Commit graph

111 commits

Author SHA1 Message Date
Viktor Szakats
2a606c68fa
tidy-up: miscellaneous
- GHA/windows: drop redundant double-quotes.
- CMake/PickyWarnings: improve/shorten comment.
- INTERNALS: fix typo in LibreSSL release date.
- drop redundant parentheses from single variables and sole `#if`
  expressions.
- cf-ip-happy: fix missing space from error string.
- telnet: fix parentheses in commented PP code.
- lib1922: fix typo test output text.
- smbserver: unfold lines.
- smbserver: use f-string.
- smbserver: initialize binary string as b``.
- fix typos in comments.

Closes #21972
2026-06-11 19:48:07 +02:00
Viktor Szakats
97aed9c960
tidy-up: drop stray comparisons with literal zero
Drop from:
- strcmp, strcmpi, strncmp, memcmp, lstat, getrlimit, setrlimit, fseek,
  fstat
- autotools detection snippets.
- smooth-gtk-thread: simplify `!var != 0` expression.

Closes #21947
2026-06-10 15:15:54 +02:00
Stefan Eissing
f924489b25
ngtcp2: share common functionality
Share common functions/structs between ngtcp2 HTTP/3 and the proxy
version.

Fix bugs in proxy implementation when it comes to stream and pollset
handling and transfer lifetimes.

Curl_multi_xfer_sockbuf_borrow: work without multi

When a connection gets shutdown by a share, the easy handle used is
share->admin and it does not have a multi handle. In that case let
Curl_multi_xfer_sockbuf_borrow() allocate a buffer to be freed on
release.

This happens when a TLS filter sends its last notify through a HTTP/3
proxy tunnel.

Closes #21871
2026-06-10 13:28:05 +02:00
Viktor Szakats
59213abfb2
tidy-up: drop redundant != NULL syntax
Where missed by checksrc.

Closes #21932
2026-06-09 14:37:36 +02:00
Vasiliy-Kkk
3b9f0972e2 schannel_verify: simplify CryptQueryObject use
- Specify that the content is base64 encoded, rather than rely on
  auto-detect.

- Remove unnecessary sanity check of the returned content type.

Closes https://github.com/curl/curl/pull/21760
2026-06-06 11:27:34 -04:00
Viktor Szakats
1b8f4dba28
tidy-up: drop stray casts for allocated pointers
Closes #21865
2026-06-05 12:24:01 +02:00
Vasiliy-Kkk
a79467343f schannel: use fopen instead CreateFile
- Refactor CA file reading to use the typical fopen/fread instead of
  CreateFile/ReadFile.

Closes https://github.com/curl/curl/pull/21773
2026-06-02 13:58:21 -04:00
Viktor Szakats
7e1001bcd6
tidy-up: miscellaneous
- H3 proxy: re-sync code with original source `curl_ngtcp2.c` to reduce
  differences, and to apply missed minor fixes. Also apply clang-format.
  Drop redundant `#undef`s, casts, `#endif` comments, includes, drop
  intermediate variables, sync include and macro order.
  Follow-up to e78b1b3ecc #21153
- INSTALL-CMAKE.md: move `CURL_ENABLE_SMB` to the enable section.
- tests/http/env: rename `tcpdmp` to `tcpdump` to match object variable.
- mbedtls: drop incorrect `mbedTLS 4+` comments.
  (features are also supported by 3+, meaning it's always supported.)
- lib1648: rename a variable to match purpose.
- CIPHERS.md: alpha-sort link list.
- replace rare `X''` hex markup with `0x`.
- `IP v4/6` -> `IPv4/6`.
- 'version X.Y' -> 'vX.Y', where sensible.
- 'VX.Y' -> 'vX.Y', where sensible.
- fix indents, casing, newlines, typos.

Closes #21772
2026-05-27 16:53:57 +02:00
Joshua Rogers
cce4d3b0ed schannel: fix revoke_best_effort setting for proxy
- Fix revoke_best_effort reading wrong ssl config.

