docs/libcurl/opts/CURLINFO_CAPATH.md b/docs/libcurl/opts/CURLINFO_CAPATH.md index c58930e0e9..603634da8a 100644 --- a/docs/libcurl/opts/CURLINFO_CAPATH.md +++ b/docs/libcurl/opts/CURLINFO_CAPATH.md @@ -56,7 +56,7 @@ int main(void) char *capath = NULL; curl_easy_getinfo(curl, CURLINFO_CAPATH, &capath); if(capath) { - printf("default ca path: %s\n", capath); + printf("default CA path: %s\n", capath); } curl_easy_cleanup(curl); } diff --git a/lib/config-os400.h b/lib/config-os400.h index eacd6e8942..76841af202 100644 --- a/lib/config-os400.h +++ b/lib/config-os400.h @@ -34,7 +34,7 @@ /* Global configuration parameters: normally generated by autoconf. */ /* ---------------------------------------------------------------- */ -/* Location of default ca bundle */ +/* Location of default CA bundle */ /* Use the system keyring as the default CA bundle. */ #define CURL_CA_BUNDLE "/QIBM/UserData/ICSS/Cert/Server/DEFAULT.KDB" diff --git a/lib/curl_config-cmake.h.in b/lib/curl_config-cmake.h.in index 6db19c22eb..c38caa2a03 100644 --- a/lib/curl_config-cmake.h.in +++ b/lib/curl_config-cmake.h.in @@ -22,13 +22,13 @@ * ***************************************************************************/ -/* Location of default ca bundle */ +/* Location of default CA bundle */ #cmakedefine CURL_CA_BUNDLE "${CURL_CA_BUNDLE}" -/* define "1" to use built-in ca store of TLS backend */ +/* define "1" to use built-in CA store of TLS backend */ #cmakedefine CURL_CA_FALLBACK 1 -/* Location of default ca path */ +/* Location of default CA path */ #cmakedefine CURL_CA_PATH "${CURL_CA_PATH}" /* Default SSL backend */ diff --git a/lib/vtls/vtls_config.c b/lib/vtls/vtls_config.c index 0d294da83a..4a9b69654b 100644 --- a/lib/vtls/vtls_config.c +++ b/lib/vtls/vtls_config.c @@ -241,7 +241,7 @@ static void ssl_easy_config_compl_options(struct Curl_peer *origin, uint8_t options = sslc->primary.ssl_options; /* If set via CURLOPT_(PROXY_)SSL_OPTIONS, we definitely use it. * If not, we switch it on for supported backends if no custom - * ca settings exist. */ + * CA settings exist. */ sslc->native_ca_store = !!(options & CURLSSLOPT_NATIVE_CA); sslc->enable_beast = !!(options & CURLSSLOPT_ALLOW_BEAST); sslc->no_partialchain = !!(options & CURLSSLOPT_NO_PARTIALCHAIN); diff --git a/m4/curl-amissl.m4 b/m4/curl-amissl.m4 index 4048037fd0..e32861e9ef 100644 --- a/m4/curl-amissl.m4 +++ b/m4/curl-amissl.m4 @@ -45,7 +45,7 @@ if test "$HAVE_PROTO_BSDSOCKET_H" = "1"; then test "amissl" != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes AMISSL_ENABLED=1 OPENSSL_ENABLED=1 - dnl Use AmiSSL's built-in ca bundle + dnl Use AmiSSL's built-in CA bundle check_for_ca_bundle=1 with_ca_fallback=yes LIBS="-lamisslstubs -lamisslauto $LIBS" diff --git a/projects/vms/generate_config_vms_h_curl.com b/projects/vms/generate_config_vms_h_curl.com index 0a651b1a99..6e78b801f2 100644 --- a/projects/vms/generate_config_vms_h_curl.com +++ b/projects/vms/generate_config_vms_h_curl.com @@ -215,7 +215,7 @@ $write cvh "" $! $! We are now setting this on the GNV build, so also do this $! for compatibility. -$write cvh "/* Location of default ca path */" +$write cvh "/* Location of default CA path */" $write cvh "#define curl_ca_path ""gnv$curl_ca_path""" $! $! The config_h.com finds a bunch of default disable commands in diff --git a/scripts/firefox-db2pem.sh b/scripts/firefox-db2pem.sh index 7d31b12886..b763ef10a2 100755 --- a/scripts/firefox-db2pem.sh +++ b/scripts/firefox-db2pem.sh @@ -23,7 +23,7 @@ # * # *************************************************************************** # This shell script creates a fresh ca-bundle.crt file for use with libcurl. -# It extracts all ca certs it finds in the local Firefox database and converts +# It extracts all CA certs it finds in the local Firefox database and converts # them all into PEM format. # # It uses the "certutil" command line tool from the NSS project to perform the