From e8415ad3c7ab69a7056daa4b39e7a0044c43f5ba Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 21 Feb 2026 00:01:22 +0100 Subject: [PATCH 01/88] clang-tidy: add arg names to prototypes where missing Detected by `readability-named-parameter` with `HeaderFilterRegex: '.*'`, or `CURL_CLANG_TIDYFLAGS='--header-filter=.*'`. Follow-up to c878160e9c1f7366e64299aa02540d5495c3df9c #20624 Closes #20657 --- include/curl/curl.h | 6 +++--- include/curl/multi.h | 2 +- include/curl/urlapi.h | 2 +- lib/curl_addrinfo.h | 3 ++- lib/curl_share.h | 6 +++--- lib/formdata.h | 2 +- lib/hash.h | 2 +- lib/http.h | 5 +++-- lib/llist.h | 12 ++++++------ lib/multiif.h | 2 +- src/slist_wc.h | 4 ++-- 11 files changed, 24 insertions(+), 22 deletions(-) diff --git a/include/curl/curl.h b/include/curl/curl.h index 9ab580bb02..8de335080f 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -3218,7 +3218,7 @@ typedef struct curl_version_info_data curl_version_info_data; * This function returns a pointer to a static copy of the version info * struct. See above. */ -CURL_EXTERN curl_version_info_data *curl_version_info(CURLversion); +CURL_EXTERN curl_version_info_data *curl_version_info(CURLversion stamp); /* * NAME curl_easy_strerror() @@ -3229,7 +3229,7 @@ CURL_EXTERN curl_version_info_data *curl_version_info(CURLversion); * into the equivalent human readable error string. This is useful * for printing meaningful error messages. */ -CURL_EXTERN const char *curl_easy_strerror(CURLcode); +CURL_EXTERN const char *curl_easy_strerror(CURLcode error); /* * NAME curl_share_strerror() @@ -3240,7 +3240,7 @@ CURL_EXTERN const char *curl_easy_strerror(CURLcode); * into the equivalent human readable error string. This is useful * for printing meaningful error messages. */ -CURL_EXTERN const char *curl_share_strerror(CURLSHcode); +CURL_EXTERN const char *curl_share_strerror(CURLSHcode error); /* * NAME curl_easy_pause() diff --git a/include/curl/multi.h b/include/curl/multi.h index 531c1a954a..ba43123152 100644 --- a/include/curl/multi.h +++ b/include/curl/multi.h @@ -269,7 +269,7 @@ CURL_EXTERN CURLMsg *curl_multi_info_read(CURLM *multi_handle, * * Returns: A pointer to a null-terminated error message. */ -CURL_EXTERN const char *curl_multi_strerror(CURLMcode); +CURL_EXTERN const char *curl_multi_strerror(CURLMcode error); /* * Name: curl_multi_socket() and diff --git a/include/curl/urlapi.h b/include/curl/urlapi.h index dabe44a47d..f7a42b3b9e 100644 --- a/include/curl/urlapi.h +++ b/include/curl/urlapi.h @@ -146,7 +146,7 @@ CURL_EXTERN CURLUcode curl_url_set(CURLU *handle, CURLUPart what, * readable error string. This is useful for printing meaningful error * messages. */ -CURL_EXTERN const char *curl_url_strerror(CURLUcode); +CURL_EXTERN const char *curl_url_strerror(CURLUcode error); #ifdef __cplusplus } /* end of extern "C" */ diff --git a/lib/curl_addrinfo.h b/lib/curl_addrinfo.h index 63d3f7a244..f464b5ed78 100644 --- a/lib/curl_addrinfo.h +++ b/lib/curl_addrinfo.h @@ -72,7 +72,8 @@ struct Curl_addrinfo *Curl_he2ai(const struct hostent *he, int port); #endif bool Curl_is_ipaddr(const char *address); -CURLcode Curl_str2addr(const char *dotted, int port, struct Curl_addrinfo **); +CURLcode Curl_str2addr(const char *dotted, int port, + struct Curl_addrinfo **addrp); #ifdef USE_UNIX_SOCKETS struct Curl_addrinfo *Curl_unix2addr(const char *path, bool *longpath, diff --git a/lib/curl_share.h b/lib/curl_share.h index b7746fe68c..5e3f82aa56 100644 --- a/lib/curl_share.h +++ b/lib/curl_share.h @@ -65,9 +65,9 @@ struct Curl_share { #endif }; -CURLSHcode Curl_share_lock(struct Curl_easy *, curl_lock_data, - curl_lock_access); -CURLSHcode Curl_share_unlock(struct Curl_easy *, curl_lock_data); +CURLSHcode Curl_share_lock(struct Curl_easy *data, curl_lock_data type, + curl_lock_access accesstype); +CURLSHcode Curl_share_unlock(struct Curl_easy *data, curl_lock_data type); /* convenience macro to check if this handle is using a shared SSL spool */ #define CURL_SHARE_ssl_scache(data) ((data)->share && \ diff --git a/lib/formdata.h b/lib/formdata.h index ce592a8fd9..33d7d0ae33 100644 --- a/lib/formdata.h +++ b/lib/formdata.h @@ -47,7 +47,7 @@ struct FormInfo { }; CURLcode Curl_getformdata(CURL *data, - curl_mimepart *, + curl_mimepart *finalform, struct curl_httppost *post, curl_read_callback fread_func); #endif /* CURL_DISABLE_FORM_API */ diff --git a/lib/hash.h b/lib/hash.h index 8bf47ccf75..267f91d1ae 100644 --- a/lib/hash.h +++ b/lib/hash.h @@ -85,7 +85,7 @@ void *Curl_hash_add(struct Curl_hash *h, void *key, size_t key_len, void *p); void *Curl_hash_add2(struct Curl_hash *h, void *key, size_t key_len, void *p, Curl_hash_elem_dtor dtor); int Curl_hash_delete(struct Curl_hash *h, void *key, size_t key_len); -void *Curl_hash_pick(struct Curl_hash *, void *key, size_t key_len); +void *Curl_hash_pick(struct Curl_hash *h, void *key, size_t key_len); void Curl_hash_destroy(struct Curl_hash *h); size_t Curl_hash_count(struct Curl_hash *h); diff --git a/lib/http.h b/lib/http.h index 6ef391af60..7076cd9c60 100644 --- a/lib/http.h +++ b/lib/http.h @@ -100,13 +100,14 @@ CURLcode Curl_dynhds_add_custom(struct Curl_easy *data, bool is_connect, void Curl_http_to_fold(struct dynbuf *bf); void Curl_http_method(struct Curl_easy *data, - const char **method, Curl_HttpReq *); + const char **method, Curl_HttpReq *reqp); /* protocol-specific functions set up to be called by the main engine */ CURLcode Curl_http_setup_conn(struct Curl_easy *data, struct connectdata *conn); CURLcode Curl_http(struct Curl_easy *data, bool *done); -CURLcode Curl_http_done(struct Curl_easy *data, CURLcode, bool premature); +CURLcode Curl_http_done(struct Curl_easy *data, + CURLcode status, bool premature); CURLcode Curl_http_doing_pollset(struct Curl_easy *data, struct easy_pollset *ps); CURLcode Curl_http_perform_pollset(struct Curl_easy *data, diff --git a/lib/llist.h b/lib/llist.h index 31c5b45ed3..09c695d3cf 100644 --- a/lib/llist.h +++ b/lib/llist.h @@ -50,13 +50,13 @@ struct Curl_llist_node { #endif }; -void Curl_llist_init(struct Curl_llist *, Curl_llist_dtor); -void Curl_llist_insert_next(struct Curl_llist *, struct Curl_llist_node *, - const void *, struct Curl_llist_node *ne); -void Curl_llist_append(struct Curl_llist *, const void *, +void Curl_llist_init(struct Curl_llist *l, Curl_llist_dtor dtor); +void Curl_llist_insert_next(struct Curl_llist *list, struct Curl_llist_node *e, + const void *p, struct Curl_llist_node *ne); +void Curl_llist_append(struct Curl_llist *list, const void *p, struct Curl_llist_node *ne); -void Curl_node_remove(struct Curl_llist_node *); -void Curl_llist_destroy(struct Curl_llist *, void *); +void Curl_node_remove(struct Curl_llist_node *e); +void Curl_llist_destroy(struct Curl_llist *list, void *user); /* Curl_llist_head() returns the first 'struct Curl_llist_node *', which might be NULL */ diff --git a/lib/multiif.h b/lib/multiif.h index f6cb3294e5..039db269e0 100644 --- a/lib/multiif.h +++ b/lib/multiif.h @@ -27,7 +27,7 @@ * Prototypes for library-wide functions provided by multi.c */ -void Curl_expire(struct Curl_easy *data, timediff_t milli, expire_id); +void Curl_expire(struct Curl_easy *data, timediff_t milli, expire_id id); void Curl_expire_ex(struct Curl_easy *data, timediff_t milli, expire_id id); void Curl_expire_clear(struct Curl_easy *data); diff --git a/src/slist_wc.h b/src/slist_wc.h index 7bf76257a4..328d6b00f5 100644 --- a/src/slist_wc.h +++ b/src/slist_wc.h @@ -41,7 +41,7 @@ struct slist_wc { * Appends a string to a linked list. If no list exists, it will be created * first. Returns the new list, after appending. */ -struct slist_wc *slist_wc_append(struct slist_wc *, const char *); +struct slist_wc *slist_wc_append(struct slist_wc *list, const char *data); /* * NAME curl_slist_free_all() @@ -50,7 +50,7 @@ struct slist_wc *slist_wc_append(struct slist_wc *, const char *); * * free a previously built curl_slist_wc. */ -void slist_wc_free_all(struct slist_wc *); +void slist_wc_free_all(struct slist_wc *list); #endif /* CURL_DISABLE_LIBCURL_OPTION */ From 3877db7bcf8a180f8dcb1c36baf5f77dc29cbf1d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 23 Feb 2026 09:11:18 +0100 Subject: [PATCH 02/88] openssl: fix compiler warning with OpenSSL master MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit vtls/openssl.c:469:15: error: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] X509_get_X509_PUBKEY() now returns a const pointer - but only on OpenSSL 3, we must keep the non-const version for all forks. Closes #20681 --- lib/vtls/openssl.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index f1f8843b9a..4142e937a2 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -389,6 +389,13 @@ static CURLcode get_pkey_dh(struct Curl_easy *data, return result; } +#ifdef HAVE_OPENSSL3 +/* from OpenSSL commit fc756e594ed5a27af378 */ +typedef const X509_PUBKEY pubkeytype_t; +#else +typedef X509_PUBKEY pubkeytype_t; +#endif + static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl) { CURLcode result; @@ -453,7 +460,7 @@ static CURLcode ossl_certchain(struct Curl_easy *data, SSL *ssl) { const X509_ALGOR *sigalg = NULL; - X509_PUBKEY *xpubkey = NULL; + pubkeytype_t *xpubkey = NULL; ASN1_OBJECT *pubkeyoid = NULL; X509_get0_signature(&psig, &sigalg, x); From d6d8a1a15aefdc4c17aecd35f9e6eb55838e2025 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 22 Feb 2026 19:23:41 +0100 Subject: [PATCH 03/88] cmake: always build curlu and curltool test libs in unity mode To speed up building/running tests by default (e.g. via `testdeps` or `tests` targets.) It reduces build commands to 21 (from 239) for a test build. In CI, it affects build test step times as below: - GHA/linux: aws-lc 12s https://github.com/curl/curl/actions/runs/22279958343/job/64448913413 -> 6s https://github.com/curl/curl/actions/runs/22282767915/job/64455970302 - GHA/linux: Fil-C 39s https://github.com/curl/curl/actions/runs/22279958343/job/64448913430 -> 37s https://github.com/curl/curl/actions/runs/22282767915/job/64455970352 - GHA/non-native: FreeBSD Intel 22s https://github.com/curl/curl/actions/runs/22279958335/job/64448913514 -> 15s https://github.com/curl/curl/actions/runs/22282767899/job/64455969960 - GHA/windows: dl-mingw 6.4.0 23s https://github.com/curl/curl/actions/runs/22279958334/job/64448917225 -> 9s https://github.com/curl/curl/actions/runs/22282767922/job/64455975006 Follow-up to fff9905bcf7c8c1da1668213d79473865461048f #20670 Closes #20677 --- lib/CMakeLists.txt | 2 +- src/CMakeLists.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt index f20873cdbf..2b601673a2 100644 --- a/lib/CMakeLists.txt +++ b/lib/CMakeLists.txt @@ -47,7 +47,7 @@ if(CURL_BUILD_TESTING) target_link_libraries(curlu PUBLIC ${CURL_LIBS}) # There is plenty of parallelism when building the testdeps target. # Override the curlu batch size with the maximum to optimize performance. - set_target_properties(curlu PROPERTIES UNITY_BUILD_BATCH_SIZE 0 C_CLANG_TIDY "") + set_target_properties(curlu PROPERTIES UNITY_BUILD ON UNITY_BUILD_BATCH_SIZE 0 C_CLANG_TIDY "") add_custom_command(OUTPUT "${CMAKE_CURRENT_BINARY_DIR}/unitprotos.h" WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}" diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 0063b438c2..87c26e30d1 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -116,7 +116,7 @@ set_target_properties(curlinfo PROPERTIES UNITY_BUILD OFF) add_library(curltool STATIC EXCLUDE_FROM_ALL ${CURL_CFILES} ${CURL_HFILES} ${_curlx_cfiles_lib} ${_curlx_hfiles_lib}) target_compile_definitions(curltool PUBLIC "CURL_STATICLIB" "UNITTESTS") target_link_libraries(curltool PUBLIC ${CURL_LIBS}) -set_target_properties(curltool PROPERTIES C_CLANG_TIDY "") +set_target_properties(curltool PROPERTIES UNITY_BUILD ON C_CLANG_TIDY "") if(CURL_HAS_LTO) set_target_properties(${EXE_NAME} PROPERTIES INTERPROCEDURAL_OPTIMIZATION TRUE) From ee9b000438bd6e4cecc8a933804397a55ad0f7b8 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 23 Feb 2026 12:00:18 +0100 Subject: [PATCH 04/88] curl/curl.h: revert to recursive macros to keep supporting C++ use-case To avoid breaking 3rd-party code reusing these symbols as C++ methods, e.g. in CMake sources: ``` cmake/src/v4.0.0-b30653ae0c.clean/Source/cmCurl.cxx:119:24: error: expected unqualified-id 119 | ::CURLcode res = ::curl_easy_setopt(curl, CURLOPT_CAINFO, cafile.c_str()); | ^ ``` Also expand comment to highlight the case. Reported-by: Kai Pastor Bug: https://github.com/curl/curl/commit/daa6b27b4d998d62c8198b4fe167199cc7bf0064#r177869049 Reported-by: Marcel Raad Bug: https://curl.se/mail/lib-2026-02/0020.html Fixes #20682 Follow-up to daa6b27b4d998d62c8198b4fe167199cc7bf0064 #20597 Closes #20686 --- CMake/PickyWarnings.cmake | 2 +- include/curl/curl.h | 13 +++++++------ m4/curl-compilers.m4 | 2 +- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/CMake/PickyWarnings.cmake b/CMake/PickyWarnings.cmake index d78f1c68fe..1650af3ea4 100644 --- a/CMake/PickyWarnings.cmake +++ b/CMake/PickyWarnings.cmake @@ -161,7 +161,7 @@ if(PICKY_COMPILER) if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 3.1) list(APPEND _picky_enable -Wno-covered-switch-default # clang 3.1 appleclang 3.1 # Annoying to fix or silence - -Wno-disabled-macro-expansion # clang 3.1 appleclang 3.1 # Triggered by standard headers + -Wno-disabled-macro-expansion # clang 3.1 appleclang 3.1 # Triggered by curl/curl.h, standard headers ) if(MSVC) list(APPEND _picky_enable diff --git a/include/curl/curl.h b/include/curl/curl.h index 8de335080f..52b51c4888 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -3329,15 +3329,16 @@ CURL_EXTERN CURLcode curl_easy_ssls_export(CURL *handle, #if defined(__STDC__) && (__STDC__ >= 1) /* This preprocessor magic that replaces a call with the exact same call is only done to make sure application authors pass exactly three arguments - to these functions. */ + to these functions. Use recursive macros to allow reusing these symbols + as C++ method names. */ #define curl_easy_setopt(handle, opt, param) \ - (curl_easy_setopt)(handle, opt, param) + curl_easy_setopt(handle, opt, param) #define curl_easy_getinfo(handle, info, arg) \ - (curl_easy_getinfo)(handle, info, arg) + curl_easy_getinfo(handle, info, arg) #define curl_share_setopt(share, opt, param) \ - (curl_share_setopt)(share, opt, param) -#define curl_multi_setopt(handle,opt,param) \ - (curl_multi_setopt)(handle, opt, param) + curl_share_setopt(share, opt, param) +#define curl_multi_setopt(handle, opt, param) \ + curl_multi_setopt(handle, opt, param) #endif /* __STDC__ >= 1 */ #endif /* gcc >= 4.3 && !