Prior to this change the revoke_best_effort setting for the proxy was
wrongly ignored in favor of the same setting for the destination host.

In other words, CURLSSLOPT_REVOKE_BEST_EFFORT set via
CURLOPT_PROXY_SSL_OPTIONS did not apply to the proxy and
CURLSSLOPT_REVOKE_BEST_EFFORT set via CURLOPT_SSL_OPTIONS wrongly
applied to the proxy.

Closes https://github.com/curl/curl/pull/21683
2026-05-20 13:51:35 -04:00
Viktor Szakats
3f8f725d97
schannel: enforce Extended Key Usage for custom CA roots
Reported-by: Joshua Rogers (Aisle Research)

Closes #21629
2026-05-16 11:55:59 +02:00
Viktor Szakats
976eb1d50d
windows: update MS SDK versions in comments
To make them more accurate.

Also:
- show Visual Studio version, where missing.
- ease the formatting.
- schannel_int.h: clang-tidy fallback code.

Used: `rg -l --sort=path CERT_FIND_HAS_PRIVATE_KEY`

Closes #21621
2026-05-15 03:41:33 +02:00
Daniel Stenberg
ea75ccc53b
schannel_verify: avoid out of blob access
The code would previously read one byte past the provided
CURLOPT_CAINFO_BLOB if the blob ends exactly with -----BEGIN
CERTIFICATE-----

Reported-by: Andrew Nesbit
Closes #21543
2026-05-10 23:21:08 +02:00
Stefan Eissing
bc40e09f63
lib: introduce Curl_peer
`struct Curl_peer` keeps information about a communication endpoint
together. It will replace `conn->host` and `conn->conn_to_host` and
proxyinfo host. It will also become part of `struct ssl_peer`.

It has a reference counter, so an instance can be shared between
connections and filters.

Elminiates `conn->host` and `conn->connect_to_host`, used in the
proxyinfo structures. Passed to DNS resolution and socks filters, etc.

Pass peer to http proxy and socks tunnel filters. Use peer in dns filter
and resolving. Make `Curl_peer` a member in the `struct ssl_peer`.

Add `docs/internals/PEERS.md` for documentation.

Closes #21472
2026-05-05 16:22:11 +02:00
Viktor Szakats
548c16a824
build: fix -Wformat-signedness by adjusting printf masks
- sync printf masks with the passed value.
- fix a couple of casts.

Cherry-picked from #20848

Closes #21335
2026-04-16 10:32:50 +02:00
Daniel Stenberg
be92f0a2e4
lib: reserve 'result' for CURLcode, even more
Closes #21245
2026-04-07 07:48:58 +02:00
Viktor Szakats
0df6c01db3
tidy-up: rename Curl_safefree()/tool_safefree() to curlx_safefree()
To sync names for the same macro logic between lib and src, and to move
it to the curlx namespace, to match `curlx_free()` that it's calling.

Closes #21151
2026-04-01 19:53:53 +02:00
Viktor Szakats
435eabeac8
badwords: rework exceptions, fix many of them
Also:
- support per-directory and per-upper-directory whitelist entries.
- convert badlist input grep tweak into the above format.
  (except for 'And' which had just a few hits.)
- fix many code exceptions, but do not enforce.
  (there also remain about 350 'will' uses in lib)
- fix badwords in example code, drop exceptions.
- badwords-all: convert to Perl.
  To make it usable from CMake.
- FAQ: reword to not use 'will'. Drop exception.

Closes #20886
2026-03-12 01:01:16 +01:00
Viktor Szakats
af78b199b2
tidy-up: miscellaneous
- vms/curlmsg_vms.h: delete unused/commented code.
- vtls/schannel_verify: sort includes.
- typecheck-gcc.h: fix indent and alignment.
- lib/config-win32.h: drop idle `#undef`.
- spacecheck: check for stray empty lines before after curly braces.
- make literals more readable: 1048576 -> 1024 * 1024
- scope variables.
- use ISO date in a comment.
- drop redundant parentheses.
- drop empty comments.
- unfold lines.
- duplicate/stray spaces in comments.
- fix indent, whitespace, minor typos.

