Before this patch it broke clang 20/21 cmake builds on ubuntu-26.04-arm
runner, failing at the beginning of the configure stage while probing
the compiler.
Seen in the 'CM openssl clang krb5 LTO' job:
```
: && /usr/bin/clang --target=aarch64-pc-linux-gnu CMakeFiles/cmTC_3d9ae.dir/testCCompiler.c.o -o cmTC_3d9ae && :
/usr/bin/aarch64-linux-gnu-ld.bfd: cannot find crtbeginS.o: No such file or directory
/usr/bin/aarch64-linux-gnu-ld.bfd: cannot find -lgcc: No such file or directory
/usr/bin/aarch64-linux-gnu-ld.bfd: cannot find -lgcc_s: No such file or directory
```
Ref: https://github.com/curl/curl/actions/runs/27778098314/job/82195462687#step:38:66
Follow-up to 36bd807475#15242
Follow-up to 232302f88a#14382
Cherry-picked from #22092Closes#22097
At the time of the original commit, the runner was ubuntu-22.04 with
a default GCC 11. It made sense to bump to 12 manually. Since 2025,
the default is ubuntu-24.04 with GCC 13, when this became a downgrade.
Drop manual envs and bump to GCC 13 with it. Other options available are
14, 15 and 16.
Refs:
https://packages.ubuntu.com/jammy/gcc (ubuntu-22.04)
https://packages.ubuntu.com/noble/gcc (ubuntu-24.04)
Follow-up to 6079ff314b#22075
Follow-up to a8174176b5#13841Closes#22077
Also:
- GHA/http3-linux: enable deprecated APIs in openssl-prev local
OpenSSL builds. Required by h2o and its vendored dependencies.
Tried OpenSSL 4, LibreSSL 4.x, BoringSSL: all failed at one point.
- GHA/http3-linux: build h2o from source.
libuv1-dev may not be stricly required.
Tried installing libwslay-dev, but it wasn't recognized.
Also disable building h2o libs for a much smaller dist directory and
slightly faster build.
Sadly, h2o is not versioned, so I pinned to the current latest commit
at the master branch. It advertises itself as 2.3.0-DEV in pytest.
- drop redundant `libnghttp3` installs. Remains of openssl-quic builds.
Follow-up to 6aaac9dd38#20226
Note GHA/macos pytests may or not not be stable with the H3 proxy tests.
Follow-up to e78b1b3ecc#21153Closes#21789
Also switch back to ftp.openbsd.org download server. More often than not
the GitHub release entry is missing the download artifacts at the time
of detecting a new version, breaking automatic bumps. We cache the
download so it does not bang the origin server with many requests.
Follow-up to 800b0bec18#19082Closes#21742Closes#21754
- update action `actions/cache` from 5.0.4 to 5.0.5
- update action `actions/upload-artifact` from 7.0.0 to 7.0.1
- update action `github/codeql-action` from 4.32.4 to 4.35.2
- update action `msys2/setup-msys2` from 2.31.0 to 2.31.1
- update pip `filelock` from 3.25.2 to 3.29.0
- update pip `impacket` to 0.13.0
- update pip `ruff` from 0.15.10 to 0.15.12
Closes#21483Closes#21482
- prefer `--branch` over `-b`, where missing.
- add `--depth 1` where missing.
- sync option order between docs and GHA.
- bump quiche and rustls-ffi versions in documentation.
- ECH.md: update for OpenSSL 4.
Closes#21447
Due to year-long unreliability.
The default Ubuntu mirror works as fast as the Azure one when it's
working at its normal speed. And has HTTPS.
Also:
- replac the retry hack that turn out to not solve the problem.
- add timeouts to each download step to catch slowness early.
Follow-up to a5838847c4#21181
Follow-up to 5172ba5475#21107Closes#21414
GitHub runners are getting new 3rd-party sources frequntly now, last
week `docker.list`, this week: `google-chrome.sources`. To avoid
playing catch up, allowlist the only one we use: `ubuntu.sources`. If
this is renamed, CI would break. Let's hope this happens much less
often than new sources.
Bug: https://github.com/curl/curl/pull/21414#issuecomment-4297788640
Follow-up to 3e0e2cc1ab#21344Closes#21416
Seen on `ubuntu-slim` runners.
Also:
- extend to two jobs to `ls -l` package sources on both ubuntu-latest,
ubuntu-24.04-arm, and ubuntu-slim.
- drop former stray apt source `ondrej-ubuntu-php-noble.sources`.
It's no longer present on the image.
Closes#21344
- examples: sync debug output printf masks.
- INSTALL-CMAKE.md: tidy up section for some options.
- curl_sha512_256: delete comment suggesting an optimization.
- vtls/keylog: scope a variable.
- vtls/openssl: make a source code URL a permalink.
- vtls/schannel: drop redundant parentheses.
- test1119.pl: robustify `$1` -> `$s`.
- sync arg names in comments to match the code.
- tidy up and minor fixes to comments.
- fix formatting/indenting/comment/newline/include nits.
- move `UNITTEST` protos next to definitions, sync their argument names.
- make variables static.
- add parentheses to Perl `open()` calls.
- drop unnecessary double quotes in Perl.
- clang-format.
Closes#21000
- update `actions/cache` from 5.0.3 to 5.0.4
- update `actions/download-artifact` from 7.0.0 to 8.0.1
- update `actions/upload-artifact` from 6.0.0 to 7.0.0
- update `msys2/setup-msys2` from 2.30.0 to 2.31.0
- update pip `ruff` from 0.15.7 to 0.15.8
Closes#21195Closes#21197
- fail if all retries failed.
- run `dpkg --configure -a` after an aborted slow attempt.
```
Selecting previously unselected package libsys-hostname-long-perl.
Error: slow server, retry
E: dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem.
[...]
```
Bug: https://github.com/curl/curl/pull/21107#issuecomment-4163506100
Follow-up to 5172ba5475#21107Closes#21181
It's been going on for almost a year, chances seem slim to have this
fixed upstream.
The observed issue is that on GitHub-supplied CI runner images,
sometimes, `apt-get install` using the stock distro server
`http://azure.archive.ubuntu.com/ubuntu` sees extreme slowness while
downloading data, then reaching the job timeout and aborting, making CI
red and necessitating a manual restart of the failed job(s).
In majority of cases the install step takes no longer than 8-40 seconds
(download + install), while in the failing case it takes 10-20+ minutes
just to download.
Earlier I slimmed down installs to avoid unnecessary packages, which
mitigated, but did not completely fix the issue.
Example:
https://github.com/curl/curl/actions/runs/23599596928/job/68725576899?pr=21105
Follow-up to 0455d8772a#18509Closes#21107