__cplusplus && !CURL_DISABLE_TYPECHECK */ diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4 index 46b4d1a8a4..12309e1525 100644 --- a/m4/curl-compilers.m4 +++ b/m4/curl-compilers.m4 @@ -868,7 +868,7 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ if test "$compiler_num" -ge "301"; then CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [format-non-iso]) tmp_CFLAGS="$tmp_CFLAGS -Wno-covered-switch-default" # Annoying to fix or silence - tmp_CFLAGS="$tmp_CFLAGS -Wno-disabled-macro-expansion" # Triggered by standard headers + tmp_CFLAGS="$tmp_CFLAGS -Wno-disabled-macro-expansion" # Triggered by curl/curl.h, standard headers fi # dnl Only clang 3.2 or later From 6ad50dc2859e9ea764aafe51b34d430a663fb1d3 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 23 Feb 2026 13:32:52 +0100 Subject: [PATCH 05/88] cmake: add C++ integration test Also: - include code to verify a C++-specific public header regression reported in 8.19.0-rc2. - curl/curl.h: mention C++ global namespace in comment. - GHA/dist: add CI job for C++. Runtime: 15 seconds. Follow-up to ee9b000438bd6e4cecc8a933804397a55ad0f7b8 #20686 Ref: #20682 Closes #20687 --- .github/workflows/distcheck.yml | 3 +++ Makefile.am | 1 + include/curl/curl.h | 4 +-- tests/cmake/CMakeLists.txt | 24 ++++++++++++------ tests/cmake/test.c | 2 +- tests/cmake/test.cpp | 44 +++++++++++++++++++++++++++++++++ 6 files changed, 67 insertions(+), 11 deletions(-) create mode 100644 tests/cmake/test.cpp diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index 21c958fdd9..eb461930f8 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -316,6 +316,9 @@ jobs: run: ./tests/cmake/test.sh add_subdirectory ${TESTOPTS} -DCURL_USE_OPENSSL=ON - name: 'via find_package' run: ./tests/cmake/test.sh find_package ${TESTOPTS} -DCURL_USE_OPENSSL=ON + - name: 'via find_package (C++)' + if: ${{ contains(matrix.image, 'ubuntu') }} + run: TEST_CMAKE_FLAGS=-DTEST_CPP=ON ./tests/cmake/test.sh find_package ${TESTOPTS} -DCURL_USE_OPENSSL=ON - name: 'via ExternalProject (old cmake)' if: ${{ contains(matrix.image, 'ubuntu') }} diff --git a/Makefile.am b/Makefile.am index 381ec987f3..1913f5d007 100644 --- a/Makefile.am +++ b/Makefile.am @@ -62,6 +62,7 @@ CMAKE_DIST = \ CMakeLists.txt \ tests/cmake/CMakeLists.txt \ tests/cmake/test.c \ + tests/cmake/test.cpp \ tests/cmake/test.sh EXTRA_DIST = CHANGES.md COPYING RELEASE-NOTES Dockerfile .clang-tidy.yml .editorconfig $(CMAKE_DIST) diff --git a/include/curl/curl.h b/include/curl/curl.h index 52b51c4888..923b6f5473 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -3329,8 +3329,8 @@ CURL_EXTERN CURLcode curl_easy_ssls_export(CURL *handle, #if defined(__STDC__) && (__STDC__ >= 1) /* This preprocessor magic that replaces a call with the exact same call is only done to make sure application authors pass exactly three arguments - to these functions. Use recursive macros to allow reusing these symbols - as C++ method names. */ + to these functions. Use recursive macros to allow using these symbols via + the C++ global namespace '::' or reuse them as method names. */ #define curl_easy_setopt(handle, opt, param) \ curl_easy_setopt(handle, opt, param) #define curl_easy_getinfo(handle, info, arg) \ diff --git a/tests/cmake/CMakeLists.txt b/tests/cmake/CMakeLists.txt index 2c3d0daeb8..684759a4e6 100644 --- a/tests/cmake/CMakeLists.txt +++ b/tests/cmake/CMakeLists.txt @@ -25,7 +25,15 @@ cmake_minimum_required(VERSION 3.7...3.16 FATAL_ERROR) message(STATUS "Using CMake version ${CMAKE_VERSION}") -project(test-consumer C) +option(TEST_CPP "Test C++" OFF) + +if(TEST_CPP) + project(test-CPP-consumer CXX) + set(_source "test.cpp") +else() + project(test-C-consumer C) + set(_source "test.c") +endif() option(TEST_INTEGRATION_MODE "Integration mode" "find_package") @@ -93,7 +101,7 @@ elseif(TEST_INTEGRATION_MODE STREQUAL "ExternalProject") ${CURL_TEST_OPTS} BUILD_BYPRODUCTS "${_curl_static_lib}") - add_executable(test-consumer-static-fetch "test.c") + add_executable(test-consumer-static-fetch "${_source}") add_dependencies(test-consumer-static-fetch curl-external) if(WIN32) target_compile_definitions(test-consumer-static-fetch PRIVATE "CURL_STATICLIB") @@ -107,26 +115,26 @@ if(TEST_INTEGRATION_MODE STREQUAL "find_package" OR TEST_INTEGRATION_MODE STREQUAL "add_subdirectory" OR TEST_INTEGRATION_MODE STREQUAL "FetchContent") - add_executable(test-consumer-static-ns "test.c") + add_executable(test-consumer-static-ns "${_source}") target_link_libraries(test-consumer-static-ns PRIVATE "CURL::libcurl_static") - add_executable(test-consumer-shared-ns "test.c") + add_executable(test-consumer-shared-ns "${_source}") target_link_libraries(test-consumer-shared-ns PRIVATE "CURL::libcurl_shared") # Alias for either shared or static library - add_executable(test-consumer-selected-ns "test.c") + add_executable(test-consumer-selected-ns "${_source}") target_link_libraries(test-consumer-selected-ns PRIVATE "CURL::libcurl") endif() if(TEST_INTEGRATION_MODE STREQUAL "add_subdirectory" OR TEST_INTEGRATION_MODE STREQUAL "FetchContent") - add_executable(test-consumer-static-bare "test.c") + add_executable(test-consumer-static-bare "${_source}") target_link_libraries(test-consumer-static-bare PRIVATE "libcurl_static") - add_executable(test-consumer-shared-bare "test.c") + add_executable(test-consumer-shared-bare "${_source}") target_link_libraries(test-consumer-shared-bare PRIVATE "libcurl_shared") - add_executable(test-consumer-selected-bare "test.c") + add_executable(test-consumer-selected-bare "${_source}") target_link_libraries(test-consumer-selected-bare PRIVATE "libcurl") endif() diff --git a/tests/cmake/test.c b/tests/cmake/test.c index acc4953d1d..75c6bf913e 100644 --- a/tests/cmake/test.c +++ b/tests/cmake/test.c @@ -27,7 +27,7 @@ int main(int argc, const char **argv) { (void)argc; - puts("libcurl test:"); + puts("libcurl C test:"); puts(argv[0]); puts(curl_version()); puts("---"); diff --git a/tests/cmake/test.cpp b/tests/cmake/test.cpp new file mode 100644 index 0000000000..71747949a0 --- /dev/null +++ b/tests/cmake/test.cpp @@ -0,0 +1,44 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +#include +#include + +class CurlClass { +public: + void curl_multi_setopt(void *a, int b, long c) { + std::cout << curl_version() << std::endl; + } +}; + +int main(int argc, const char **argv) +{ + (void)argc; + std::cout << "libcurl C++ test:" << std::endl; + std::cout << argv[0] << std::endl; + CurlClass mycurl; + mycurl.curl_multi_setopt(nullptr, 0, 0); + ::curl_easy_setopt(nullptr, CURLOPT_URL, "https://example.com/"); + std::cout << "---" << std::endl; + return 0; +} From 3058ed3df873c21ebba2007c3b12ed9f37558bfe Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 19 Feb 2026 00:44:43 +0100 Subject: [PATCH 06/88] lib: use lib source directory as base include path Backtrack on previous change that aimed to solve the wrong `share.h` being included. It turns out it did not fix this issue. At the same time it introduced relative header filenames and the need to include the same headers differently depending on the source files' location, reducing readability and editability. Replace this method by re-adding curl's lib source directory to the header path and addressing headers by the their full, relative name to that base directory. Aligning with this method already used in src and tests. With these advantages: - makes includes easier to read, recognize, grep, sort, write, and copy between sources, - syncs the way these headers are included across curl components, - avoids the ambiguity between system `schannel.h`, `rustls.h` vs. local headers using the same names in `lib/vtls`, - silences clang-tidy `readability-duplicate-include` checker, which detects the above issue, Ref: https://clang.llvm.org/extra/clang-tidy/checks/readability/duplicate-include.html - possibly silences TIOBE coding standard warnings: `6.10.2.a: Don't use relative paths in #include statements.` - long shot: it works well with concatenated test sources, for clang-tidy-friendly custom unity builds. Ref: #20667 Slight downside: it's not enforced. If there happens to be a collision between a local `lib/*.h` header and a system one, the solution is to rename (possibly with its `.c` counterpart) into the `curl_` namespace. This is also the method used by curl in the past. Also: - curlx/inet_pton: reduce scope of an include. - toolx/tool_time: apply this to an include, and update VS project files accordingly. Also dropping unnecessary lib/curlx header path. - clang-tidy: enable `readability-duplicate-include`. Follow-up to 3887069c661b40e76b053a4867eb565d4761ab3e #19676 Follow-up to 625f2c1644da58b9617479775badea21f125ce6d #16991 #16949 Closes #20623 --- .clang-tidy.yml | 1 + lib/CMakeLists.txt | 1 + lib/Makefile.am | 1 + lib/curlx/base64.c | 4 +- lib/curlx/basename.c | 4 +- lib/curlx/basename.h | 2 +- lib/curlx/curlx.h | 34 +++++------ lib/curlx/dynbuf.c | 6 +- lib/curlx/fopen.c | 8 +-- lib/curlx/fopen.h | 4 +- lib/curlx/inet_ntop.c | 8 +-- lib/curlx/inet_ntop.h | 2 +- lib/curlx/inet_pton.c | 6 +- lib/curlx/inet_pton.h | 2 +- lib/curlx/multibyte.c | 4 +- lib/curlx/multibyte.h | 2 +- lib/curlx/nonblock.c | 4 +- lib/curlx/strcopy.c | 4 +- lib/curlx/strdup.c | 4 +- lib/curlx/strdup.h | 2 +- lib/curlx/strerr.c | 10 ++-- lib/curlx/strparse.c | 2 +- lib/curlx/strparse.h | 2 +- lib/curlx/timediff.c | 2 +- lib/curlx/timediff.h | 2 +- lib/curlx/timeval.c | 4 +- lib/curlx/timeval.h | 4 +- lib/curlx/version_win32.c | 4 +- lib/curlx/version_win32.h | 2 +- lib/curlx/wait.c | 6 +- lib/curlx/wait.h | 2 +- lib/curlx/warnless.c | 4 +- lib/curlx/winapi.c | 8 +-- lib/vauth/cleartext.c | 4 +- lib/vauth/cram.c | 8 +-- lib/vauth/digest.c | 18 +++--- lib/vauth/digest.h | 2 +- lib/vauth/digest_sspi.c | 16 ++--- lib/vauth/gsasl.c | 6 +- lib/vauth/krb5_gssapi.c | 10 ++-- lib/vauth/krb5_sspi.c | 6 +- lib/vauth/ntlm.c | 14 ++--- lib/vauth/ntlm_sspi.c | 10 ++-- lib/vauth/oauth2.c | 4 +- lib/vauth/spnego_gssapi.c | 10 ++-- lib/vauth/spnego_sspi.c | 10 ++-- lib/vauth/vauth.c | 8 +-- lib/vauth/vauth.h | 10 ++-- lib/vquic/curl_ngtcp2.c | 54 ++++++++--------- lib/vquic/curl_ngtcp2.h | 4 +- lib/vquic/curl_quiche.c | 47 ++++++++------- lib/vquic/curl_quiche.h | 2 +- lib/vquic/vquic-tls.c | 20 +++---- lib/vquic/vquic-tls.h | 12 ++-- lib/vquic/vquic.c | 32 +++++----- lib/vquic/vquic.h | 2 +- lib/vquic/vquic_int.h | 4 +- lib/vssh/libssh.c | 32 +++++----- lib/vssh/libssh2.c | 36 +++++------ lib/vssh/ssh.h | 4 +- lib/vssh/vssh.c | 12 ++-- lib/vssh/vssh.h | 4 +- lib/vtls/apple.c | 12 ++-- lib/vtls/apple.h | 2 +- lib/vtls/cipher_suite.c | 4 +- lib/vtls/cipher_suite.h | 2 +- lib/vtls/gtls.c | 32 +++++----- lib/vtls/gtls.h | 5 +- lib/vtls/hostcheck.c | 9 +-- lib/vtls/hostcheck.h | 2 +- lib/vtls/keylog.c | 8 +-- lib/vtls/keylog.h | 2 +- lib/vtls/mbedtls.c | 25 ++++---- lib/vtls/mbedtls.h | 2 +- lib/vtls/openssl.c | 46 +++++++------- lib/vtls/openssl.h | 4 +- lib/vtls/rustls.c | 24 ++++---- lib/vtls/rustls.h | 2 +- lib/vtls/schannel.c | 40 ++++++------- lib/vtls/schannel.h | 8 +-- lib/vtls/schannel_int.h | 6 +- lib/vtls/schannel_verify.c | 26 ++++---- lib/vtls/vtls.c | 52 ++++++++-------- lib/vtls/vtls.h | 4 +- lib/vtls/vtls_int.h | 10 ++-- lib/vtls/vtls_scache.c | 28 ++++----- lib/vtls/vtls_scache.h | 6 +- lib/vtls/vtls_spack.c | 12 ++-- lib/vtls/vtls_spack.h | 2 +- lib/vtls/wolfssl.c | 29 ++++----- lib/vtls/wolfssl.h | 4 +- lib/vtls/x509asn1.c | 14 ++--- lib/vtls/x509asn1.h | 6 +- projects/Windows/tmpl/curl.vcxproj | 96 +++++++++++++++--------------- src/toolx/tool_time.c | 2 +- 95 files changed, 545 insertions(+), 537 deletions(-) diff --git a/.clang-tidy.yml b/.clang-tidy.yml index 83068685a8..25eb4ee9e9 100644 --- a/.clang-tidy.yml +++ b/.clang-tidy.yml @@ -17,6 +17,7 @@ Checks: - misc-const-correctness - misc-header-include-cycle - portability-* + - readability-duplicate-include - readability-named-parameter - readability-redundant-control-flow - readability-redundant-preprocessor diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt index 2b601673a2..a9307f8011 100644 --- a/lib/CMakeLists.txt +++ b/lib/CMakeLists.txt @@ -38,6 +38,7 @@ list(APPEND HHEADERS "${CMAKE_CURRENT_BINARY_DIR}/curl_config.h") set_property(DIRECTORY APPEND PROPERTY INCLUDE_DIRECTORIES "${PROJECT_BINARY_DIR}/lib" # for "curl_config.h" + "${PROJECT_SOURCE_DIR}/lib" ) if(CURL_BUILD_TESTING) diff --git a/lib/Makefile.am b/lib/Makefile.am index 41db1a21ac..ab575ae730 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -58,6 +58,7 @@ CFLAGS += @CURL_CFLAG_EXTRAS@ AM_CPPFLAGS = -I$(top_srcdir)/include \ -I$(top_builddir)/lib \ + -I$(top_srcdir)/lib \ -I$(srcdir) # Prevent LIBS from being used for all link targets diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c index 0e44eae7fa..d869975e67 100644 --- a/lib/curlx/base64.c +++ b/lib/curlx/base64.c @@ -24,9 +24,9 @@ /* Base64 encoding/decoding */ -#include "../curl_setup.h" +#include "curl_setup.h" -#include "base64.h" +#include "curlx/base64.h" /* ---- Base64 Encoding/Decoding Table --- */ const char curlx_base64encdec[] = diff --git a/lib/curlx/basename.c b/lib/curlx/basename.c index 27c29f3c00..d2fd160ff2 100644 --- a/lib/curlx/basename.c +++ b/lib/curlx/basename.c @@ -21,11 +21,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifndef HAVE_BASENAME -#include "basename.h" +#include "curlx/basename.h" /* (Quote from The Open Group Base Specifications Issue 6 IEEE Std 1003.1, 2004 diff --git a/lib/curlx/basename.h b/lib/curlx/basename.h index 287a14aa14..fb79fed805 100644 --- a/lib/curlx/basename.h +++ b/lib/curlx/basename.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifndef HAVE_BASENAME char *curlx_basename(char *path); diff --git a/lib/curlx/curlx.h b/lib/curlx/curlx.h index 1ee35fa1a0..79cffc8f6d 100644 --- a/lib/curlx/curlx.h +++ b/lib/curlx/curlx.h @@ -31,22 +31,22 @@ * be. */ -#include "base64.h" /* for curlx_base64* */ -#include "basename.h" /* for curlx_basename() */ -#include "dynbuf.h" /* for curlx_dyn_*() */ -#include "fopen.h" /* for curlx_f*() */ -#include "inet_ntop.h" /* for curlx_inet_ntop() */ -#include "inet_pton.h" /* for curlx_inet_pton() */ -#include "multibyte.h" /* for curlx_convert_*() */ -#include "nonblock.h" /* for curlx_nonblock() */ -#include "strcopy.h" /* for curlx_strcopy() */ -#include "strdup.h" /* for curlx_memdup*() and curlx_tcsdup() */ -#include "strerr.h" /* for curlx_strerror() */ -#include "strparse.h" /* for curlx_str_* parsing functions */ -#include "timediff.h" /* for timediff_t type and related functions */ -#include "timeval.h" /* for curlx_now type and related functions */ -#include "version_win32.h" /* for curlx_verify_windows_version() */ -#include "wait.h" /* for curlx_wait_ms() */ -#include "winapi.h" /* for curlx_winapi_strerror() */ +#include "curlx/base64.h" /* for curlx_base64* */ +#include "curlx/basename.h" /* for curlx_basename() */ +#include "curlx/dynbuf.h" /* for curlx_dyn_*() */ +#include "curlx/fopen.h" /* for curlx_f*() */ +#include "curlx/inet_ntop.h" /* for curlx_inet_ntop() */ +#include "curlx/inet_pton.h" /* for curlx_inet_pton() */ +#include "curlx/multibyte.h" /* for curlx_convert_*() */ +#include "curlx/nonblock.h" /* for curlx_nonblock() */ +#include "curlx/strcopy.h" /* for curlx_strcopy() */ +#include "curlx/strdup.h" /* for curlx_memdup*() and curlx_tcsdup() */ +#include "curlx/strerr.h" /* for curlx_strerror() */ +#include "curlx/strparse.h" /* for curlx_str_* parsing functions */ +#include "curlx/timediff.h" /* for timediff_t type and related functions */ +#include "curlx/timeval.h" /* for curlx_now type and related functions */ +#include "curlx/version_win32.h" /* for curlx_verify_windows_version() */ +#include "curlx/wait.h" /* for curlx_wait_ms() */ +#include "curlx/winapi.h" /* for curlx_winapi_strerror() */ #endif /* HEADER_CURL_CURLX_H */ diff --git a/lib/curlx/dynbuf.c b/lib/curlx/dynbuf.c index a96b2a5974..7045a1f294 100644 --- a/lib/curlx/dynbuf.c +++ b/lib/curlx/dynbuf.c @@ -21,10 +21,10 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" -#include "dynbuf.h" -#include "../curl_printf.h" +#include "curlx/dynbuf.h" +#include "curl_printf.h" #define MIN_FIRST_ALLOC 32 diff --git a/lib/curlx/fopen.c b/lib/curlx/fopen.c index b73d4f94a1..7f16bdb07e 100644 --- a/lib/curlx/fopen.c +++ b/lib/curlx/fopen.c @@ -21,9 +21,9 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" -#include "fopen.h" +#include "curlx/fopen.h" int curlx_fseek(void *stream, curl_off_t offset, int whence) { @@ -42,8 +42,8 @@ int curlx_fseek(void *stream, curl_off_t offset, int whence) #include /* for _SH_DENYNO */ -#include "multibyte.h" -#include "timeval.h" +#include "curlx/multibyte.h" +#include "curlx/timeval.h" #ifdef CURL_MEMDEBUG /* diff --git a/lib/curlx/fopen.h b/lib/curlx/fopen.h index c4af828d81..d89830edd3 100644 --- a/lib/curlx/fopen.h +++ b/lib/curlx/fopen.h @@ -23,9 +23,9 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" -#include "multibyte.h" +#include "curlx/multibyte.h" #ifdef HAVE_FCNTL_H #include /* for open() and attributes */ diff --git a/lib/curlx/inet_ntop.c b/lib/curlx/inet_ntop.c index 0b10e8a7f6..803b9887ac 100644 --- a/lib/curlx/inet_ntop.c +++ b/lib/curlx/inet_ntop.c @@ -16,7 +16,7 @@ * * SPDX-License-Identifier: ISC */ -#include "../curl_setup.h" +#include "curl_setup.h" #ifndef HAVE_INET_NTOP @@ -30,9 +30,9 @@ #include #endif -#include "inet_ntop.h" -#include "snprintf.h" -#include "strcopy.h" +#include "curlx/inet_ntop.h" +#include "curlx/snprintf.h" +#include "curlx/strcopy.h" #define IN6ADDRSZ 16 /* #define INADDRSZ 4 */ diff --git a/lib/curlx/inet_ntop.h b/lib/curlx/inet_ntop.h index d57b217c96..2e3419f02b 100644 --- a/lib/curlx/inet_ntop.h +++ b/lib/curlx/inet_ntop.