Closes #20690
2026-02-25 14:44:56 +01:00
Viktor Szakats
3058ed3df8
lib: use lib source directory as base include path
Backtrack on previous change that aimed to solve the wrong `share.h`
being included. It turns out it did not fix this issue. At the same time
it introduced relative header filenames and the need to include the same
headers differently depending on the source files' location, reducing
readability and editability.

Replace this method by re-adding curl's lib source directory to the
header path and addressing headers by the their full, relative name to
that base directory. Aligning with this method already used in src and
tests.

With these advantages:
- makes includes easier to read, recognize, grep, sort, write, and copy
  between sources,
- syncs the way these headers are included across curl components,
- avoids the ambiguity between system `schannel.h`, `rustls.h` vs.
  local headers using the same names in `lib/vtls`,
- silences clang-tidy `readability-duplicate-include` checker, which
  detects the above issue,
  Ref: https://clang.llvm.org/extra/clang-tidy/checks/readability/duplicate-include.html
- possibly silences TIOBE coding standard warnings:
  `6.10.2.a: Don't use relative paths in #include statements.`
- long shot: it works well with concatenated test sources, for
  clang-tidy-friendly custom unity builds. Ref: #20667

Slight downside: it's not enforced.

If there happens to be a collision between a local `lib/*.h` header and
a system one, the solution is to rename (possibly with its `.c`
counterpart) into the `curl_` namespace. This is also the method used by
curl in the past.

Also:
- curlx/inet_pton: reduce scope of an include.
- toolx/tool_time: apply this to an include, and update VS project
  files accordingly. Also dropping unnecessary lib/curlx header path.
- clang-tidy: enable `readability-duplicate-include`.

Follow-up to 3887069c66 #19676
Follow-up to 625f2c1644 #16991 #16949

Closes #20623
2026-02-23 16:00:42 +01:00
Viktor Szakats
d445f2d930
lib: skip compiling code with features disabled
In non-SSL, non-SSH, non-H3, non-AppleSecTrust builds.

Also:
- drop unused internal macro `SSL_SYSTEM_VERIFIER`.

Closes #20587
2026-02-13 15:48:23 +01:00
Viktor Szakats
61df5f466c
tidy-up: miscellaneous
- curl_ntlm_core, smtp, schannel: fix comments.
- curl_setup.h: fix to undef before define.
- tool_doswin, server/sockfilt: reduce variables scopes.
- tool_doswin: drop an interim variable.
- windows: replace `SOCKET_ERROR` with `0` to align with rest of code.
- libssh2: rename variable to align with rest of code.
- gtls, unit1398: use `#if 0`.
- curl_trc.h, curlx/inet_ntop.h: add missing parentheses in macro
  expressions.
- ldap.c: set empty macro to `do {} while(0)`.
- examples/crawler: rename a non-CURLcode `result` variable.
- CURLINFO_TLS_SESSION: drop stray colon.
- add `const` to casts where missing.
- drop unnecessary parentheses.
- fix indent.
- quote style.
- comment style.
- whitespace, newlines, fold/unfold.

Closes #20554
2026-02-12 14:52:16 +01:00
Viktor Szakats
7032982896
tidy-up: miscellaneous
- asyn-thrdd.c: scope an include.
- apply more clang-format suggestions.
- tidy-up PP guard comments.
- delete empty line from the top of headers.
- add empty line after `curl_setup.h` include where missing.
- fix indent.
- CODE_STYLE.md: add `strcpy`.
  Follow-up to 8636ad55df #20088
- lib1901.c: drop unnecessary line.
  Follow-up to 436e67f65b #20076

Closes #20070
2025-12-26 22:06:09 +01:00
Viktor Szakats
e8415a8296
lib: drop, or replace sendf.h with curl_trc.h where possible
- replace `sendf.h` with `curl_trc.h` where it was included just for it.
- drop unused `curl_trc.h` includes.
- easy: delete obsolete comment about `send.h` include reason.

