- codespell: break logic out into its own runnable script. Allowing
to run it on local machines.
- codespell: install via `pip`, bump to latest version.
- codespell: show version number in CI log.
- codespell: drop no longer needed word exception: `msdos`.
- codespell: include all curl source tree, except `packages` and
`winbuild`. Drop an obsolete file exclusion.
- add new spellchecker job using the `typos` tool. It includes
the codespell dictionary and a couple more. Use linuxbrew to install
it. This takes 10 seconds, while installing via `cargo` from source
would take over a minute.
- codespell: introduce an inline ignore filter compatible with `cspell`
Make `typos` recognize it, too. Move single exceptions inline.
Fix new typos found. Also rename variables and words to keep
spellchecking exceptions at minumum. This involves touching some tests.
Also switch base64 strings to `%b64[]` to avoid false positives.
Ref: https://github.com/crate-ci/typos/blob/master/docs/reference.md
Ref: https://github.com/codespell-project/codespell?tab=readme-ov-file#inline-ignore
Ref: https://github.com/codespell-project/codespell/issues/1212#issuecomment-1721152455
Ref: https://cspell.org/docs/Configuration/document-settingsCloses#17905
Drop `strcasecompare` and `strncasecompare` in favor of libcurl API
calls `curl_strequal` and `curl_strnequal` respectively.
Also drop unnecessary `strcase.h` includes. Include `curl/curl.h`
instead where it wasn't included before.
Closes#17772
These libraries do not support TLS 1.3 and have been marked for removal
for over a year. We want to help users select a TLS dependency that is
future-proof and reliable, and not supporting TLS 1.3 in 2025 does not
infer confidence. Users who build libcurl are likely to be served better
and get something more future-proof with a TLS library that supports
1.3.
Closes#16677
by including headers using "../[header]" when done from C files in
subdirectories, we do not need to specify the lib source dir as an
include path and we reduce the risk of header name collisions with
headers in the SDK using the same file names.
Idea-by: Kai Pastor
Ref: #16949Closes#16991
Seen with downloaded mingw 7.3.0 when built against MSYS2 mbedTLS 3.6.2:
```
lib/vtls/cipher_suite.c: In function 'cs_zip_to_str':
lib/vtls/cipher_suite.c:789:16: error: conversion to 'uint8_t {aka unsigned char}' from 'int' may alter its value [-Werror=conversion]
indexes[1] = ((zip[0] << 4) & 0x3F) | zip[1] >> 4;
^
lib/vtls/cipher_suite.c:790:16: error: conversion to 'uint8_t {aka unsigned char}' from 'int' may alter its value [-Werror=conversion]
indexes[2] = ((zip[1] << 2) & 0x3F) | zip[2] >> 6;
^
lib/vtls/cipher_suite.c:793:16: error: conversion to 'uint8_t {aka unsigned char}' from 'int' may alter its value [-Werror=conversion]
indexes[5] = ((zip[3] << 4) & 0x3F) | zip[4] >> 4;
^
lib/vtls/cipher_suite.c:794:16: error: conversion to 'uint8_t {aka unsigned char}' from 'int' may alter its value [-Werror=conversion]
indexes[6] = ((zip[4] << 2) & 0x3F) | zip[5] >> 6;
^
```
Ref: https://github.com/curl/curl/actions/runs/13719756989/job/38372409927?pr=16429#step:10:21
Cherry-picked from #16429Closes#16614
booleans should use the type 'bool' and set the value to TRUE/FALSE
non-booleans should not be 'bool' and should not set the value to
TRUE/FALSE
Closes#15123
Fixes:
```
curl\lib\vtls\cipher_suite.c(193,3): error C2220: the following warning is treated as an error
curl\lib\vtls\cipher_suite.c(193,3): warning C4310: cast truncates constant value
```
Closes#14341
Take advantage of the Curl_cipher_suite_walk_str() and
Curl_cipher_suite_get_str() functions introduced in commit fba9afeb.
This also fixes CURLOPT_SSL_CIPHER_LIST not working at all for bearssl
due to commit ff74cef5.
Closes#13464
Use a lookup list to set the cipher suites, allowing the
ciphers to be set by either openssl or IANA names.
To keep the binary size of the lookup list down we compress
each entry in the cipher list down to 2 + 6 bytes using the
C preprocessor.
Closes#13442