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef HAVE_INET_NTOP #ifdef HAVE_NETINET_IN_H diff --git a/lib/curlx/inet_pton.c b/lib/curlx/inet_pton.c index 41a84a4e54..ce324e6d88 100644 --- a/lib/curlx/inet_pton.c +++ b/lib/curlx/inet_pton.c @@ -17,7 +17,7 @@ * * SPDX-License-Identifier: ISC */ -#include "../curl_setup.h" +#include "curl_setup.h" #ifndef HAVE_INET_PTON @@ -31,8 +31,8 @@ #include #endif -#include "inet_pton.h" -#include "strparse.h" +#include "curlx/inet_pton.h" +#include "curlx/strparse.h" #define IN6ADDRSZ 16 #define INADDRSZ 4 diff --git a/lib/curlx/inet_pton.h b/lib/curlx/inet_pton.h index fc3ae3d2bb..601bdf8d87 100644 --- a/lib/curlx/inet_pton.h +++ b/lib/curlx/inet_pton.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef HAVE_INET_PTON #ifdef HAVE_NETINET_IN_H diff --git a/lib/curlx/multibyte.c b/lib/curlx/multibyte.c index 529091ad92..715d2b8dc2 100644 --- a/lib/curlx/multibyte.c +++ b/lib/curlx/multibyte.c @@ -21,11 +21,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(_WIN32) && defined(UNICODE) -#include "multibyte.h" +#include "curlx/multibyte.h" /* * MultiByte conversions using Windows kernel32 library. diff --git a/lib/curlx/multibyte.h b/lib/curlx/multibyte.h index 26da0f0843..8863fb0249 100644 --- a/lib/curlx/multibyte.h +++ b/lib/curlx/multibyte.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef _WIN32 diff --git a/lib/curlx/nonblock.c b/lib/curlx/nonblock.c index 96bf3db64e..6f6458f2b3 100644 --- a/lib/curlx/nonblock.c +++ b/lib/curlx/nonblock.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef HAVE_SYS_IOCTL_H #include @@ -35,7 +35,7 @@ #include #endif -#include "nonblock.h" +#include "curlx/nonblock.h" /* * curlx_nonblock() set the given socket to either blocking or non-blocking diff --git a/lib/curlx/strcopy.c b/lib/curlx/strcopy.c index d6bff15330..da137c3f92 100644 --- a/lib/curlx/strcopy.c +++ b/lib/curlx/strcopy.c @@ -21,9 +21,9 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" -#include "strcopy.h" +#include "curlx/strcopy.h" /* * curlx_strcopy() is a replacement for strcpy. diff --git a/lib/curlx/strdup.c b/lib/curlx/strdup.c index 75e088fe4c..3c967dbe0a 100644 --- a/lib/curlx/strdup.c +++ b/lib/curlx/strdup.c @@ -21,13 +21,13 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef _WIN32 #include #endif -#include "strdup.h" +#include "curlx/strdup.h" #ifdef _WIN32 /*************************************************************************** diff --git a/lib/curlx/strdup.h b/lib/curlx/strdup.h index 3e17fdee63..0c4b14161e 100644 --- a/lib/curlx/strdup.h +++ b/lib/curlx/strdup.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef _WIN32 wchar_t *curlx_wcsdup(const wchar_t *src); /* for curlx_tcsdup() */ diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c index d9c1686e44..e3e838d8c0 100644 --- a/lib/curlx/strerr.c +++ b/lib/curlx/strerr.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef HAVE_STRERROR_R # if (!defined(HAVE_POSIX_STRERROR_R) && \ @@ -31,10 +31,10 @@ # endif #endif -#include "winapi.h" -#include "snprintf.h" -#include "strerr.h" -#include "strcopy.h" +#include "curlx/winapi.h" +#include "curlx/snprintf.h" +#include "curlx/strerr.h" +#include "curlx/strcopy.h" #ifdef USE_WINSOCK /* This is a helper function for curlx_strerror that converts Winsock error diff --git a/lib/curlx/strparse.c b/lib/curlx/strparse.c index 83ff8c904c..8a2523fe79 100644 --- a/lib/curlx/strparse.c +++ b/lib/curlx/strparse.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "strparse.h" +#include "curlx/strparse.h" void curlx_str_init(struct Curl_str *out) { diff --git a/lib/curlx/strparse.h b/lib/curlx/strparse.h index eb3d491595..514203dc92 100644 --- a/lib/curlx/strparse.h +++ b/lib/curlx/strparse.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #define STRE_OK 0 #define STRE_BIG 1 diff --git a/lib/curlx/timediff.c b/lib/curlx/timediff.c index 694c8d8352..2bf786941d 100644 --- a/lib/curlx/timediff.c +++ b/lib/curlx/timediff.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "timediff.h" +#include "curlx/timediff.h" /* * Converts number of milliseconds into a timeval structure. diff --git a/lib/curlx/timediff.h b/lib/curlx/timediff.h index e19b0f4403..1081c75d1c 100644 --- a/lib/curlx/timediff.h +++ b/lib/curlx/timediff.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" /* Use a larger type even for 32-bit time_t systems so that we can keep microsecond accuracy in it */ diff --git a/lib/curlx/timeval.c b/lib/curlx/timeval.c index d01884f7fe..0f0883d74a 100644 --- a/lib/curlx/timeval.c +++ b/lib/curlx/timeval.c @@ -21,11 +21,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "timeval.h" +#include "curlx/timeval.h" #ifdef _WIN32 -#include "../system_win32.h" +#include "system_win32.h" LARGE_INTEGER Curl_freq; diff --git a/lib/curlx/timeval.h b/lib/curlx/timeval.h index 4aab17519d..c01f95d87d 100644 --- a/lib/curlx/timeval.h +++ b/lib/curlx/timeval.h @@ -23,9 +23,9 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" -#include "timediff.h" +#include "curlx/timediff.h" struct curltime { time_t tv_sec; /* seconds */ diff --git a/lib/curlx/version_win32.c b/lib/curlx/version_win32.c index a9a4ee38f9..2aa2641854 100644 --- a/lib/curlx/version_win32.c +++ b/lib/curlx/version_win32.c @@ -21,11 +21,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef _WIN32 -#include "version_win32.h" +#include "curlx/version_win32.h" /* This Unicode version struct works for VerifyVersionInfoW (OSVERSIONINFOEXW) and RtlVerifyVersionInfo (RTLOSVERSIONINFOEXW) */ diff --git a/lib/curlx/version_win32.h b/lib/curlx/version_win32.h index a5fb8ff3c2..569626afc8 100644 --- a/lib/curlx/version_win32.h +++ b/lib/curlx/version_win32.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef _WIN32 diff --git a/lib/curlx/wait.c b/lib/curlx/wait.c index 2a9f54bb3e..eaf454c122 100644 --- a/lib/curlx/wait.c +++ b/lib/curlx/wait.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifndef HAVE_SELECT #error "We cannot compile without select() support." @@ -37,8 +37,8 @@ #include /* delay() */ #endif -#include "timediff.h" -#include "wait.h" +#include "curlx/timediff.h" +#include "curlx/wait.h" /* * Internal function used for waiting a specific amount of ms in diff --git a/lib/curlx/wait.h b/lib/curlx/wait.h index c140194a8c..9b9c27386e 100644 --- a/lib/curlx/wait.h +++ b/lib/curlx/wait.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" int curlx_wait_ms(timediff_t timeout_ms); diff --git a/lib/curlx/warnless.c b/lib/curlx/warnless.c index 91b194042f..5fc36ac9a8 100644 --- a/lib/curlx/warnless.c +++ b/lib/curlx/warnless.c @@ -21,9 +21,9 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" -#include "warnless.h" +#include "curlx/warnless.h" #if defined(__INTEL_COMPILER) && defined(__unix__) diff --git a/lib/curlx/winapi.c b/lib/curlx/winapi.c index c0d6b7f861..3417df269e 100644 --- a/lib/curlx/winapi.c +++ b/lib/curlx/winapi.c @@ -21,16 +21,16 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" /* * curlx_winapi_strerror: * Variant of curlx_strerror if the error code is definitely Windows API. */ #ifdef _WIN32 -#include "winapi.h" -#include "snprintf.h" -#include "strcopy.h" +#include "curlx/winapi.h" +#include "curlx/snprintf.h" +#include "curlx/strcopy.h" /* This is a helper function for curlx_strerror that converts Windows API error * codes (GetLastError) to error messages. diff --git a/lib/vauth/cleartext.c b/lib/vauth/cleartext.c index d9b11d3cb3..7976adec9c 100644 --- a/lib/vauth/cleartext.c +++ b/lib/vauth/cleartext.c @@ -24,13 +24,13 @@ * Draft LOGIN SASL Mechanism * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if !defined(CURL_DISABLE_IMAP) || !defined(CURL_DISABLE_SMTP) || \ !defined(CURL_DISABLE_POP3) || \ (!defined(CURL_DISABLE_LDAP) && defined(USE_OPENLDAP)) -#include "vauth.h" +#include "vauth/vauth.h" /* * Curl_auth_create_plain_message() diff --git a/lib/vauth/cram.c b/lib/vauth/cram.c index 0d061ebbb0..d3f2d137b7 100644 --- a/lib/vauth/cram.c +++ b/lib/vauth/cram.c @@ -23,13 +23,13 @@ * RFC2195 CRAM-MD5 authentication * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifndef CURL_DISABLE_DIGEST_AUTH -#include "vauth.h" -#include "../curl_hmac.h" -#include "../curl_md5.h" +#include "vauth/vauth.h" +#include "curl_hmac.h" +#include "curl_md5.h" /* * Curl_auth_create_cram_md5_message() diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c index ec82564d2c..1a5f6ffde2 100644 --- a/lib/vauth/digest.c +++ b/lib/vauth/digest.c @@ -24,18 +24,18 @@ * RFC7616 DIGEST-SHA256, DIGEST-SHA512-256 authentication * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifndef CURL_DISABLE_DIGEST_AUTH -#include "vauth.h" -#include "digest.h" -#include "../curlx/base64.h" -#include "../curl_md5.h" -#include "../curl_sha256.h" -#include "../curl_sha512_256.h" -#include "../curlx/strparse.h" -#include "../rand.h" +#include "vauth/vauth.h" +#include "vauth/digest.h" +#include "curlx/base64.h" +#include "curl_md5.h" +#include "curl_sha256.h" +#include "curl_sha512_256.h" +#include "curlx/strparse.h" +#include "rand.h" #ifndef USE_WINDOWS_SSPI #define SESSION_ALGO 1 /* for algos with this bit set */ diff --git a/lib/vauth/digest.h b/lib/vauth/digest.h index 902ffab153..5b8f3ae767 100644 --- a/lib/vauth/digest.h +++ b/lib/vauth/digest.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifndef CURL_DISABLE_DIGEST_AUTH diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c index 893838d2cd..f29e569cd1 100644 --- a/lib/vauth/digest_sspi.c +++ b/lib/vauth/digest_sspi.c @@ -24,17 +24,17 @@ * RFC2831 DIGEST-MD5 authentication * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_WINDOWS_SSPI) && !defined(CURL_DISABLE_DIGEST_AUTH) -#include "vauth.h" -#include "digest.h" -#include "../curlx/multibyte.h" -#include "../curl_trc.h" -#include "../curlx/strdup.h" -#include "../strcase.h" -#include "../strerror.h" +#include "vauth/vauth.h" +#include "vauth/digest.h" +#include "curlx/multibyte.h" +#include "curl_trc.h" +#include "curlx/strdup.h" +#include "strcase.h" +#include "strerror.h" /* * Curl_auth_is_digest_supported() diff --git a/lib/vauth/gsasl.c b/lib/vauth/gsasl.c index b95d6e3f0a..958f4ffab7 100644 --- a/lib/vauth/gsasl.c +++ b/lib/vauth/gsasl.c @@ -23,12 +23,12 @@ * RFC5802 SCRAM-SHA-1 authentication * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_GSASL -#include "vauth.h" -#include "../curl_trc.h" +#include "vauth/vauth.h" +#include "curl_trc.h" #include diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c index 6a9f182864..dec9eacc49 100644 --- a/lib/vauth/krb5_gssapi.c +++ b/lib/vauth/krb5_gssapi.c @@ -24,14 +24,14 @@ * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(HAVE_GSSAPI) && defined(USE_KERBEROS5) -#include "vauth.h" -#include "../curl_sasl.h" -#include "../curl_gssapi.h" -#include "../curl_trc.h" +#include "vauth/vauth.h" +#include "curl_sasl.h" +#include "curl_gssapi.h" +#include "curl_trc.h" #if defined(__GNUC__) && defined(__APPLE__) #pragma GCC diagnostic push diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c index 7aad4badfa..91dd525a5f 100644 --- a/lib/vauth/krb5_sspi.c +++ b/lib/vauth/krb5_sspi.c @@ -23,12 +23,12 @@ * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_WINDOWS_SSPI) && defined(USE_KERBEROS5) -#include "vauth.h" -#include "../curl_trc.h" +#include "vauth/vauth.h" +#include "curl_trc.h" /* * Curl_auth_is_gssapi_supported() diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c index 385f6a10b3..205ce6c06d 100644 --- a/lib/vauth/ntlm.c +++ b/lib/vauth/ntlm.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_NTLM) && !defined(USE_WINDOWS_SSPI) @@ -34,12 +34,12 @@ #define DEBUG_ME 0 -#include "vauth.h" -#include "../curl_trc.h" -#include "../curl_ntlm_core.h" -#include "../rand.h" -#include "../curlx/strdup.h" -#include "../curl_endian.h" +#include "vauth/vauth.h" +#include "curl_trc.h" +#include "curl_ntlm_core.h" +#include "rand.h" +#include "curlx/strdup.h" +#include "curl_endian.h" /* "NTLMSSP" signature is always in ASCII regardless of the platform */ #define NTLMSSP_SIGNATURE "\x4e\x54\x4c\x4d\x53\x53\x50" diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c index e0a0bebec3..12cf32b894 100644 --- a/lib/vauth/ntlm_sspi.c +++ b/lib/vauth/ntlm_sspi.c @@ -21,14 +21,14 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_WINDOWS_SSPI) && defined(USE_NTLM) -#include "vauth.h" -#include "../curl_ntlm_core.h" -#include "../curl_trc.h" -#include "../curlx/strdup.h" +#include "vauth/vauth.h" +#include "curl_ntlm_core.h" +#include "curl_trc.h" +#include "curlx/strdup.h" /* * Curl_auth_is_ntlm_supported() diff --git a/lib/vauth/oauth2.c b/lib/vauth/oauth2.c index a7a061337f..4541d1d551 100644 --- a/lib/vauth/oauth2.c +++ b/lib/vauth/oauth2.c @@ -23,13 +23,13 @@ * RFC6749 OAuth 2.0 Authorization Framework * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if !defined(CURL_DISABLE_IMAP) || !defined(CURL_DISABLE_SMTP) || \ !defined(CURL_DISABLE_POP3) || \ (!defined(CURL_DISABLE_LDAP) && defined(USE_OPENLDAP)) -#include "vauth.h" +#include "vauth/vauth.h" /* * Curl_auth_create_oauth_bearer_message() diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c index b1ec37cb31..af8498bad3 100644 --- a/lib/vauth/spnego_gssapi.c +++ b/lib/vauth/spnego_gssapi.c @@ -23,14 +23,14 @@ * RFC4178 Simple and Protected GSS-API Negotiation Mechanism * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(HAVE_GSSAPI) && defined(USE_SPNEGO) -#include "vauth.h" -#include "../curlx/base64.h" -#include "../curl_gssapi.h" -#include "../curl_trc.h" +#include "vauth/vauth.h" +#include "curlx/base64.h" +#include "curl_gssapi.h" +#include "curl_trc.h" #if defined(__GNUC__) && defined(__APPLE__) #pragma GCC diagnostic push diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c index 12bdc3afd7..1f73123a0d 100644 --- a/lib/vauth/spnego_sspi.c +++ b/lib/vauth/spnego_sspi.c @@ -23,14 +23,14 @@ * RFC4178 Simple and Protected GSS-API Negotiation Mechanism * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_WINDOWS_SSPI) && defined(USE_SPNEGO) -#include "vauth.h" -#include "../curlx/base64.h" -#include "../curl_trc.h" -#include "../strerror.h" +#include "vauth/vauth.h" +#include "curlx/base64.h" +#include "curl_trc.h" +#include "strerror.h" /* * Curl_auth_is_spnego_supported() diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c index bdf194b995..a00078fce1 100644 --- a/lib/vauth/vauth.c +++ b/lib/vauth/vauth.c @@ -21,11 +21,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" -#include "vauth.h" -#include "../curlx/multibyte.h" -#include "../url.h" +#include "vauth/vauth.h" +#include "curlx/multibyte.h" +#include "url.h" /* * Curl_auth_build_spn() diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h index 1649dc6832..3e66c89cb5 100644 --- a/lib/vauth/vauth.h +++ b/lib/vauth/vauth.h @@ -23,11 +23,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" -#include "../bufref.h" -#include "../curlx/dynbuf.h" -#include "../urldata.h" +#include "bufref.h" +#include "curlx/dynbuf.h" +#include "urldata.h" struct Curl_easy; struct connectdata; @@ -49,7 +49,7 @@ struct gsasldata; #endif #ifdef USE_WINDOWS_SSPI -#include "../curl_sspi.h" +#include "curl_sspi.h" #define GSS_ERROR(status) ((status) & 0x80000000) #endif diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index d2f704f3db..123eb19b3d 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if !defined(CURL_DISABLE_HTTP) && defined(USE_NGTCP2) && defined(USE_NGHTTP3) #include @@ -36,38 +36,38 @@ #else #include #endif -#include "../vtls/openssl.h" +#include "vtls/openssl.h" #elif defined(USE_GNUTLS) #include -#include "../vtls/gtls.h" +#include "vtls/gtls.h" #elif defined(USE_WOLFSSL) #include -#include "../vtls/wolfssl.h" +#include "vtls/wolfssl.h" #endif -#include "../urldata.h" -#include "../url.h" -#include "../uint-hash.h" -#include "../curl_trc.h" -#include "../rand.h" -#include "../multiif.h" -#include "../cfilters.h" -#include "../cf-socket.h" -#include "../connect.h" -#include "../progress.h" -#include "../curlx/fopen.h" -#include "../curlx/dynbuf.h" -#include "../http1.h" -#include "../select.h" -#include "../transfer.h" -#include "../bufref.h" -#include "vquic.h" -#include "vquic_int.h" -#include "vquic-tls.h" -#include "../vtls/keylog.h" -#include "../vtls/vtls.h" -#include "../vtls/vtls_scache.h" -#include "curl_ngtcp2.h" +#include "urldata.h" +#include "url.h" +#include "uint-hash.h" +#include "curl_trc.h" +#include "rand.h" +#include "multiif.h" +#include "cfilters.h" +#include "cf-socket.h" +#include "connect.h" +#include "progress.h" +#include "curlx/fopen.h" +#include "curlx/dynbuf.h" +#include "http1.h" +#include "select.h" +#include "transfer.h" +#include "bufref.h" +#include "vquic/vquic.h" +#include "vquic/vquic_int.h" +#include "vquic/vquic-tls.h" +#include "vtls/keylog.h" +#include "vtls/vtls.h" +#include "vtls/vtls_scache.h" +#include "vquic/curl_ngtcp2.h" #define QUIC_MAX_STREAMS (256 * 1024) diff --git a/lib/vquic/curl_ngtcp2.h b/lib/vquic/curl_ngtcp2.h index 1e9868e0f7..1a87faf00d 100644 --- a/lib/vquic/curl_ngtcp2.h +++ b/lib/vquic/curl_ngtcp2.