Also:
- move out `curl_trc.h` include from `sendf.h` and include it directly
  in users, where not done already. To flatten the include tree and
  to less rely on indirect includes.
- stop including `sendf.h` from other headers, replace it with forward
  declaration of `Curl_easy`, as done already elsewhere.

Verified with an all non-unity CI run.

Closes #20061
2025-12-21 12:39:25 +01:00
Viktor Szakats
969351bb1e
windows: fix CreateFile() calls to support long filenames
It makes them work in Schannel's CA bundle loader, and curl tool's
set/get file timestamp operations (e.g. in `-R`/`--remote-time`). Also
to match file open operations, that already support long filenames.

E.g. when using `--remote-time`, fixing:
```
Warning: Failed to set filetime 1741363917 on outfile: CreateFile failed:
Warning: GetLastError 0x00000003
```

The special long filename logic is necessary to support Windows releases
prior to Windows 10 v1607. With the latter, it's possible to opt-in to
this behavior via a manifest setting. Note that Windows itself also needs
to opt-in to support this. Finally note that curl itself needs passing
`--globoff` to let long filenames through, pending #20044 and #20046.

Refs:
https://learn.microsoft.com/windows/win32/api/fileapi/nf-fileapi-createfilea
https://learn.microsoft.com/windows/win32/fileio/maximum-file-path-limitation

Ref: #8361
Inspired by: #19286
Inspired-by: Mathesh V
Closes #19286
Closes #20040
2025-12-20 14:16:42 +01:00
Viktor Szakats
8dadff9434
schannel: use Win8 CERT_NAME_SEARCH_ALL_NAMES_FLAG with old SDKs
Define `CERT_NAME_SEARCH_ALL_NAMES_FLAG` macro if missing.
To allow using a runtime branch regardless of build-time SDK version,
when running on Windows 8+.

In practice it enables this branch for builds using mingw-w64 v3, and
MSVC with Windows SDK <8.

Also reducing build variations.

Follow-up to 29e40a6d8a #4761 #3711
Follow-up to 8996300211 #1325
Follow-up to 172b2beba6 #264 (comment)

Closes #20000
2025-12-16 20:41:11 +01:00
Viktor Szakats
4e051ff550
curlx: limit use of system allocators to the minimum possible
Clone a multibye conversion function into curlx/fopen, and use that
local copy from curlx/fopen functions. Adjust allocators in curlx/fopen
to use curl's in normal builds, and system allocators in TrackMemory
builds to avoid recursion.

This allows to switch curlx/multibyte functions to curl allocators in
all configurations, as they are no longer called by curlx/fopen, and
a recursive call can no longer happen.

After this patch the system allocator is only used in TrackMemory
Windows builds, within curlx `fopen`, `freopen`, `stat` and `open`
functions.

Also:
- test 1, 440, 767: raise allocation limitsto fit the extra allocations
  in Windows Unicode builds.
- replace all uses of `curlx_unicodefree()` macro with `curlx_free()`
  across the codebase.
- curlx/multibyte: delete `curlx_unicodefree()`.
- ldap: join Windows and non-Windows codepaths that became
  identical after moving from `curlx_unicodefree()` to `curlx_free()`.
- vauth: drop a strdup from standard to curl allocator since
  the original allocation is now already done by curl's.
- tool_doswin: drop now superfluous strdup from `FindWin32CACert()`.
- memanalyzer.pm: sync weirdo `calloc` log message with `malloc`'s.

Fixes #19748
Closes #19845
2025-12-05 15:32:59 +01:00
Viktor Szakats
0476e4fc65
tidy-up: one more round of formatting nits
Closes #19835
2025-12-04 19:30:59 +01:00
Viktor Szakats
2253bc330f
lib/subdirs: fix formatting nits
Closes #19757
2025-11-30 11:01:50 +01:00
Viktor Szakats
193cb00ce9
build: stop overriding standard memory allocation functions
Before this patch curl used the C preprocessor to override standard
memory allocation symbols: malloc, calloc, strdup, realloc, free.
The goal of these is to replace them with curl's debug wrappers in
`CURLDEBUG` builds, another was to replace them with the wrappers
calling user-defined allocators in libcurl. This solution needed a bunch
of workarounds to avoid breaking external headers: it relied on include
order to do the overriding last. For "unity" builds it needed to reset
overrides before external includes. Also in test apps, which are always
built as single source files. It also needed the `(symbol)` trick
to avoid overrides in some places. This would still not fix cases where
the standard symbols were macros. It was also fragile and difficult
to figure out which was the actual function behind an alloc or free call
in a specific piece of code. This in turn caused bugs where the wrong
allocator was accidentally called.

To avoid these problems, this patch replaces this solution with
`curlx_`-prefixed allocator macros, and mapping them _once_ to either
the libcurl wrappers, the debug wrappers or the standard ones, matching
the rest of the code in libtests.

This concludes the long journey to avoid redefining standard functions
in the curl codebase.

Note: I did not update `packages/OS400/*.c` sources. They did not
`#include` `curl_setup.h`, `curl_memory.h` or `memdebug.h`, meaning
the overrides were never applied to them. This may or may not have been
correct. For now I suppressed the direct use of standard allocators
via a local `.checksrc`. Probably they (except for `curlcl.c`) should be
updated to include `curl_setup.h` and use the `curlx_` macros.

This patch changes mappings in two places:
- `lib/curl_threads.c` in libtests: Before this patch it mapped to
  libcurl allocators. After, it maps to standard allocators, like
  the rest of libtests code.
- `units`: before this patch it mapped to standard allocators. After, it
  maps to libcurl allocators.

Also:
- drop all position-dependent `curl_memory.h` and `memdebug.h` includes,
  and delete the now unnecessary headers.
- rename `Curl_tcsdup` macro to `curlx_tcsdup` and define like the other
  allocators.
- map `curlx_strdup()` to `_strdup()` on Windows (was: `strdup()`).
  To fix warnings silenced via `_CRT_NONSTDC_NO_DEPRECATE`.
- multibyte: map `curlx_convert_*()` to `_strdup()` on Windows
  (was: `strdup()`).
- src: do not reuse the `strdup` name for the local replacement.
- lib509: call `_strdup()` on Windows (was: `strdup()`).
- test1132: delete test obsoleted by this patch.
- CHECKSRC.md: update text for `SNPRINTF`.
- checksrc: ban standard allocator symbols.

Follow-up to b12da22db1 #18866
Follow-up to db98daab05 #18844
Follow-up to 4deea9396b #18814
Follow-up to 9678ff5b1b #18776
Follow-up to 10bac43b87 #18774
Follow-up to 20142f5d06 #18634
Follow-up to bf7375ecc5 #18503
Follow-up to 9863599d69 #18502
Follow-up to 3bb5e58c10 #17827

Closes #19626
2025-11-28 10:44:26 +01:00
x2018
a6c940a752
schannel_verify: fix a memory leak of cert_context
Closes #19556
2025-11-17 14:42:21 +01:00
Viktor Szakats
554dfa5568
build: drop Windows CE / CeGCC support
Windows CE support was limited to successful builds with ming32ce
(a toolchain that hasn't seen an update since 2009, using an ancient gcc
version and "old mingw"-style SDK headers, that curl deprecated earlier).
Builds with MSVC were broken for a long time. mingw32ce builds were never
actually tested and runtime and unlikely to work due to missing stubs.
Windows CE toolchains also miss to comply with C89. Paired with lack of
demand and support for the platform, curl deprecated it earlier.