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if !defined(CURL_DISABLE_HTTP) && defined(USE_NGTCP2) && defined(USE_NGHTTP3) @@ -46,7 +46,7 @@ struct Curl_cfilter; -#include "../urldata.h" +#include "urldata.h" void Curl_ngtcp2_ver(char *p, size_t len); diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c index fc31c06a46..8ee3e9c087 100644 --- a/lib/vquic/curl_quiche.c +++ b/lib/vquic/curl_quiche.c @@ -21,34 +21,35 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if !defined(CURL_DISABLE_HTTP) && defined(USE_QUICHE) #include #include #include -#include "../bufq.h" -#include "../uint-hash.h" -#include "../urldata.h" -#include "../cfilters.h" -#include "../cf-socket.h" -#include "../curl_trc.h" -#include "../rand.h" -#include "../multiif.h" -#include "../connect.h" -#include "../progress.h" -#include "../select.h" -#include "../http1.h" -#include "vquic.h" -#include "vquic_int.h" -#include "vquic-tls.h" -#include "curl_quiche.h" -#include "../transfer.h" -#include "../url.h" -#include "../bufref.h" -#include "../vtls/openssl.h" -#include "../vtls/keylog.h" -#include "../vtls/vtls.h" + +#include "bufq.h" +#include "uint-hash.h" +#include "urldata.h" +#include "cfilters.h" +#include "cf-socket.h" +#include "curl_trc.h" +#include "rand.h" +#include "multiif.h" +#include "connect.h" +#include "progress.h" +#include "select.h" +#include "http1.h" +#include "vquic/vquic.h" +#include "vquic/vquic_int.h" +#include "vquic/vquic-tls.h" +#include "vquic/curl_quiche.h" +#include "transfer.h" +#include "url.h" +#include "bufref.h" +#include "vtls/openssl.h" +#include "vtls/keylog.h" +#include "vtls/vtls.h" /* HTTP/3 error values defined in RFC 9114, ch. 8.1 */ #define CURL_H3_NO_ERROR 0x0100 diff --git a/lib/vquic/curl_quiche.h b/lib/vquic/curl_quiche.h index 6c0fb9ee1e..fb5a563ae8 100644 --- a/lib/vquic/curl_quiche.h +++ b/lib/vquic/curl_quiche.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if !defined(CURL_DISABLE_HTTP) && defined(USE_QUICHE) diff --git a/lib/vquic/vquic-tls.c b/lib/vquic/vquic-tls.c index 3391d98074..e135ac5174 100644 --- a/lib/vquic/vquic-tls.c +++ b/lib/vquic/vquic-tls.c @@ -21,34 +21,34 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_HTTP3) && \ (defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL)) #ifdef USE_OPENSSL #include -#include "../vtls/openssl.h" +#include "vtls/openssl.h" #elif defined(USE_GNUTLS) #include #include #include #include #include -#include "../vtls/gtls.h" +#include "vtls/gtls.h" #elif defined(USE_WOLFSSL) #include #include #include -#include "../vtls/wolfssl.h" +#include "vtls/wolfssl.h" #endif -#include "../urldata.h" -#include "../cfilters.h" -#include "../vtls/keylog.h" -#include "../vtls/vtls.h" -#include "../vtls/vtls_scache.h" -#include "vquic-tls.h" +#include "urldata.h" +#include "cfilters.h" +#include "vtls/keylog.h" +#include "vtls/vtls.h" +#include "vtls/vtls_scache.h" +#include "vquic/vquic-tls.h" CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx, struct Curl_cfilter *cf, diff --git a/lib/vquic/vquic-tls.h b/lib/vquic/vquic-tls.h index cff7654323..a947cd277b 100644 --- a/lib/vquic/vquic-tls.h +++ b/lib/vquic/vquic-tls.h @@ -23,17 +23,17 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_HTTP3) && \ (defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL)) -#include "../bufq.h" -#include "../vtls/vtls.h" -#include "../vtls/vtls_int.h" +#include "bufq.h" +#include "vtls/vtls.h" +#include "vtls/vtls_int.h" -#include "../vtls/openssl.h" -#include "../vtls/wolfssl.h" +#include "vtls/openssl.h" +#include "vtls/wolfssl.h" struct ssl_peer; struct Curl_ssl_session; diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 7fef051f4c..10cf6cd3cd 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -21,11 +21,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" -#include "../urldata.h" -#include "vquic.h" +#include "curl_setup.h" +#include "urldata.h" +#include "vquic/vquic.h" -#include "../curl_trc.h" +#include "curl_trc.h" #if !defined(CURL_DISABLE_HTTP) && defined(USE_HTTP3) @@ -37,18 +37,18 @@ #include #endif -#include "../bufq.h" -#include "../curlx/dynbuf.h" -#include "../curlx/fopen.h" -#include "../cfilters.h" -#include "curl_ngtcp2.h" -#include "curl_quiche.h" -#include "../multiif.h" -#include "../progress.h" -#include "../rand.h" -#include "vquic_int.h" -#include "../curlx/strerr.h" -#include "../curlx/strparse.h" +#include "bufq.h" +#include "curlx/dynbuf.h" +#include "curlx/fopen.h" +#include "cfilters.h" +#include "vquic/curl_ngtcp2.h" +#include "vquic/curl_quiche.h" +#include "multiif.h" +#include "progress.h" +#include "rand.h" +#include "vquic/vquic_int.h" +#include "curlx/strerr.h" +#include "curlx/strparse.h" #define NW_CHUNK_SIZE (64 * 1024) diff --git a/lib/vquic/vquic.h b/lib/vquic/vquic.h index f5392eb047..528e18476d 100644 --- a/lib/vquic/vquic.h +++ b/lib/vquic/vquic.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if !defined(CURL_DISABLE_HTTP) && defined(USE_HTTP3) struct Curl_cfilter; diff --git a/lib/vquic/vquic_int.h b/lib/vquic/vquic_int.h index 4da3c2f192..d77b34d519 100644 --- a/lib/vquic/vquic_int.h +++ b/lib/vquic/vquic_int.h @@ -23,11 +23,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_HTTP3 -#include "../bufq.h" +#include "bufq.h" #define MAX_UDP_PAYLOAD_SIZE 1452 diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 6256838704..ad08f34a8f 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -24,7 +24,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_LIBSSH @@ -42,21 +42,21 @@ #include #endif -#include "../urldata.h" -#include "../sendf.h" -#include "../curl_trc.h" -#include "../hostip.h" -#include "../progress.h" -#include "../transfer.h" -#include "ssh.h" -#include "../url.h" -#include "../cfilters.h" -#include "../connect.h" -#include "../parsedate.h" /* for the week day and month names */ -#include "../curlx/strparse.h" -#include "../multiif.h" -#include "../select.h" -#include "vssh.h" +#include "urldata.h" +#include "sendf.h" +#include "curl_trc.h" +#include "hostip.h" +#include "progress.h" +#include "transfer.h" +#include "vssh/ssh.h" +#include "url.h" +#include "cfilters.h" +#include "connect.h" +#include "parsedate.h" /* for the week day and month names */ +#include "curlx/strparse.h" +#include "multiif.h" +#include "select.h" +#include "vssh/vssh.h" #ifdef HAVE_UNISTD_H #include diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index f1f241c1fc..61086d6f68 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_LIBSSH2 @@ -41,23 +41,23 @@ #include #endif -#include "../urldata.h" -#include "../sendf.h" -#include "../curl_trc.h" -#include "../hostip.h" -#include "../progress.h" -#include "../transfer.h" -#include "ssh.h" -#include "../url.h" -#include "../cfilters.h" -#include "../connect.h" -#include "../parsedate.h" /* for the week day and month names */ -#include "../multiif.h" -#include "../select.h" -#include "../curlx/fopen.h" -#include "vssh.h" -#include "../curlx/strparse.h" -#include "../curlx/base64.h" /* for base64 encoding/decoding */ +#include "urldata.h" +#include "sendf.h" +#include "curl_trc.h" +#include "hostip.h" +#include "progress.h" +#include "transfer.h" +#include "vssh/ssh.h" +#include "url.h" +#include "cfilters.h" +#include "connect.h" +#include "parsedate.h" /* for the week day and month names */ +#include "multiif.h" +#include "select.h" +#include "curlx/fopen.h" +#include "vssh/vssh.h" +#include "curlx/strparse.h" +#include "curlx/base64.h" /* for base64 encoding/decoding */ static const char *sftp_libssh2_strerror(unsigned long err) { diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h index 45740ecdad..1afb1e8643 100644 --- a/lib/vssh/ssh.h +++ b/lib/vssh/ssh.h @@ -23,8 +23,8 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" -#include "../urldata.h" +#include "curl_setup.h" +#include "urldata.h" extern const struct Curl_protocol Curl_protocol_sftp; extern const struct Curl_protocol Curl_protocol_scp; diff --git a/lib/vssh/vssh.c b/lib/vssh/vssh.c index d3abe57b35..d499a633af 100644 --- a/lib/vssh/vssh.c +++ b/lib/vssh/vssh.c @@ -21,15 +21,15 @@ * SPDX-License-Identifier: curl AND ISC * ***************************************************************************/ -#include "../curl_setup.h" -#include "ssh.h" +#include "curl_setup.h" +#include "vssh/ssh.h" #ifdef USE_SSH -#include "vssh.h" -#include "../curlx/strparse.h" -#include "../curl_trc.h" -#include "../escape.h" +#include "vssh/vssh.h" +#include "curlx/strparse.h" +#include "curl_trc.h" +#include "escape.h" #ifdef CURLVERBOSE const char *Curl_ssh_statename(sshstate state) diff --git a/lib/vssh/vssh.h b/lib/vssh/vssh.h index 4e1e1d8c6f..492108fbd7 100644 --- a/lib/vssh/vssh.h +++ b/lib/vssh/vssh.h @@ -23,11 +23,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_SSH -#include "../urldata.h" +#include "urldata.h" CURLcode Curl_getworkingpath(struct Curl_easy *data, const char *homedir, diff --git a/lib/vtls/apple.c b/lib/vtls/apple.c index 2717d24f60..a6a5ba01f0 100644 --- a/lib/vtls/apple.c +++ b/lib/vtls/apple.c @@ -38,15 +38,15 @@ https://httpd.apache.org/docs/2.0/ssl/ssl_intro.html */ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_APPLE_SECTRUST -#include "../urldata.h" -#include "../cfilters.h" -#include "../curl_trc.h" -#include "vtls.h" -#include "apple.h" +#include "urldata.h" +#include "cfilters.h" +#include "curl_trc.h" +#include "vtls/vtls.h" +#include "vtls/apple.h" #include diff --git a/lib/vtls/apple.h b/lib/vtls/apple.h index dd1b5db357..d86a56b1f9 100644 --- a/lib/vtls/apple.h +++ b/lib/vtls/apple.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_APPLE_SECTRUST struct Curl_cfilter; diff --git a/lib/vtls/cipher_suite.c b/lib/vtls/cipher_suite.c index af51582784..1fc6e9f8c6 100644 --- a/lib/vtls/cipher_suite.c +++ b/lib/vtls/cipher_suite.c @@ -21,11 +21,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_MBEDTLS) || defined(USE_RUSTLS) -#include "cipher_suite.h" +#include "vtls/cipher_suite.h" /* * To support the CURLOPT_SSL_CIPHER_LIST option on SSL backends diff --git a/lib/vtls/cipher_suite.h b/lib/vtls/cipher_suite.h index f625ce38cb..0e185e351e 100644 --- a/lib/vtls/cipher_suite.h +++ b/lib/vtls/cipher_suite.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_MBEDTLS) || defined(USE_RUSTLS) diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 9887d98c25..a0a465c360 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -28,7 +28,7 @@ * Note: do not use the GnuTLS' *_t variable type names in this source code, * since they were not present in 1.0.X. */ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_GNUTLS @@ -38,21 +38,21 @@ #include #include -#include "../urldata.h" -#include "../curl_trc.h" -#include "keylog.h" -#include "gtls.h" -#include "vtls.h" -#include "vtls_int.h" -#include "vtls_scache.h" -#include "apple.h" -#include "../vauth/vauth.h" -#include "../parsedate.h" -#include "../connect.h" /* for the connect timeout */ -#include "../progress.h" -#include "../curlx/strdup.h" -#include "../curlx/fopen.h" -#include "x509asn1.h" +#include "urldata.h" +#include "curl_trc.h" +#include "vtls/keylog.h" +#include "vtls/gtls.h" +#include "vtls/vtls.h" +#include "vtls/vtls_int.h" +#include "vtls/vtls_scache.h" +#include "vtls/apple.h" +#include "vauth/vauth.h" +#include "parsedate.h" +#include "connect.h" /* for the connect timeout */ +#include "progress.h" +#include "curlx/strdup.h" +#include "curlx/fopen.h" +#include "vtls/x509asn1.h" /* Enable GnuTLS debugging by defining GTLSDEBUG */ #if 0 diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h index ecdca0a666..a5e55cd4f9 100644 --- a/lib/vtls/gtls.h +++ b/lib/vtls/gtls.h @@ -23,12 +23,13 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_GNUTLS #include -#include "../curlx/timeval.h" + +#include "curlx/timeval.h" #ifdef HAVE_GNUTLS_SRP /* the function exists */ diff --git a/lib/vtls/hostcheck.c b/lib/vtls/hostcheck.c index 9706336735..ad09b83194 100644 --- a/lib/vtls/hostcheck.c +++ b/lib/vtls/hostcheck.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_OPENSSL) || defined(USE_SCHANNEL) /* these backends use functions from this file */ @@ -32,9 +32,10 @@ #ifdef HAVE_NETINET_IN6_H #include #endif -#include "../curl_memrchr.h" -#include "hostcheck.h" -#include "../hostip.h" + +#include "curl_memrchr.h" +#include "vtls/hostcheck.h" +#include "hostip.h" /* check the two input strings with given length, but do not assume they end in nul-bytes */ diff --git a/lib/vtls/hostcheck.h b/lib/vtls/hostcheck.h index 0b4384cb7d..d8e1a52377 100644 --- a/lib/vtls/hostcheck.h +++ b/lib/vtls/hostcheck.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_OPENSSL) || defined(USE_SCHANNEL) diff --git a/lib/vtls/keylog.c b/lib/vtls/keylog.c index ace9cab1ae..51b26d2d3f 100644 --- a/lib/vtls/keylog.c +++ b/lib/vtls/keylog.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_OPENSSL) || \ defined(USE_GNUTLS) || \ @@ -30,9 +30,9 @@ defined(USE_QUICHE) || \ defined(USE_RUSTLS) -#include "keylog.h" -#include "../escape.h" -#include "../curlx/fopen.h" +#include "vtls/keylog.h" +#include "escape.h" +#include "curlx/fopen.h" /* The fp for the open SSLKEYLOGFILE, or NULL if not open */ static FILE *keylog_file_fp; diff --git a/lib/vtls/keylog.h b/lib/vtls/keylog.h index ec82abf547..7e741b964d 100644 --- a/lib/vtls/keylog.h +++ b/lib/vtls/keylog.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #define KEYLOG_LABEL_MAXLEN (sizeof("CLIENT_HANDSHAKE_TRAFFIC_SECRET") - 1) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 3f5654ea0b..398bf8630a 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -27,7 +27,7 @@ * but vtls.c should ever call or use these functions. * */ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_MBEDTLS @@ -56,17 +56,18 @@ #ifdef MBEDTLS_DEBUG #include #endif -#include "cipher_suite.h" -#include "../urldata.h" -#include "../curl_trc.h" -#include "mbedtls.h" -#include "vtls.h" -#include "vtls_int.h" -#include "vtls_scache.h" -#include "x509asn1.h" -#include "../connect.h" /* for the connect timeout */ -#include "../curlx/strdup.h" -#include "../curl_sha256.h" + +#include "vtls/cipher_suite.h" +#include "urldata.h" +#include "curl_trc.h" +#include "vtls/mbedtls.h" +#include "vtls/vtls.h" +#include "vtls/vtls_int.h" +#include "vtls/vtls_scache.h" +#include "vtls/x509asn1.h" +#include "connect.h" /* for the connect timeout */ +#include "curlx/strdup.h" +#include "curl_sha256.h" /* ALPN for http2 */ #if defined(USE_HTTP2) && defined(MBEDTLS_SSL_ALPN) diff --git a/lib/vtls/mbedtls.h b/lib/vtls/mbedtls.h index 3876fe36fc..d8a0a06eb6 100644 --- a/lib/vtls/mbedtls.h +++ b/lib/vtls/mbedtls.h @@ -24,7 +24,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_MBEDTLS diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 4142e937a2..8572f0ec13 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -25,7 +25,7 @@ * Source file for all OpenSSL-specific code for the TLS/SSL layer. No code * but vtls.c should ever call or use these functions. */ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_QUICHE) || defined(USE_OPENSSL) @@ -62,28 +62,28 @@ #undef OCSP_RESPONSE #endif -#include "../urldata.h" -#include "../curl_trc.h" -#include "../httpsrr.h" -#include "../formdata.h" /* for the boundary function */ -#include "../url.h" /* for the ssl config check function */ -#include "../curlx/inet_pton.h" -#include "openssl.h" -#include "../connect.h" -#include "../progress.h" -#include "vtls.h" -#include "vtls_int.h" -#include "vtls_scache.h" -#include "../vauth/vauth.h" -#include "keylog.h" -#include "hostcheck.h" -#include "../transfer.h" -#include "../multiif.h" -#include "../curlx/strerr.h" -#include "../curlx/strparse.h" -#include "../curlx/strcopy.h" -#include "../curlx/strdup.h" -#include "apple.h" +#include "urldata.h" +#include "curl_trc.h" +#include "httpsrr.h" +#include "formdata.h" /* for the boundary function */ +#include "url.h" /* for the ssl config check function */ +#include "curlx/inet_pton.h" +#include "vtls/openssl.h" +#include "connect.h" +#include "progress.h" +#include "vtls/vtls.h" +#include "vtls/vtls_int.h" +#include "vtls/vtls_scache.h" +#include "vauth/vauth.h" +#include "vtls/keylog.h" +#include "vtls/hostcheck.h" +#include "transfer.h" +#include "multiif.h" +#include "curlx/strerr.h" +#include "curlx/strparse.h" +#include "curlx/strcopy.h" +#include "curlx/strdup.h" +#include "vtls/apple.h" #include #include diff --git a/lib/vtls/openssl.h b/lib/vtls/openssl.h index b99ac8a3a5..cfffe9df1b 100644 --- a/lib/vtls/openssl.h +++ b/lib/vtls/openssl.