This patch removes support from the codebase to ease maintaining Windows
codepaths.

Follow-up to f98c0ba834 #17924
Follow-up to 8491e6574c #17379
Follow-up to 2a292c3984 #15975

Closes #17927
2025-11-15 15:35:23 +01:00
Joshua Rogers
bff9679a01
schannel_verify: do not call infof with an appended \n
Discovered by ZeroPath
Closes #19123
2025-10-18 22:15:26 +02:00
Daniel Stenberg
1e6d507de7
schannel_verify: fix mem-leak in Curl_verify_host
Reported-by: Stanislav Fort
Closes #18972
2025-10-09 21:55:28 +02:00
Viktor Szakats
b12da22db1
lib: stop overriding system printf symbols
After this patch, the codebase no longer overrides system printf
functions. Instead it explicitly calls either the curl printf functions
`curl_m*printf()` or the system ones using their original names.

Also:
- drop unused `curl_printf.h` includes.
- checksrc: ban system printf functions, allow where necessary.

Follow-up to db98daab05 #18844
Follow-up to 4deea9396b #18814

Closes #18866
2025-10-06 20:57:59 +02:00
Daniel Stenberg
bebc8df0f7
schannel_verify: use more human friendly error messages
Closes #18737
2025-09-25 16:53:29 +02:00
Viktor Szakats
1429858bce
tidy-up: update MS links, allow long URLs via checksrc
- update Microsoft documentation links.
  (also drop language designator where present.)

- checksrc: allow longer than 78 character lines if they
  contain a https URL. To make these links easier to use and parse.

- merge links that were split into two lines.

Closes #18626
2025-09-20 11:49:23 +02:00
Viktor Szakats
902262b166
windows: document toolchain support for CERT_NAME_SEARCH_ALL_NAMES_FLAG
Follow-up to 5f99b45693 #18113
Follow-up to 3bfcfe82b9 #18085
2025-07-31 20:43:21 +02:00
Viktor Szakats
923db3515d
schannel: not supported with UWP, drop redundant code
Schannel is not supported by UWP. SSPI is also required by Schannel in
curl, and SSPI also isn't supported by UWP.

mingw-w64 is able to create such build regardless (my guess: due to API
parts not accurately marked as UWP-only), but the binary is unlikely
to work. With MSVC the failure happens at build-time.

Ref: https://learn.microsoft.com/windows/win32/api/sspi/nf-sspi-initsecurityinterfacea#requirements
Ref: https://learn.microsoft.com/windows/win32/secauthn/initializesecuritycontext--schannel#requirements

Drop all UWP-related logic, including two related feature checks, that
can now be permanently enabled.

Also:
- build: show fatal error for Schannel in UWP mode.
- build: do not allow enabling SSPI in UWP mode.
- drop undocumented option `DISABLE_SCHANNEL_CLIENT_CERT`. Added without
  mention in an unrelated commit. The PR text says to save size. On x64
  this is 0.3%, or 4KB out of 1.3MB. The tiny gain doesn't justify
  an extra build variant. Ref: 8beff43559
- move `MPROTO_SCHANNEL_CERT_SHARE_KEY` closer to its use.
- replace commented block with `#if 0`.

Reviewed-by: Jay Satiro
Follow-up to cd0ec4784c #17089
Closes #18116
2025-07-31 20:05:32 +02:00
Viktor Szakats
3bfcfe82b9
windows: document toolchain support for some macros
The oldest MS SDK I checked is 6.0A (VS2008). Versions are approximate
beyond 7.1A. I only have two Win10 SDKs to verify:
10.0.16299.0 (VS2017-15.4) and 10.0.22621.0 (VS2022).

Ref: https://en.wikipedia.org/wiki/Microsoft_Windows_SDK
Ref: https://developer.microsoft.com/windows/downloads/sdk-archive/index-legacy (recent versions mostly)

Closes #18085
2025-07-31 00:43:57 +02:00
Viktor Szakats
89771d19d5
tidy-up: prefer ifdef/ifndef for single checks
Closes #18018
2025-07-27 22:35:17 +02:00
Viktor Szakats
4d977fe552
tidy-up: more whitespace/indent, comments
Also a couple of minor formatting updates in the root `CMakeLists.txt`.
One swap to `#ifdef`.

Closes #17929
2025-07-25 11:47:51 +02:00
Viktor Szakats
6b016cec55
tidy-up: two comments
Follow-up to 2c27a67daa #17590
Follow-up to df1ff17f88 #17418

Closes #17624
2025-06-15 13:32:24 +02:00
Rod Widdowson
df1ff17f88 schannel: allow partial chains for manual peer verification
- Align --cacert behaviour with OpenSSL and LibreSSL.

This changes the default behavior of Schannel manual certificate
verification, which is used when the user provides their own CA
certificates for verification, to accept partial chains. In other words,
the user may provide an intermediate certificate without having to
provide the root CA.

Win8/Server2012 widened the PKIX chain traversal API to allow
certificate traversal to terminate at an intermediate.

This behaviour (terminate at the fist matching intermediate) is the
default for LibreSSL and OpenSSL (with OpenSSL allowing control via
CURLSSLOPT_NO_PARTIALCHAIN).

This change uses the new API if it is available, and also allows the
behaviour to revert legacy if CURLSSLOPT_NO_PARTIALCHAIN is present.

Closes https://github.com/curl/curl/pull/17418
2025-06-14 18:55:08 -04:00
Daniel Stenberg
fe81a80ae7
spelling: call it null-terminate consistently
With a dash, using two Ls. Also for different forms of the word.

Use NULL in all uppercase if it means a zero pointer.

Follow-up to 307b7543ea

Closes #17489
2025-05-30 17:29:45 +02:00
Daniel Stenberg
d4dd43b20d
curlx: move curlx_inet_pton
Used by test server code.

Closes #17300
2025-05-09 13:45:24 +02:00
Daniel Stenberg
c74d3e10d2
curlx: add curlx_winapi_ functions
Split them out from lib/strerror. Used by test code.

Closes #17299
2025-05-09 10:45:36 +02:00
Daniel Stenberg
16db059a93
curlx: move version_win32.[ch] to curlx/
For curlx_verify_windows_version

Closes #17290
2025-05-08 17:09:32 +02:00
Daniel Stenberg
2d528898f7
lib: move multibyte.[ch] to curlx/
This file provides functions in the curlx set.

Closes #17285
2025-05-08 10:19:19 +02:00
Daniel Stenberg
625f2c1644
lib: include files using known path
by including headers using "../[header]" when done from C files in
subdirectories, we do not need to specify the lib source dir as an
include path and we reduce the risk of header name collisions with
headers in the SDK using the same file names.

Idea-by: Kai Pastor

Ref: #16949
Closes #16991
2025-04-08 17:00:00 +02:00
Viktor Szakats
554e4c14be
windows: fix issues detected by clang-tidy, and some more
- digest_sspi: memory leak.
- digest_sspi: free buffers on `calloc()` fail.
  (not detected by clang-tidy)
- schannel_verify: avoid a `NULL` `alt_name_info`.
- schannel: fix potential `NULL` deref for `backend->cred`.
- schannel: fix uninitialized result value.
  Follow-up to 7f4c358541 #3197
- schannel: drop unused assigment.
- tool_doswin: drop unused assigment.
- testutil: fix memory leak on error.
- testutil: fix memory leak on non-error.
  (not detected by clang-tidy)

Cherry-picked from #16764
Closes #16777
2025-03-24 10:15:08 +01:00