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_OPENSSL /* @@ -34,7 +34,7 @@ #include #include -#include "../urldata.h" +#include "urldata.h" #if OPENSSL_VERSION_NUMBER >= 0x30000000L #define HAVE_OPENSSL3 /* non-fork OpenSSL 3.x or later */ diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index 02a6b7d5aa..63ee0349a1 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -23,23 +23,23 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_RUSTLS #include -#include "../curlx/fopen.h" -#include "../curlx/strerr.h" -#include "../urldata.h" -#include "../curl_trc.h" -#include "../httpsrr.h" -#include "vtls.h" -#include "vtls_int.h" -#include "rustls.h" -#include "keylog.h" -#include "cipher_suite.h" -#include "x509asn1.h" +#include "curlx/fopen.h" +#include "curlx/strerr.h" +#include "urldata.h" +#include "curl_trc.h" +#include "httpsrr.h" +#include "vtls/vtls.h" +#include "vtls/vtls_int.h" +#include "vtls/rustls.h" +#include "vtls/keylog.h" +#include "vtls/cipher_suite.h" +#include "vtls/x509asn1.h" struct rustls_ssl_backend_data { const struct rustls_client_config *config; diff --git a/lib/vtls/rustls.h b/lib/vtls/rustls.h index 2d3b0bb11f..b6ddbd1b7e 100644 --- a/lib/vtls/rustls.h +++ b/lib/vtls/rustls.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_RUSTLS diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 032d2eab56..d533d9a5b6 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -27,7 +27,7 @@ * Source file for all Schannel-specific code for the TLS/SSL layer. No code * but vtls.c should ever call or use these functions. */ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_SCHANNEL @@ -35,25 +35,25 @@ #error "cannot compile Schannel support without SSPI." #endif -#include "schannel.h" -#include "schannel_int.h" -#include "vtls.h" -#include "vtls_int.h" -#include "vtls_scache.h" -#include "../curl_trc.h" -#include "../connect.h" /* for the connect timeout */ -#include "../curlx/strdup.h" -#include "../strerror.h" -#include "../select.h" /* for the socket readiness */ -#include "../curlx/fopen.h" -#include "../curlx/multibyte.h" -#include "x509asn1.h" -#include "../system_win32.h" -#include "../curlx/version_win32.h" -#include "../rand.h" -#include "../curlx/strparse.h" -#include "../progress.h" -#include "../curl_sha256.h" +#include "vtls/schannel.h" +#include "vtls/schannel_int.h" +#include "vtls/vtls.h" +#include "vtls/vtls_int.h" +#include "vtls/vtls_scache.h" +#include "curl_trc.h" +#include "connect.h" /* for the connect timeout */ +#include "curlx/strdup.h" +#include "strerror.h" +#include "select.h" /* for the socket readiness */ +#include "curlx/fopen.h" +#include "curlx/multibyte.h" +#include "vtls/x509asn1.h" +#include "system_win32.h" +#include "curlx/version_win32.h" +#include "rand.h" +#include "curlx/strparse.h" +#include "progress.h" +#include "curl_sha256.h" /* Some verbose debug messages are wrapped by SCH_DEV() instead of DEBUGF() * and only shown if CURL_SCHANNEL_DEV_DEBUG was defined at build time. These diff --git a/lib/vtls/schannel.h b/lib/vtls/schannel.h index 3cf9487a75..fe49e9a9d0 100644 --- a/lib/vtls/schannel.h +++ b/lib/vtls/schannel.h @@ -24,15 +24,15 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_SCHANNEL #include -#include "../curl_sspi.h" -#include "../cfilters.h" -#include "../urldata.h" +#include "curl_sspi.h" +#include "cfilters.h" +#include "urldata.h" extern const struct Curl_ssl Curl_ssl_schannel; diff --git a/lib/vtls/schannel_int.h b/lib/vtls/schannel_int.h index 6359d43915..496635f2c2 100644 --- a/lib/vtls/schannel_int.h +++ b/lib/vtls/schannel_int.h @@ -24,12 +24,12 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_SCHANNEL -#include "vtls.h" -#include "../curl_sha256.h" +#include "vtls/vtls.h" +#include "curl_sha256.h" #if defined(_MSC_VER) && (_MSC_VER < 1700) /* Workaround for warning: diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c index 6550899b03..8533e9ccc1 100644 --- a/lib/vtls/schannel_verify.c +++ b/lib/vtls/schannel_verify.c @@ -27,7 +27,7 @@ * Source file for Schannel-specific certificate verification. This code should * only be invoked by code in schannel.c. */ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_SCHANNEL @@ -35,19 +35,19 @@ #error "cannot compile Schannel support without SSPI." #endif -#include "schannel.h" -#include "schannel_int.h" +#include "vtls/schannel.h" +#include "vtls/schannel_int.h" -#include "../curlx/fopen.h" -#include "../curlx/inet_pton.h" -#include "vtls.h" -#include "vtls_int.h" -#include "../curl_trc.h" -#include "../strerror.h" -#include "../curlx/winapi.h" -#include "../curlx/multibyte.h" -#include "hostcheck.h" -#include "../curlx/version_win32.h" +#include "curlx/fopen.h" +#include "curlx/inet_pton.h" +#include "vtls/vtls.h" +#include "vtls/vtls_int.h" +#include "curl_trc.h" +#include "strerror.h" +#include "curlx/winapi.h" +#include "curlx/multibyte.h" +#include "vtls/hostcheck.h" +#include "curlx/version_win32.h" #define BACKEND ((struct schannel_ssl_backend_data *)connssl->backend) diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index fcaa173daa..df9bc33a7b 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -38,40 +38,40 @@ https://httpd.apache.org/docs/2.0/ssl/ssl_intro.html */ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef HAVE_SYS_TYPES_H #include #endif -#include "../urldata.h" -#include "../cfilters.h" +#include "urldata.h" +#include "cfilters.h" -#include "vtls.h" /* generic SSL protos etc */ -#include "vtls_int.h" -#include "vtls_scache.h" +#include "vtls/vtls.h" /* generic SSL protos etc */ +#include "vtls/vtls_int.h" +#include "vtls/vtls_scache.h" -#include "openssl.h" /* OpenSSL versions */ -#include "gtls.h" /* GnuTLS versions */ -#include "wolfssl.h" /* wolfSSL versions */ -#include "schannel.h" /* Schannel SSPI version */ -#include "mbedtls.h" /* mbedTLS versions */ -#include "rustls.h" /* Rustls versions */ +#include "vtls/openssl.h" /* OpenSSL versions */ +#include "vtls/gtls.h" /* GnuTLS versions */ +#include "vtls/wolfssl.h" /* wolfSSL versions */ +#include "vtls/schannel.h" /* Schannel SSPI version */ +#include "vtls/mbedtls.h" /* mbedTLS versions */ +#include "vtls/rustls.h" /* Rustls versions */ -#include "../slist.h" -#include "../curl_trc.h" -#include "../strcase.h" -#include "../url.h" -#include "../progress.h" -#include "../curlx/fopen.h" -#include "../curl_sha256.h" -#include "../curlx/base64.h" -#include "../curlx/inet_pton.h" -#include "../connect.h" -#include "../select.h" -#include "../setopt.h" -#include "../curlx/strdup.h" -#include "../curlx/strcopy.h" +#include "slist.h" +#include "curl_trc.h" +#include "strcase.h" +#include "url.h" +#include "progress.h" +#include "curlx/fopen.h" +#include "curl_sha256.h" +#include "curlx/base64.h" +#include "curlx/inet_pton.h" +#include "connect.h" +#include "select.h" +#include "setopt.h" +#include "curlx/strdup.h" +#include "curlx/strcopy.h" #ifdef USE_APPLE_SECTRUST #include diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index 12ae3a4c73..3dff1f04fd 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" struct connectdata; struct ssl_config_data; @@ -49,7 +49,7 @@ struct dynbuf; #define SSLSUPP_ISSUERCERT_BLOB (1 << 14) /* CURLOPT_ISSUERCERT_BLOB */ #ifdef USE_ECH -#include "../curlx/base64.h" +#include "curlx/base64.h" #define ECH_ENABLED(__data__) \ (__data__->set.tls_ech && !(__data__->set.tls_ech & CURLECH_DISABLE)) #endif /* USE_ECH */ diff --git a/lib/vtls/vtls_int.h b/lib/vtls/vtls_int.h index 48674eded6..6700ee74cb 100644 --- a/lib/vtls/vtls_int.h +++ b/lib/vtls/vtls_int.h @@ -23,14 +23,14 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_SSL -#include "../cfilters.h" -#include "../select.h" -#include "../urldata.h" -#include "vtls.h" +#include "cfilters.h" +#include "select.h" +#include "urldata.h" +#include "vtls/vtls.h" struct Curl_ssl; struct ssl_connect_data; diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c index b5a2b5d844..1bc0b4fba9 100644 --- a/lib/vtls/vtls_scache.c +++ b/lib/vtls/vtls_scache.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_SSL @@ -29,21 +29,21 @@ #include #endif -#include "../urldata.h" -#include "../cfilters.h" +#include "urldata.h" +#include "cfilters.h" -#include "vtls.h" /* generic SSL protos etc */ -#include "vtls_int.h" -#include "vtls_scache.h" -#include "vtls_spack.h" +#include "vtls/vtls.h" /* generic SSL protos etc */ +#include "vtls/vtls_int.h" +#include "vtls/vtls_scache.h" +#include "vtls/vtls_spack.h" -#include "../strcase.h" -#include "../url.h" -#include "../llist.h" -#include "../curl_share.h" -#include "../curl_trc.h" -#include "../curl_sha256.h" -#include "../rand.h" +#include "strcase.h" +#include "url.h" +#include "llist.h" +#include "curl_share.h" +#include "curl_trc.h" +#include "curl_sha256.h" +#include "rand.h" /* a peer+tls-config we cache sessions for */ diff --git a/lib/vtls/vtls_scache.h b/lib/vtls/vtls_scache.h index 410fe656e0..b9db0f19b3 100644 --- a/lib/vtls/vtls_scache.h +++ b/lib/vtls/vtls_scache.h @@ -23,12 +23,12 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_SSL -#include "../cfilters.h" -#include "../urldata.h" +#include "cfilters.h" +#include "urldata.h" struct Curl_cfilter; struct Curl_easy; diff --git a/lib/vtls/vtls_spack.c b/lib/vtls/vtls_spack.c index 2026fe3ed5..d96f4e41bd 100644 --- a/lib/vtls/vtls_spack.c +++ b/lib/vtls/vtls_spack.c @@ -21,15 +21,15 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_SSL) && defined(USE_SSLS_EXPORT) -#include "../urldata.h" -#include "../curl_trc.h" -#include "vtls_scache.h" -#include "vtls_spack.h" -#include "../curlx/strdup.h" +#include "urldata.h" +#include "curl_trc.h" +#include "vtls/vtls_scache.h" +#include "vtls/vtls_spack.h" +#include "curlx/strdup.h" #ifndef UINT16_MAX #define UINT16_MAX 0xffff diff --git a/lib/vtls/vtls_spack.h b/lib/vtls/vtls_spack.h index 86796ee62e..4479384de9 100644 --- a/lib/vtls/vtls_spack.h +++ b/lib/vtls/vtls_spack.h @@ -23,7 +23,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_SSL) && defined(USE_SSLS_EXPORT) diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 41965062f0..377175d56d 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -26,7 +26,7 @@ * but vtls.c should ever call or use these functions. * */ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_WOLFSSL @@ -50,22 +50,23 @@ #endif #endif -#include "../urldata.h" -#include "../curl_trc.h" -#include "../httpsrr.h" -#include "vtls.h" -#include "vtls_int.h" -#include "vtls_scache.h" -#include "keylog.h" -#include "../connect.h" /* for the connect timeout */ -#include "../progress.h" -#include "../curlx/strdup.h" -#include "../curlx/strcopy.h" -#include "x509asn1.h" +#include "urldata.h" +#include "curl_trc.h" +#include "httpsrr.h" +#include "vtls/vtls.h" +#include "vtls/vtls_int.h" +#include "vtls/vtls_scache.h" +#include "vtls/keylog.h" +#include "connect.h" /* for the connect timeout */ +#include "progress.h" +#include "curlx/strdup.h" +#include "curlx/strcopy.h" +#include "vtls/x509asn1.h" #include #include -#include "wolfssl.h" + +#include "vtls/wolfssl.h" /* KEEP_PEER_CERT is a product of the presence of build time symbol OPENSSL_EXTRA without NO_CERTS, depending on the version. KEEP_PEER_CERT is diff --git a/lib/vtls/wolfssl.h b/lib/vtls/wolfssl.h index 736da9a1a6..b097b60b78 100644 --- a/lib/vtls/wolfssl.h +++ b/lib/vtls/wolfssl.h @@ -23,11 +23,11 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #ifdef USE_WOLFSSL -#include "../urldata.h" +#include "urldata.h" struct alpn_spec; struct ssl_peer; diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c index 27fe149dcb..ff64dc9bf4 100644 --- a/lib/vtls/x509asn1.c +++ b/lib/vtls/x509asn1.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_GNUTLS) || defined(USE_WOLFSSL) || defined(USE_SCHANNEL) || \ defined(USE_MBEDTLS) || defined(USE_RUSTLS) @@ -36,12 +36,12 @@ #define WANT_EXTRACT_CERTINFO /* uses Curl_extract_certinfo() */ #endif -#include "../urldata.h" -#include "vtls.h" -#include "../curl_trc.h" -#include "../curlx/base64.h" -#include "x509asn1.h" -#include "../curlx/dynbuf.h" +#include "urldata.h" +#include "vtls/vtls.h" +#include "curl_trc.h" +#include "curlx/base64.h" +#include "vtls/x509asn1.h" +#include "curlx/dynbuf.h" /* * Constants. diff --git a/lib/vtls/x509asn1.h b/lib/vtls/x509asn1.h index ba2c3893a9..829dfd884f 100644 --- a/lib/vtls/x509asn1.h +++ b/lib/vtls/x509asn1.h @@ -24,13 +24,13 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "../curl_setup.h" +#include "curl_setup.h" #if defined(USE_GNUTLS) || defined(USE_WOLFSSL) || defined(USE_SCHANNEL) || \ defined(USE_MBEDTLS) || defined(USE_RUSTLS) -#include "../cfilters.h" -#include "../urldata.h" +#include "cfilters.h" +#include "urldata.h" /* * Types. diff --git a/projects/Windows/tmpl/curl.vcxproj b/projects/Windows/tmpl/curl.vcxproj index c963f6388e..c480fe8b33 100644 --- a/projects/Windows/tmpl/curl.vcxproj +++ b/projects/Windows/tmpl/curl.vcxproj @@ -839,7 +839,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -869,7 +869,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -898,7 +898,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -928,7 +928,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -956,7 +956,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -988,7 +988,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -1019,7 +1019,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1051,7 +1051,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1082,7 +1082,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1114,7 +1114,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1145,7 +1145,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1176,7 +1176,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1208,7 +1208,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1240,7 +1240,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1272,7 +1272,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1302,7 +1302,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1331,7 +1331,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1360,7 +1360,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1390,7 +1390,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1420,7 +1420,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1448,7 +1448,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1480,7 +1480,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;%(PreprocessorDefinitions) true EnableFastChecks @@ -1512,7 +1512,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1542,7 +1542,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1570,7 +1570,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -1602,7 +1602,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -1634,7 +1634,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1664,7 +1664,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1692,7 +1692,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -1724,7 +1724,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -1756,7 +1756,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1786,7 +1786,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1814,7 +1814,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -1846,7 +1846,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -1878,7 +1878,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1908,7 +1908,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -1936,7 +1936,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -1968,7 +1968,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -2000,7 +2000,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -2030,7 +2030,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -2058,7 +2058,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -2089,7 +2089,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -2121,7 +2121,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -2153,7 +2153,7 @@ Disabled - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) _DEBUG;_CONSOLE;DEBUGBUILD;CURL_STATICLIB;%(PreprocessorDefinitions) true EnableFastChecks @@ -2185,7 +2185,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -2214,7 +2214,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -2244,7 +2244,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL @@ -2274,7 +2274,7 @@ MaxSpeed OnlyExplicitInline - ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\lib\curlx;%(AdditionalIncludeDirectories) + ..\..\..\..\include;..\..\..\..\lib;..\..\..\..\src;%(AdditionalIncludeDirectories) NDEBUG;_CONSOLE;CURL_STATICLIB;%(PreprocessorDefinitions) true MultiThreadedDLL diff --git a/src/toolx/tool_time.c b/src/toolx/tool_time.c index affcd7a167..12eaea9fe4 100644 --- a/src/toolx/tool_time.c +++ b/src/toolx/tool_time.c @@ -21,7 +21,7 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ -#include "tool_time.h" +#include "toolx/tool_time.h" #if defined(__MINGW32__) && (__MINGW64_VERSION_MAJOR <= 3) #include /* for _localtime32_s(), _localtime64_s() */ From e9786038d6ca664a6268df32c8db11a8276f28db Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 23 Feb 2026 13:47:18 +0100 Subject: [PATCH 07/88] setopt: make setopt_copypostfields a separate function Closes #20688 --- lib/setopt.c | 80 +++++++++++++++++++++++++++++----------------------- 1 file changed, 44 insertions(+), 36 deletions(-) diff --git a/lib/setopt.c b/lib/setopt.c index 9db5ce33be..604c9cbc4c 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -128,7 +128,8 @@ CURLcode Curl_setblobopt(struct curl_blob **blobp, return CURLE_OK; } -static CURLcode setstropt_userpwd(char *option, char **userp, char **passwdp) +static CURLcode setstropt_userpwd(const char *option, char **userp, + char **passwdp) { char *user = NULL; char *passwd = NULL; @@ -1664,7 +1665,7 @@ static CURLcode cookiefile(struct Curl_easy *data, const char *ptr) #ifndef CURL_DISABLE_PROXY static CURLcode setopt_cptr_proxy(struct Curl_easy *data, CURLoption option, - char *ptr) + const char *ptr) { CURLcode result = CURLE_OK; struct UserDefined *s = &data->set; @@ -1832,6 +1833,46 @@ static CURLcode setopt_cptr_proxy(struct Curl_easy *data, CURLoption option, } #endif +#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_MQTT) +/* + * A string with POST data. Makes curl HTTP POST. Even if it is NULL. If + * needed, CURLOPT_POSTFIELDSIZE must have been set prior to + * CURLOPT_COPYPOSTFIELDS and not altered later. + */ +static CURLcode setopt_copypostfields(const char *ptr, struct UserDefined *s) +{ + CURLcode result = CURLE_OK; + if(!ptr || s->postfieldsize == -1) + result = Curl_setstropt(&s->str[STRING_COPYPOSTFIELDS], ptr); + else { + size_t pflen; + + if(s->postfieldsize < 0) + return CURLE_BAD_FUNCTION_ARGUMENT; + pflen = curlx_sotouz_range(s->postfieldsize, 0, SIZE_MAX); + if(pflen == SIZE_MAX) + return CURLE_OUT_OF_MEMORY; + else { + /* Allocate even when size == 0. This satisfies the need of possible + later address compare to detect the COPYPOSTFIELDS mode, and to mark + that postfields is used rather than read function or form data. + */ + char *p = curlx_memdup0(ptr, pflen); + if(!p) + return CURLE_OUT_OF_MEMORY; + else { + curlx_free(s->str[STRING_COPYPOSTFIELDS]); + s->str[STRING_COPYPOSTFIELDS] = p; + } + } + } + + s->postfields = s->str[STRING_COPYPOSTFIELDS]; + s->method = HTTPREQ_POST; + return result; +} +#endif + static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option, char *ptr) { @@ -1901,40 +1942,7 @@ static CURLcode setopt_cptr(struct Curl_easy *data, CURLoption option, #if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_MQTT) case CURLOPT_COPYPOSTFIELDS: - /* - * A string with POST data. Makes curl HTTP POST. Even if it is NULL. - * If needed, CURLOPT_POSTFIELDSIZE must have been set prior to - * CURLOPT_COPYPOSTFIELDS and not altered later. - */ - if(!ptr || s->postfieldsize == -1) - result = Curl_setstropt(&s->str[STRING_COPYPOSTFIELDS], ptr); - else { - size_t pflen; - - if(s->postfieldsize < 0) - return CURLE_BAD_FUNCTION_ARGUMENT; - pflen = curlx_sotouz_range(s->postfieldsize, 0, SIZE_MAX); - if(pflen == SIZE_MAX) - return CURLE_OUT_OF_MEMORY; - else { - /* Allocate even when size == 0. This satisfies the need of possible - later address compare to detect the COPYPOSTFIELDS mode, and to - mark that postfields is used rather than read function or form - data. - */ - char *p = curlx_memdup0(ptr, pflen); - if(!p) - return CURLE_OUT_OF_MEMORY; - else { - curlx_free(s->str[STRING_COPYPOSTFIELDS]); - s->str[STRING_COPYPOSTFIELDS] = p; - } - } - } - - s->postfields = s->str[STRING_COPYPOSTFIELDS]; - s->method = HTTPREQ_POST; - break; + return setopt_copypostfields(ptr, s); case CURLOPT_POSTFIELDS: /* From f1cee1f18a0c817810117a08ae146c1d57bb8303 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 23 Feb 2026 15:52:39 +0100 Subject: [PATCH 08/88] clang-tidy: add arg names to prototypes where missing (cont.) Detected by `readability-named-parameter` with `HeaderFilterRegex: '.*'`, or `CURL_CLANG_TIDYFLAGS='--header-filter=.*'`. Seen on Windows. Follow-up to e8415ad3c7ab69a7056daa4b39e7a0044c43f5ba #20657 Follow-up to c878160e9c1f7366e64299aa02540d5495c3df9c #20624 Closes #20693 --- lib/curlx/inet_pton.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/curlx/inet_pton.h b/lib/curlx/inet_pton.h index 601bdf8d87..02ae7f2269 100644 --- a/lib/curlx/inet_pton.h +++ b/lib/curlx/inet_pton.h @@ -43,7 +43,7 @@ inet_pton(x, y, z) #endif #else -int curlx_inet_pton(int, const char *, void *); +int curlx_inet_pton(int af, const char *src, void *dst); #endif /* HAVE_INET_PTON */ #endif /* HEADER_CURL_INET_PTON_H */ From 29bca12978f3adebe33b63c18aa3c3fe6439381a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 22 Feb 2026 16:55:55 +0100 Subject: [PATCH 09/88] ftp: split ftp_state_use_port into sub functions For readability and reduced complexity. Fixed a bug when FTPPORT specifies an IPv6-address only, without brackets. Closes #20685 --- lib/ftp.c | 572 +++++++++++++++++++++++++++++++++--------------------- 1 file changed, 356 insertions(+), 216 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 368bb40a62..b13da7abbd 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -873,199 +873,228 @@ typedef enum { DONE } ftpport; -static CURLcode ftp_state_use_port(struct Curl_easy *data, - struct ftp_conn *ftpc, - ftpport fcmd) /* start with this */ +/* + * Parse the CURLOPT_FTPPORT string + * "(ipv4|ipv6|domain|interface)?(:port(-range)?)?" + * and extract addr/addrlen and port_min/port_max. + */ +static CURLcode ftp_port_parse_string(struct Curl_easy *data, + struct connectdata *conn, + const char *string_ftpport, + struct Curl_sockaddr_storage *ss, + unsigned short *port_minp, + unsigned short *port_maxp, + const char **hostp, + char *hbuf, size_t hbuflen) { - CURLcode result = CURLE_FTP_PORT_FAILED; - struct connectdata *conn = data->conn; - curl_socket_t portsock = CURL_SOCKET_BAD; - char myhost[MAX_IPADR_LEN + 1] = ""; + const char *ip_end = NULL; + const char *addr = NULL; + size_t addrlen = 0; + unsigned short port_min = 0; + unsigned short port_max = 0; + char ipstr[50]; +#ifndef USE_IPV6 + (void)conn; + (void)ss; +#endif - struct Curl_sockaddr_storage ss; - const struct Curl_addrinfo *res, *ai; - curl_socklen_t sslen; - char hbuf[NI_MAXHOST]; - struct sockaddr *sa = (struct sockaddr *)&ss; + /* default to nothing */ + *hostp = NULL; + *port_minp = *port_maxp = 0; + + if(!string_ftpport || (strlen(string_ftpport) <= 1)) + goto done; + +#ifdef USE_IPV6 + if(*string_ftpport == '[') { + /* [ipv6]:port(-range) */ + const char *ip_start = string_ftpport + 1; + ip_end = strchr(ip_start, ']'); + if(ip_end) { + addrlen = ip_end - ip_start; + addr = ip_start; + } + } + else +#endif + if(*string_ftpport == ':') { + /* :port */ + ip_end = string_ftpport; + } + else { + ip_end = strchr(string_ftpport, ':'); + addr = string_ftpport; + if(ip_end) { +#ifdef USE_IPV6 + struct sockaddr_in6 * const sa6 = (void *)ss; +#endif + /* either ipv6 or (ipv4|domain|interface):port(-range) */ + addrlen = ip_end - string_ftpport; +#ifdef USE_IPV6 + if(curlx_inet_pton(AF_INET6, string_ftpport, &sa6->sin6_addr) == 1) { + /* ipv6 */ + port_min = port_max = 0; + addrlen = strlen(string_ftpport); + ip_end = NULL; /* this got no port ! */ + } +#endif + } + else + /* ipv4|interface */ + addrlen = strlen(string_ftpport); + } + + /* parse the port */ + if(ip_end) { + const char *portp = strchr(ip_end, ':'); + if(portp) { + curl_off_t start; + curl_off_t end; + portp++; + if(!curlx_str_number(&portp, &start, 0xffff)) { + port_min = (unsigned short)start; + if(!curlx_str_single(&portp, '-') && + !curlx_str_number(&portp, &end, 0xffff)) + port_max = (unsigned short)end; + else + port_max = port_min; + } + else + port_max = port_min; + } + } + + /* correct errors like :1234-1230 or :-4711 */ + if(port_min > port_max) + port_min = port_max = 0; + + if(addrlen) { + const struct Curl_sockaddr_ex *remote_addr = + Curl_conn_get_remote_addr(data, FIRSTSOCKET); + + DEBUGASSERT(remote_addr); + DEBUGASSERT(addr); + if(!remote_addr || (addrlen >= sizeof(ipstr)) || (addrlen >= hbuflen)) + return CURLE_FTP_PORT_FAILED; + memcpy(ipstr, addr, addrlen); + ipstr[addrlen] = 0; + + /* attempt to get the address of the given interface name */ + switch(Curl_if2ip(remote_addr->family, +#ifdef USE_IPV6 + Curl_ipv6_scope(&remote_addr->curl_sa_addr), + conn->scope_id, +#endif + ipstr, hbuf, hbuflen)) { + case IF2IP_NOT_FOUND: + /* not an interface, use the string as hostname instead */ + memcpy(hbuf, addr, addrlen); + hbuf[addrlen] = 0; + *hostp = hbuf; + break; + case IF2IP_AF_NOT_SUPPORTED: + return CURLE_FTP_PORT_FAILED; + case IF2IP_FOUND: + *hostp = hbuf; /* use the hbuf for hostname */ + break; + } + } + /* else: only a port(-range) given, leave host as NULL */ + +done: + *port_minp = port_min; + *port_maxp = port_max; + return CURLE_OK; +} + +/* + * If no host was derived from the FTPPORT string, fall back to the IP address + * of the control connection's local socket. + */ +static CURLcode ftp_port_default_host(struct Curl_easy *data, + struct connectdata *conn, + struct Curl_sockaddr_storage *ss, + curl_socklen_t *sslenp, + const char **hostp, + char *hbuf, size_t hbuflen, + bool *non_localp) +{ + struct sockaddr *sa = (struct sockaddr *)ss; struct sockaddr_in * const sa4 = (void *)sa; #ifdef USE_IPV6 struct sockaddr_in6 * const sa6 = (void *)sa; #endif - static const char mode[][5] = { "EPRT", "PORT" }; - int error; - const char *host = NULL; - const char *string_ftpport = data->set.str[STRING_FTPPORT]; - struct Curl_dns_entry *dns_entry = NULL; - unsigned short port_min = 0; - unsigned short port_max = 0; - unsigned short port; - bool possibly_non_local = TRUE; char buffer[STRERROR_LEN]; - const char *addr = NULL; - size_t addrlen = 0; - char ipstr[50]; + const char *r; - /* Step 1, figure out what is requested, - * accepted format : - * (ipv4|ipv6|domain|interface)?(:port(-range)?)? - */ - - if(data->set.str[STRING_FTPPORT] && - (strlen(data->set.str[STRING_FTPPORT]) > 1)) { - const char *ip_end = NULL; - -#ifdef USE_IPV6 - if(*string_ftpport == '[') { - /* [ipv6]:port(-range) */ - const char *ip_start = string_ftpport + 1; - ip_end = strchr(ip_start, ']'); - if(ip_end) { - addrlen = ip_end - ip_start; - addr = ip_start; - } - } - else -#endif - if(*string_ftpport == ':') { - /* :port */ - ip_end = string_ftpport; - } - else { - ip_end = strchr(string_ftpport, ':'); - addr = string_ftpport; - if(ip_end) { - /* either ipv6 or (ipv4|domain|interface):port(-range) */ - addrlen = ip_end - string_ftpport; -#ifdef USE_IPV6 - if(curlx_inet_pton(AF_INET6, string_ftpport, &sa6->sin6_addr) == 1) { - /* ipv6 */ - port_min = port_max = 0; - ip_end = NULL; /* this got no port ! */ - } -#endif - } - else - /* ipv4|interface */ - addrlen = strlen(string_ftpport); - } - - /* parse the port */ - if(ip_end) { - const char *portp = strchr(ip_end, ':'); - if(portp) { - curl_off_t start; - curl_off_t end; - portp++; - if(!curlx_str_number(&portp, &start, 0xffff)) { - /* got the first number */ - port_min = (unsigned short)start; - if(!curlx_str_single(&portp, '-')) { - /* got the dash */ - if(!curlx_str_number(&portp, &end, 0xffff)) - /* got the second number */ - port_max = (unsigned short)end; - } - } - else - port_max = port_min; - } - } - - /* correct errors like: - * :1234-1230 - * :-4711, in this case port_min is (unsigned)-1, - * therefore port_min > port_max for all cases - * but port_max = (unsigned)-1 - */ - if(port_min > port_max) - port_min = port_max = 0; - - if(addrlen) { - const struct Curl_sockaddr_ex *remote_addr = - Curl_conn_get_remote_addr(data, FIRSTSOCKET); - - DEBUGASSERT(remote_addr); - if(!remote_addr) - goto out; - DEBUGASSERT(addr); - if(addrlen >= sizeof(ipstr)) - goto out; - memcpy(ipstr, addr, addrlen); - ipstr[addrlen] = 0; - - /* attempt to get the address of the given interface name */ - switch(Curl_if2ip(remote_addr->family, -#ifdef USE_IPV6 - Curl_ipv6_scope(&remote_addr->curl_sa_addr), - conn->scope_id, -#endif - ipstr, hbuf, sizeof(hbuf))) { - case IF2IP_NOT_FOUND: - /* not an interface, use the given string as hostname instead */ - host = ipstr; - break; - case IF2IP_AF_NOT_SUPPORTED: - goto out; - case IF2IP_FOUND: - host = hbuf; /* use the hbuf for hostname */ - break; - } - } - else - /* there was only a port(-range) given, default the host */ - host = NULL; - } /* data->set.ftpport */ - - if(!host) { - const char *r; - /* not an interface and not a hostname, get default by extracting - the IP from the control connection */ - sslen = sizeof(ss); - if(getsockname(conn->sock[FIRSTSOCKET], sa, &sslen)) { - failf(data, "getsockname() failed: %s", - curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); - goto out; - } - switch(sa->sa_family) { -#ifdef USE_IPV6 - case AF_INET6: - r = curlx_inet_ntop(sa->sa_family, &sa6->sin6_addr, hbuf, sizeof(hbuf)); - break; -#endif - default: - r = curlx_inet_ntop(sa->sa_family, &sa4->sin_addr, hbuf, sizeof(hbuf)); - break; - } - if(!r) { - goto out; - } - host = hbuf; /* use this hostname */ - possibly_non_local = FALSE; /* we know it is local now */ + *sslenp = sizeof(*ss); + if(getsockname(conn->sock[FIRSTSOCKET], sa, sslenp)) { + failf(data, "getsockname() failed: %s", + curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); + return CURLE_FTP_PORT_FAILED; } - - /* resolv ip/host to ip */ - res = NULL; - result = Curl_resolv_blocking(data, host, 0, conn->ip_version, &dns_entry); - if(!result) { - DEBUGASSERT(dns_entry); - res = dns_entry->addr; + switch(sa->sa_family) { +#ifdef USE_IPV6 + case AF_INET6: + r = curlx_inet_ntop(sa->sa_family, &sa6->sin6_addr, hbuf, hbuflen); + break; +#endif + default: + r = curlx_inet_ntop(sa->sa_family, &sa4->sin_addr, hbuf, hbuflen); + break; } + if(!r) + return CURLE_FTP_PORT_FAILED; - if(!res) { + *hostp = hbuf; + *non_localp = FALSE; /* we know it is local now */ + return CURLE_OK; +} + +/* + * Resolve the host string to a list of addresses. + */ +static CURLcode ftp_port_resolve_host(struct Curl_easy *data, + struct connectdata *conn, + const char *host, + struct Curl_dns_entry **dns_entryp, + const struct Curl_addrinfo **resp) +{ + CURLcode result; + + *resp = NULL; + result = Curl_resolv_blocking(data, host, 0, conn->ip_version, + dns_entryp); + if(result) failf(data, "failed to resolve the address provided to PORT: %s", host); - goto out; + else { + DEBUGASSERT(*dns_entryp); + *resp = (*dns_entryp)->addr; } + return result; +} - host = NULL; +/* + * Open a TCP socket for the resolved address family. + */ +static CURLcode ftp_port_open_socket(struct Curl_easy *data, + struct connectdata *conn, + const struct Curl_addrinfo *res, + const struct Curl_addrinfo **aip, + curl_socket_t *portsockp) +{ + char buffer[STRERROR_LEN]; + int error = 0; + const struct Curl_addrinfo *ai; + CURLcode result = CURLE_FTP_PORT_FAILED; - /* step 2, create a socket for the requested address */ - error = 0; for(ai = res; ai; ai = ai->ai_next) { - result = Curl_socket_open(data, ai, NULL, - Curl_conn_get_transport(data, conn), &portsock); + result = + Curl_socket_open(data, ai, NULL, + Curl_conn_get_transport(data, conn), portsockp); if(result) { if(result == CURLE_OUT_OF_MEMORY) - goto out; + return result; result = CURLE_FTP_PORT_FAILED; error = SOCKERRNO; continue; @@ -1075,15 +1104,38 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, if(!ai) { failf(data, "socket failure: %s", curlx_strerror(error, buffer, sizeof(buffer))); - goto out; + return CURLE_FTP_PORT_FAILED; } - CURL_TRC_FTP(data, "[%s] ftp_state_use_port(), opened socket", - FTP_CSTATE(ftpc)); + *aip = ai; + return result; +} - /* step 3, bind to a suitable local address */ +/* + * Bind the socket to a local address and port within the requested range. + * Falls back to the control-connection address if the user-requested address + * is non-local. + */ +static CURLcode ftp_port_bind_socket(struct Curl_easy *data, + struct connectdata *conn, + curl_socket_t portsock, + const struct Curl_addrinfo *ai, + struct Curl_sockaddr_storage *ss, + curl_socklen_t *sslen_io, + unsigned short port_min, + unsigned short port_max, + bool non_local) +{ + struct sockaddr *sa = (struct sockaddr *)ss; + struct sockaddr_in * const sa4 = (void *)sa; +#ifdef USE_IPV6 + struct sockaddr_in6 * const sa6 = (void *)sa; +#endif + char buffer[STRERROR_LEN]; + unsigned short port; + int error; memcpy(sa, ai->ai_addr, ai->ai_addrlen); - sslen = ai->ai_addrlen; + *sslen_io = ai->ai_addrlen; for(port = port_min; port <= port_max;) { if(sa->sa_family == AF_INET) @@ -1092,71 +1144,97 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, else sa6->sin6_port = htons(port); #endif - /* Try binding the given address. */ - if(bind(portsock, sa, sslen)) { - /* It failed. */ + if(bind(portsock, sa, *sslen_io)) { error = SOCKERRNO; - if(possibly_non_local && (error == SOCKEADDRNOTAVAIL)) { + if(non_local && (error == SOCKEADDRNOTAVAIL)) { /* The requested bind address is not local. Use the address used for - * the control connection instead and restart the port loop + * the control connection instead and restart the port loop. */ infof(data, "bind(port=%hu) on non-local address failed: %s", port, curlx_strerror(error, buffer, sizeof(buffer))); - sslen = sizeof(ss); - if(getsockname(conn->sock[FIRSTSOCKET], sa, &sslen)) { + *sslen_io = sizeof(*ss); + if(getsockname(conn->sock[FIRSTSOCKET], sa, sslen_io)) { failf(data, "getsockname() failed: %s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); - goto out; + return CURLE_FTP_PORT_FAILED; } port = port_min; - possibly_non_local = FALSE; /* do not try this again */ + non_local = FALSE; /* do not try this again */ continue; } if(error != SOCKEADDRINUSE && error != SOCKEACCES) { failf(data, "bind(port=%hu) failed: %s", port, curlx_strerror(error, buffer, sizeof(buffer))); - goto out; + return CURLE_FTP_PORT_FAILED; } } else break; - /* check if port is the maximum value here, because it might be 0xffff and - then the increment below will wrap the 16-bit counter */ + /* check if port is the maximum value here, because it might be 0xffff + and then the increment below will wrap the 16-bit counter */ if(port == port_max) { - /* maybe all ports were in use already */ failf(data, "bind() failed, ran out of ports"); - goto out; + return CURLE_FTP_PORT_FAILED; } port++; } - /* get the name again after the bind() so that we can extract the - port number it uses now */ - sslen = sizeof(ss); - if(getsockname(portsock, sa, &sslen)) { + /* re-read the name so we can extract the actual port chosen */ + *sslen_io = sizeof(*ss); + if(getsockname(portsock, sa, sslen_io)) { failf(data, "getsockname() failed: %s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); - goto out; + return CURLE_FTP_PORT_FAILED; } - CURL_TRC_FTP(data, "[%s] ftp_state_use_port(), socket bound to port %d", - FTP_CSTATE(ftpc), port); + CURL_TRC_FTP(data, "ftp_port_bind_socket(), socket bound to port %d", + port); + return CURLE_OK; +} - /* step 4, listen on the socket */ +/* + * Start listening on the data socket. + */ +static CURLcode ftp_port_listen(struct Curl_easy *data, curl_socket_t portsock) +{ + char buffer[STRERROR_LEN]; if(listen(portsock, 1)) { failf(data, "socket failure: %s", curlx_strerror(SOCKERRNO, buffer, sizeof(buffer))); - goto out; + return CURLE_FTP_PORT_FAILED; } - CURL_TRC_FTP(data, "[%s] ftp_state_use_port(), listening on %d", - FTP_CSTATE(ftpc), port); + CURL_TRC_FTP(data, "ftp_port_listen(), listening on port"); + return CURLE_OK; +} - /* step 5, send the proper FTP command */ +/* + * Send the EPRT or PORT command to the server. + */ +static CURLcode ftp_port_send_command(struct Curl_easy *data, + struct ftp_conn *ftpc, + struct connectdata *conn, + struct Curl_sockaddr_storage *ss, + const struct Curl_addrinfo *ai, + ftpport fcmd) +{ + static const char mode[][5] = { "EPRT", "PORT" }; + struct sockaddr *sa = (struct sockaddr *)ss; + struct sockaddr_in * const sa4 = (void *)sa; +#ifdef USE_IPV6 + struct sockaddr_in6 * const sa6 = (void *)sa; +#endif + char myhost[MAX_IPADR_LEN + 1] = ""; + unsigned short port; + CURLcode result; - /* get a plain printable version of the numerical address to work with - below */ + /* Get a plain printable version of the numerical address to work with. This + logic uses the address provided by the FTPPORT option, which at times + might differ from the address in 'ss' used to bind to: when a user asks + the server to connect to a specific address knowing that it works, but + curl instead selects to listen to the local address because it cannot use + the provided address. FTP is strange. */ Curl_printable_address(ai, myhost, sizeof(myhost)); #ifdef USE_IPV6 @@ -1197,14 +1275,13 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, * * EPRT |2|1080::8:800:200C:417A|5282| */ - result = Curl_pp_sendf(data, &ftpc->pp, "%s |%d|%s|%hu|", mode[fcmd], sa->sa_family == AF_INET ? 1 : 2, myhost, port); if(result) { failf(data, "Failure sending EPRT command: %s", curl_easy_strerror(result)); - goto out; + return result; } break; } @@ -1230,7 +1307,7 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, if(result) { failf(data, "Failure sending PORT command: %s", curl_easy_strerror(result)); - goto out; + return result; } break; } @@ -1239,21 +1316,84 @@ static CURLcode ftp_state_use_port(struct Curl_easy *data, /* store which command was sent */ ftpc->count1 = fcmd; ftp_state(data, ftpc, FTP_PORT); + return CURLE_OK; +} + +/* + * ftp_state_use_port() + * + * Set up an active-mode FTP data connection (using PORT or EPRT) and start + * listening for the server's incoming connection on SECONDARYSOCKET. + */ +static CURLcode ftp_state_use_port(struct Curl_easy *data, + struct ftp_conn *ftpc, + ftpport fcmd) /* start with this */ +{ + CURLcode result = CURLE_FTP_PORT_FAILED; + struct connectdata *conn = data->conn; + curl_socket_t portsock = CURL_SOCKET_BAD; + + struct Curl_sockaddr_storage ss; + curl_socklen_t sslen; + char hbuf[NI_MAXHOST]; + const char *host = NULL; + const char *string_ftpport = data->set.str[STRING_FTPPORT]; + struct Curl_dns_entry *dns_entry = NULL; + const struct Curl_addrinfo *res = NULL; + const struct Curl_addrinfo *ai = NULL; + unsigned short port_min = 0; + unsigned short port_max = 0; + bool non_local = TRUE; + + /* parse the FTPPORT string for address and port range */ + result = ftp_port_parse_string(data, conn, string_ftpport, + &ss, &port_min, &port_max, + &host, hbuf, sizeof(hbuf)); + if(!result && !host) + /* if no host was specified, use the control connection's local IP */ + result = ftp_port_default_host(data, conn, &ss, &sslen, &host, + hbuf, sizeof(hbuf), &non_local); + + /* resolve host string to address list */ + if(!result) + result = ftp_port_resolve_host(data, conn, host, &dns_entry, &res); + + /* Open a TCP socket for the data connection */ + if(!result) + result = ftp_port_open_socket(data, conn, res, &ai, &portsock); + if(!result) { + CURL_TRC_FTP(data, "[%s] ftp_state_use_port(), opened socket", + FTP_CSTATE(ftpc)); + + /* bind to a suitable local address / port */ + result = ftp_port_bind_socket(data, conn, portsock, ai, &ss, &sslen, + port_min, port_max, non_local); + } + + /* listen */ + if(!result) + result = ftp_port_listen(data, portsock); + + /* send the PORT / EPRT command */ + if(!result) + result = ftp_port_send_command(data, ftpc, conn, &ss, ai, fcmd); + + /* replace any filter on SECONDARY with one listening on this socket */ + if(!result) + result = Curl_conn_tcp_listen_set(data, conn, SECONDARYSOCKET, &portsock); - /* Replace any filter on SECONDARY with one listening on this socket */ - result = Curl_conn_tcp_listen_set(data, conn, SECONDARYSOCKET, &portsock); if(!result) portsock = CURL_SOCKET_BAD; /* now held in filter */ -out: - /* If we looked up a dns_entry, now is the time to safely release it */ + /* cleanup */ + if(dns_entry) Curl_resolv_unlink(data, &dns_entry); if(result) { ftp_state(data, ftpc, FTP_STOP); } else { - /* successfully setup the list socket filter. Do we need more? */ + /* successfully set up the listen socket filter. SSL needed? */ if(conn->bits.ftp_use_data_ssl && data->set.ftp_use_port && !Curl_conn_is_ssl(conn, SECONDARYSOCKET)) { result = Curl_ssl_cfilter_add(data, conn, SECONDARYSOCKET); From 65262be0ab08b7c696ed127adf207b1b0e6d006d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 23 Feb 2026 00:59:57 +0100 Subject: [PATCH 10/88] clang-tidy: enable `readability-math-missing-parentheses`, adjust code No functional changes. Also: - md4, md5: drop redundant parentheses from macro values. Closes #20691 --- .clang-tidy.yml | 1 + lib/cf-h1-proxy.c | 4 ++-- lib/curl_ntlm_core.c | 4 ++-- lib/curlx/base64.c | 2 +- lib/curlx/strparse.c | 4 ++-- lib/curlx/timeval.c | 6 +++--- lib/escape.c | 2 +- lib/ftp.c | 4 ++-- lib/hmac.c | 2 +- lib/http.c | 4 ++-- lib/http_aws_sigv4.c | 8 +++++--- lib/md4.c | 12 ++++++------ lib/md5.c | 12 ++++++------ lib/mime.c | 2 +- lib/parsedate.c | 11 ++++++----- lib/pop3.c | 2 +- lib/smb.c | 2 +- lib/urlapi.c | 2 +- lib/vauth/digest.c | 6 +++--- lib/vauth/ntlm.c | 2 +- lib/vquic/curl_ngtcp2.c | 8 ++++---- lib/vtls/keylog.c | 5 +++-- lib/vtls/mbedtls.c | 4 ++-- lib/vtls/x509asn1.c | 4 ++-- src/tool_cb_prg.c | 8 ++++---- src/tool_getparam.c | 2 +- src/tool_operate.c | 2 +- src/tool_paramhlp.c | 2 +- src/tool_setopt.c | 4 ++-- src/tool_urlglob.c | 8 ++++---- tests/libtest/first.c | 2 +- tests/libtest/lib530.c | 2 +- tests/libtest/lib582.c | 2 +- tests/libtest/lib597.c | 2 +- tests/libtest/lib666.c | 2 +- tests/libtest/lib758.c | 2 +- tests/server/rtspd.c | 2 +- tests/server/socksd.c | 4 ++-- tests/server/sws.c | 2 +- tests/unit/unit1309.c | 6 +++--- 40 files changed, 85 insertions(+), 80 deletions(-) diff --git a/.clang-tidy.yml b/.clang-tidy.yml index 25eb4ee9e9..9ccbbf83d9 100644 --- a/.clang-tidy.yml +++ b/.clang-tidy.yml @@ -18,6 +18,7 @@ Checks: - misc-header-include-cycle - portability-* - readability-duplicate-include + - readability-math-missing-parentheses - readability-named-parameter - readability-redundant-control-flow - readability-redundant-preprocessor diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c index f29c8f0865..c51ae26d9e 100644 --- a/lib/cf-h1-proxy.c +++ b/lib/cf-h1-proxy.c @@ -340,8 +340,8 @@ static CURLcode on_resp_header(struct Curl_cfilter *cf, ISDIGIT(header[9]) && ISDIGIT(header[10]) && ISDIGIT(header[11]) && !ISDIGIT(header[12])) { /* store the HTTP code from the proxy */ - data->info.httpproxycode = k->httpcode = (header[9] - '0') * 100 + - (header[10] - '0') * 10 + (header[11] - '0'); + data->info.httpproxycode = k->httpcode = ((header[9] - '0') * 100) + + ((header[10] - '0') * 10) + (header[11] - '0'); } return result; } diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c index 2603951f23..4a9433b293 100644 --- a/lib/curl_ntlm_core.c +++ b/lib/curl_ntlm_core.c @@ -399,7 +399,7 @@ static void ascii_to_unicode_le(unsigned char *dest, const char *src, size_t i; for(i = 0; i < srclen; i++) { dest[2 * i] = (unsigned char)src[i]; - dest[2 * i + 1] = '\0'; + dest[(2 * i) + 1] = '\0'; } } @@ -492,7 +492,7 @@ static void ascii_uppercase_to_unicode_le(unsigned char *dest, size_t i; for(i = 0; i < srclen; i++) { dest[2 * i] = (unsigned char)(Curl_raw_toupper(src[i])); - dest[2 * i + 1] = '\0'; + dest[(2 * i) + 1] = '\0'; } } diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c index d869975e67..a7a6703099 100644 --- a/lib/curlx/base64.c +++ b/lib/curlx/base64.c @@ -182,7 +182,7 @@ static CURLcode base64_encode(const char *table64, if(insize > CURL_MAX_BASE64_INPUT) return CURLE_TOO_LARGE; - base64data = output = curlx_malloc((insize + 2) / 3 * 4 + 1); + base64data = output = curlx_malloc(((insize + 2) / 3 * 4) + 1); if(!output) return CURLE_OUT_OF_MEMORY; diff --git a/lib/curlx/strparse.c b/lib/curlx/strparse.c index 8a2523fe79..138b3df125 100644 --- a/lib/curlx/strparse.c +++ b/lib/curlx/strparse.c @@ -172,7 +172,7 @@ static int str_num_base(const char **linep, curl_off_t *nump, curl_off_t max, /* special-case low max scenario because check needs to be different */ do { int n = curlx_hexval(*p++); - num = num * base + n; + num = (num * base) + n; if(num > max) return STRE_OVERFLOW; } while(valid_digit(*p, m)); @@ -182,7 +182,7 @@ static int str_num_base(const char **linep, curl_off_t *nump, curl_off_t max, int n = curlx_hexval(*p++); if(num > ((max - n) / base)) return STRE_OVERFLOW; - num = num * base + n; + num = (num * base) + n; } while(valid_digit(*p, m)); } *nump = num; diff --git a/lib/curlx/timeval.c b/lib/curlx/timeval.c index 0f0883d74a..ae67e9bb42 100644 --- a/lib/curlx/timeval.c +++ b/lib/curlx/timeval.c @@ -191,7 +191,7 @@ timediff_t curlx_ptimediff_ms(const struct curltime *newer, return TIMEDIFF_T_MAX; else if(diff <= (TIMEDIFF_T_MIN / 1000)) return TIMEDIFF_T_MIN; - return diff * 1000 + (newer->tv_usec - older->tv_usec) / 1000; + return (diff * 1000) + ((newer->tv_usec - older->tv_usec) / 1000); } @@ -212,7 +212,7 @@ timediff_t curlx_timediff_ceil_ms(struct curltime newer, return TIMEDIFF_T_MAX; else if(diff <= (TIMEDIFF_T_MIN / 1000)) return TIMEDIFF_T_MIN; - return diff * 1000 + (newer.tv_usec - older.tv_usec + 999) / 1000; + return (diff * 1000) + ((newer.tv_usec - older.tv_usec + 999) / 1000); } /* @@ -227,7 +227,7 @@ timediff_t curlx_ptimediff_us(const struct curltime *newer, return TIMEDIFF_T_MAX; else if(diff <= (TIMEDIFF_T_MIN / 1000000)) return TIMEDIFF_T_MIN; - return diff * 1000000 + newer->tv_usec - older->tv_usec; + return (diff * 1000000) + newer->tv_usec - older->tv_usec; } timediff_t curlx_timediff_us(struct curltime newer, struct curltime older) diff --git a/lib/escape.c b/lib/escape.c index afdf18c1b4..be44e97156 100644 --- a/lib/escape.c +++ b/lib/escape.c @@ -63,7 +63,7 @@ char *curl_easy_escape(CURL *data, const char *string, int inlength) if(length > SIZE_MAX / 16) return NULL; - curlx_dyn_init(&d, length * 3 + 1); + curlx_dyn_init(&d, (length * 3) + 1); while(length--) { /* treat the characters unsigned */ diff --git a/lib/ftp.c b/lib/ftp.c index b13da7abbd..fd10b07629 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -2496,7 +2496,7 @@ static CURLcode ftp_state_port_resp(struct Curl_easy *data, static int twodigit(const char *p) { - return (p[0] - '0') * 10 + (p[1] - '0'); + return ((p[0] - '0') * 10) + (p[1] - '0'); } static bool ftp_213_date(const char *p, int *year, int *month, int *day, @@ -2505,7 +2505,7 @@ static bool ftp_213_date(const char *p, int *year, int *month, int *day, size_t len = strlen(p); if(len < 14) return FALSE; - *year = twodigit(&p[0]) * 100 + twodigit(&p[2]); + *year = (twodigit(&p[0]) * 100) + twodigit(&p[2]); *month = twodigit(&p[4]); *day = twodigit(&p[6]); *hour = twodigit(&p[8]); diff --git a/lib/hmac.c b/lib/hmac.c index 10d7c1d03b..028b476c77 100644 --- a/lib/hmac.c +++ b/lib/hmac.c @@ -52,7 +52,7 @@ struct HMAC_context *Curl_HMAC_init(const struct HMAC_params *hashparams, unsigned char b; /* Create HMAC context. */ - i = sizeof(*ctxt) + 2 * hashparams->ctxtsize + hashparams->resultlen; + i = sizeof(*ctxt) + (2 * hashparams->ctxtsize) + hashparams->resultlen; ctxt = curlx_malloc(i); if(!ctxt) diff --git a/lib/http.c b/lib/http.c index afad728b50..183a39966e 100644 --- a/lib/http.c +++ b/lib/http.c @@ -4232,7 +4232,7 @@ static CURLcode http_rw_hd(struct Curl_easy *data, k->httpversion = (unsigned char)(10 + (p[1] - '0')); p += 3; if(ISDIGIT(p[0]) && ISDIGIT(p[1]) && ISDIGIT(p[2])) { - k->httpcode = (p[0] - '0') * 100 + (p[1] - '0') * 10 + + k->httpcode = ((p[0] - '0') * 100) + ((p[1] - '0') * 10) + (p[2] - '0'); /* RFC 9112 requires a single space following the status code, but the browsers do not so let's not insist */ @@ -4252,7 +4252,7 @@ static CURLcode http_rw_hd(struct Curl_easy *data, k->httpversion = (unsigned char)((*p - '0') * 10); p += 2; if(ISDIGIT(p[0]) && ISDIGIT(p[1]) && ISDIGIT(p[2])) { - k->httpcode = (p[0] - '0') * 100 + (p[1] - '0') * 10 + + k->httpcode = ((p[0] - '0') * 100) + ((p[1] - '0') * 10) + (p[2] - '0'); p += 3; if(!ISBLANK(*p)) diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c index bb00bb5b49..40edcf315c 100644 --- a/lib/http_aws_sigv4.c +++ b/lib/http_aws_sigv4.c @@ -53,7 +53,7 @@ #define TIMESTAMP_SIZE 17 /* hex-encoded with trailing null */ -#define SHA256_HEX_LENGTH (2 * CURL_SHA256_DIGEST_LENGTH + 1) +#define SHA256_HEX_LENGTH ((2 * CURL_SHA256_DIGEST_LENGTH) + 1) #define MAX_QUERY_COMPONENTS 128 @@ -745,8 +745,10 @@ UNITTEST CURLcode canon_query(const char *query, struct dynbuf *dq) in_key_len = offset - in_key; } - curlx_dyn_init(&encoded_query_array[index].key, query_part_len * 3 + 1); - curlx_dyn_init(&encoded_query_array[index].value, query_part_len * 3 + 1); + curlx_dyn_init(&encoded_query_array[index].key, + (query_part_len * 3) + 1); + curlx_dyn_init(&encoded_query_array[index].value, + (query_part_len * 3) + 1); counted_query_components++; /* Decode/encode the key */ diff --git a/lib/md4.c b/lib/md4.c index 55e9b01416..bf1dc0d25f 100644 --- a/lib/md4.c +++ b/lib/md4.c @@ -218,12 +218,12 @@ typedef struct md4_ctx MD4_CTX; #define MD4_SET(n) (*(const uint32_t *)(const void *)&ptr[(n) * 4]) #define MD4_GET(n) MD4_SET(n) #else -#define MD4_SET(n) (ctx->block[(n)] = \ - (uint32_t)ptr[(n) * 4] | \ - ((uint32_t)ptr[(n) * 4 + 1] << 8) | \ - ((uint32_t)ptr[(n) * 4 + 2] << 16) | \ - ((uint32_t)ptr[(n) * 4 + 3] << 24)) -#define MD4_GET(n) (ctx->block[(n)]) +#define MD4_SET(n) (ctx->block[n] = \ + (uint32_t)ptr[(n) * 4] | \ + ((uint32_t)ptr[((n) * 4) + 1] << 8) | \ + ((uint32_t)ptr[((n) * 4) + 2] << 16) | \ + ((uint32_t)ptr[((n) * 4) + 3] << 24)) +#define MD4_GET(n) ctx->block[n] #endif /* diff --git a/lib/md5.c b/lib/md5.c index 464088b1b1..e76863dc22 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -299,12 +299,12 @@ typedef struct md5_ctx my_md5_ctx; #define MD5_SET(n) (*(const uint32_t *)(const void *)&ptr[(n) * 4]) #define MD5_GET(n) MD5_SET(n) #else -#define MD5_SET(n) (ctx->block[(n)] = \ - (uint32_t)ptr[(n) * 4] | \ - ((uint32_t)ptr[(n) * 4 + 1] << 8) | \ - ((uint32_t)ptr[(n) * 4 + 2] << 16) | \ - ((uint32_t)ptr[(n) * 4 + 3] << 24)) -#define MD5_GET(n) (ctx->block[(n)]) +#define MD5_SET(n) (ctx->block[n] = \ + (uint32_t)ptr[(n) * 4] | \ + ((uint32_t)ptr[((n) * 4) + 1] << 8) | \ + ((uint32_t)ptr[((n) * 4) + 2] << 16) | \ + ((uint32_t)ptr[((n) * 4) + 3] << 24)) +#define MD5_GET(n) ctx->block[n] #endif /* diff --git a/lib/mime.c b/lib/mime.c index fdac2e0f41..05b24435d4 100644 --- a/lib/mime.c +++ b/lib/mime.c @@ -426,7 +426,7 @@ static curl_off_t encoder_base64_size(curl_mimepart *part) size = 4 * (1 + (size - 1) / 3); /* Effective character count must include CRLFs. */ - return size + 2 * ((size - 1) / MAX_ENCODED_LINE_LENGTH); + return size + (2 * ((size - 1) / MAX_ENCODED_LINE_LENGTH)); } /* Quoted-printable lookahead. diff --git a/lib/parsedate.c b/lib/parsedate.c index 3775cb6e1d..1eec38a048 100644 --- a/lib/parsedate.c +++ b/lib/parsedate.c @@ -279,9 +279,10 @@ static time_t time2epoch(int sec, int min, int hour, int leap_days = year - (mon <= 1); leap_days = ((leap_days / 4) - (leap_days / 100) + (leap_days / 400) - (1969 / 4) + (1969 / 100) - (1969 / 400)); - return ((((time_t)(year - 1970) * 365 - + leap_days + month_days_cumulative[mon] + mday - 1) * 24 - + hour) * 60 + min) * 60 + sec; + return ((((((((time_t)(year - 1970) * 365) + + leap_days + month_days_cumulative[mon] + mday - 1) * 24) + + hour) * 60) + + min) * 60) + sec; } /* Returns the value of a single-digit or two-digit decimal number, return @@ -292,7 +293,7 @@ static int oneortwodigit(const char *date, const char **endp) int num = date[0] - '0'; if(ISDIGIT(date[1])) { *endp = &date[2]; - return num * 10 + (date[1] - '0'); + return (num * 10) + (date[1] - '0'); } *endp = &date[1]; return num; @@ -445,7 +446,7 @@ static int parsedate(const char *date, time_t *output) /* 8 digits, no year, month or day yet. This is YYYYMMDD */ found = TRUE; yearnum = val / 10000; - monnum = (val % 10000) / 100 - 1; /* month is 0 - 11 */ + monnum = ((val % 10000) / 100) - 1; /* month is 0 - 11 */ mdaynum = val % 100; } diff --git a/lib/pop3.c b/lib/pop3.c index fdb09f2320..de704d11e1 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -557,7 +557,7 @@ static CURLcode pop3_perform_apop(struct Curl_easy *data, size_t i; struct MD5_context *ctxt; unsigned char digest[MD5_DIGEST_LEN]; - char secret[2 * MD5_DIGEST_LEN + 1]; + char secret[(2 * MD5_DIGEST_LEN) + 1]; if(!pop3c) return CURLE_FAILED_INIT; diff --git a/lib/smb.c b/lib/smb.c index 09d09a3a99..8e76edc83d 100644 --- a/lib/smb.c +++ b/lib/smb.c @@ -548,7 +548,7 @@ static CURLcode smb_recv_message(struct Curl_easy *data, if(nbt_size >= msg_size + 1) { /* Add the word count */ - msg_size += 1 + ((unsigned char)buf[msg_size]) * sizeof(unsigned short); + msg_size += 1 + (((unsigned char)buf[msg_size]) * sizeof(unsigned short)); if(nbt_size >= msg_size + sizeof(unsigned short)) { /* Add the byte count */ msg_size += sizeof(unsigned short) + diff --git a/lib/urlapi.c b/lib/urlapi.c index 0e783f4a29..c59f239756 100644 --- a/lib/urlapi.c +++ b/lib/urlapi.c @@ -1877,7 +1877,7 @@ CURLUcode curl_url_set(CURLU *u, CURLUPart what, { const char *newp; struct dynbuf enc; - curlx_dyn_init(&enc, nalloc * 3 + 1 + leadingslash); + curlx_dyn_init(&enc, (nalloc * 3) + 1 + leadingslash); if(leadingslash && (part[0] != '/')) { CURLcode result = curlx_dyn_addn(&enc, "/", 1); diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c index 1a5f6ffde2..1bbed79392 100644 --- a/lib/vauth/digest.c +++ b/lib/vauth/digest.c @@ -341,9 +341,9 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, struct MD5_context *ctxt; char *response = NULL; unsigned char digest[MD5_DIGEST_LEN]; - char HA1_hex[2 * MD5_DIGEST_LEN + 1]; - char HA2_hex[2 * MD5_DIGEST_LEN + 1]; - char resp_hash_hex[2 * MD5_DIGEST_LEN + 1]; + char HA1_hex[(2 * MD5_DIGEST_LEN) + 1]; + char HA2_hex[(2 * MD5_DIGEST_LEN) + 1]; + char resp_hash_hex[(2 * MD5_DIGEST_LEN) + 1]; char nonce[64]; char realm[128]; char algorithm[64]; diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c index 205ce6c06d..b50cfdd681 100644 --- a/lib/vauth/ntlm.c +++ b/lib/vauth/ntlm.c @@ -398,7 +398,7 @@ static void unicodecpy(unsigned char *dest, const char *src, size_t length) size_t i; for(i = 0; i < length; i++) { dest[2 * i] = (unsigned char)src[i]; - dest[2 * i + 1] = '\0'; + dest[(2 * i) + 1] = '\0'; } } diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index 123eb19b3d..ac8e4f35c9 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -391,8 +391,8 @@ static void pktx_update_time(struct Curl_easy *data, const struct curltime *pnow = Curl_pgrs_now(data); vquic_ctx_update_time(&ctx->q, pnow); - pktx->ts = (ngtcp2_tstamp)pnow->tv_sec * NGTCP2_SECONDS + - (ngtcp2_tstamp)pnow->tv_usec * NGTCP2_MICROSECONDS; + pktx->ts = ((ngtcp2_tstamp)pnow->tv_sec * NGTCP2_SECONDS) + + ((ngtcp2_tstamp)pnow->tv_usec * NGTCP2_MICROSECONDS); } static void pktx_init(struct pkt_io_ctx *pktx, @@ -406,8 +406,8 @@ static void pktx_init(struct pkt_io_ctx *pktx, pktx->data = data; ngtcp2_path_storage_zero(&pktx->ps); vquic_ctx_set_time(&ctx->q, pnow); - pktx->ts = (ngtcp2_tstamp)pnow->tv_sec * NGTCP2_SECONDS + - (ngtcp2_tstamp)pnow->tv_usec * NGTCP2_MICROSECONDS; + pktx->ts = ((ngtcp2_tstamp)pnow->tv_sec * NGTCP2_SECONDS) + + ((ngtcp2_tstamp)pnow->tv_usec * NGTCP2_MICROSECONDS); } static int cb_h3_acked_req_body(nghttp3_conn *conn, int64_t stream_id, diff --git a/lib/vtls/keylog.c b/lib/vtls/keylog.c index 51b26d2d3f..0206e32cf8 100644 --- a/lib/vtls/keylog.c +++ b/lib/vtls/keylog.c @@ -107,8 +107,9 @@ bool Curl_tls_keylog_write(const char *label, const unsigned char *secret, size_t secretlen) { size_t pos, i; - unsigned char line[KEYLOG_LABEL_MAXLEN + 1 + 2 * CLIENT_RANDOM_SIZE + 1 + - 2 * SECRET_MAXLEN + 1 + 1]; + unsigned char line[KEYLOG_LABEL_MAXLEN + 1 + + (2 * CLIENT_RANDOM_SIZE) + 1 + + (2 * SECRET_MAXLEN) + 1 + 1]; if(!keylog_file_fp) { return FALSE; diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 398bf8630a..846c9caaf3 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -173,8 +173,8 @@ static int mbedtls_bio_cf_read(void *bio, unsigned char *buf, size_t blen) /* See: * https://web.archive.org/web/20200921194007/tls.mbed.org/discussions/generic/howto-determine-exact-buffer-len-for-mbedtls_pk_write_pubkey_der */ -#define RSA_PUB_DER_MAX_BYTES (38 + 2 * MBEDTLS_MPI_MAX_SIZE) -#define ECP_PUB_DER_MAX_BYTES (30 + 2 * MBEDTLS_ECP_MAX_BYTES) +#define RSA_PUB_DER_MAX_BYTES (38 + (2 * MBEDTLS_MPI_MAX_SIZE)) +#define ECP_PUB_DER_MAX_BYTES (30 + (2 * MBEDTLS_ECP_MAX_BYTES)) #define PUB_DER_MAX_BYTES (RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \ RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES) diff --git a/lib/vtls/x509asn1.c b/lib/vtls/x509asn1.c index ff64dc9bf4..e4660801ea 100644 --- a/lib/vtls/x509asn1.c +++ b/lib/vtls/x509asn1.c @@ -983,7 +983,7 @@ static int do_pubkey(struct Curl_easy *data, int certnum, const char *algo, if(!certnum) infof(data, " ECC Public Key (%zu bits)", len); if(data->set.ssl.certinfo) { - char q[sizeof(len) * 8 / 3 + 1]; + char q[(sizeof(len) * 8 / 3) + 1]; (void)curl_msnprintf(q, sizeof(q), "%zu", len); if(ssl_push_certinfo(data, certnum, "ECC Public Key", q)) return 1; @@ -1018,7 +1018,7 @@ static int do_pubkey(struct Curl_easy *data, int certnum, const char *algo, if(!certnum) infof(data, " RSA Public Key (%zu bits)", len); if(data->set.ssl.certinfo) { - char r[sizeof(len) * 8 / 3 + 1]; + char r[(sizeof(len) * 8 / 3) + 1]; curl_msnprintf(r, sizeof(r), "%zu", len); if(ssl_push_certinfo(data, certnum, "RSA Public Key", r)) return 1; diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c index 3ac746484f..0280b30849 100644 --- a/src/tool_cb_prg.c +++ b/src/tool_cb_prg.c @@ -78,13 +78,13 @@ static void fly(struct ProgressData *bar, bool moved) memcpy(&buf[bar->bar + 1], "-=O=-", 5); - pos = sinus[bar->tick % 200] / (1000000 / check) + 1; + pos = (sinus[bar->tick % 200] / (1000000 / check)) + 1; buf[pos] = '#'; - pos = sinus[(bar->tick + 5) % 200] / (1000000 / check) + 1; + pos = (sinus[(bar->tick + 5) % 200] / (1000000 / check)) + 1; buf[pos] = '#'; - pos = sinus[(bar->tick + 10) % 200] / (1000000 / check) + 1; + pos = (sinus[(bar->tick + 10) % 200] / (1000000 / check)) + 1; buf[pos] = '#'; - pos = sinus[(bar->tick + 15) % 200] / (1000000 / check) + 1; + pos = (sinus[(bar->tick + 15) % 200] / (1000000 / check)) + 1; buf[pos] = '#'; fputs(buf, bar->out); diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 42c7207242..511a48bf03 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -618,7 +618,7 @@ UNITTEST ParameterError GetSizeParameter(const char *arg, curl_off_t *out) if(value > ((CURL_OFF_T_MAX - add) / mul)) return PARAM_NUMBER_TOO_LARGE; - *out = value * mul + add; + *out = (value * mul) + add; return PARAM_OK; } diff --git a/src/tool_operate.c b/src/tool_operate.c index 821ab7870b..d97a0c4eb2 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1788,7 +1788,7 @@ static CURLcode check_finished(struct parastate *s) if(retry) { ended->added = FALSE; /* add it again */ /* we delay retries in full integer seconds only */ - ended->startat = delay ? time(NULL) + delay / 1000 : 0; + ended->startat = delay ? time(NULL) + (delay / 1000) : 0; } else { /* result receives this transfer's error unless the transfer was diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c index 523b52629c..970d42192a 100644 --- a/src/tool_paramhlp.c +++ b/src/tool_paramhlp.c @@ -326,7 +326,7 @@ ParameterError secs2ms(long *valp, const char *str) ms = ((long)fracs * 100) / digs[len - 1]; } - *valp = (long)secs * 1000 + ms; + *valp = ((long)secs * 1000) + ms; return PARAM_OK; } diff --git a/src/tool_setopt.c b/src/tool_setopt.c index 750ef169d3..bd24e4b411 100644 --- a/src/tool_setopt.c +++ b/src/tool_setopt.c @@ -184,7 +184,7 @@ static char *c_escape(const char *str, curl_off_t len) CURLcode result; struct dynbuf escaped; - curlx_dyn_init(&escaped, 4 * MAX_STRING_LENGTH_OUTPUT + 3); + curlx_dyn_init(&escaped, (4 * MAX_STRING_LENGTH_OUTPUT) + 3); if(len == ZERO_TERMINATED) len = strlen(str); @@ -211,7 +211,7 @@ static char *c_escape(const char *str, curl_off_t len) if(!result) { if(p && *p) - result = curlx_dyn_addn(&escaped, to + 2 * (p - from), 2); + result = curlx_dyn_addn(&escaped, to + (2 * (p - from)), 2); else { result = curlx_dyn_addf(&escaped, /* Octal escape to avoid >2 digit hex. */ diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c index 4c5973875b..b8144c8673 100644 --- a/src/tool_urlglob.c +++ b/src/tool_urlglob.c @@ -272,8 +272,8 @@ static CURLcode glob_range(struct URLGlob *glob, const char **patternp, pat->c.ascii.letter = pat->c.ascii.min = min_c; pat->c.ascii.max = max_c; - if(multiply(amount, ((pat->c.ascii.max - pat->c.ascii.min) / - pat->c.ascii.step + 1))) + if(multiply(amount, (((pat->c.ascii.max - pat->c.ascii.min) / + pat->c.ascii.step) + 1))) return globerror(glob, "range overflow", *posp, CURLE_URL_MALFORMAT); } else if(ISDIGIT(*pattern)) { @@ -328,8 +328,8 @@ static CURLcode glob_range(struct URLGlob *glob, const char **patternp, pat->c.num.max = max_n; pat->c.num.step = step_n; - if(multiply(amount, ((pat->c.num.max - pat->c.num.min) / - pat->c.num.step + 1))) + if(multiply(amount, (((pat->c.num.max - pat->c.num.min) / + pat->c.num.step) + 1))) return globerror(glob, "range overflow", *posp, CURLE_URL_MALFORMAT); } else diff --git a/tests/libtest/first.c b/tests/libtest/first.c index eff83aefab..16be8ef9e6 100644 --- a/tests/libtest/first.c +++ b/tests/libtest/first.c @@ -147,7 +147,7 @@ static void memory_tracking_init(void) /* returns a hexdump in a static memory area */ char *hexdump(const unsigned char *buf, size_t len) { - static char dump[200 * 3 + 1]; + static char dump[(200 * 3) + 1]; char *p = dump; size_t i; if(len > 200) diff --git a/tests/libtest/lib530.c b/tests/libtest/lib530.c index cbc5130c79..ad2ad536f7 100644 --- a/tests/libtest/lib530.c +++ b/tests/libtest/lib530.c @@ -217,7 +217,7 @@ static ssize_t t530_getMicroSecondTimeout(struct curltime *timeout) struct curltime now; ssize_t result; now = curlx_now(); - result = (ssize_t)((timeout->tv_sec - now.tv_sec) * 1000000 + + result = (ssize_t)(((timeout->tv_sec - now.tv_sec) * 1000000) + timeout->tv_usec - now.tv_usec); if(result < 0) result = 0; diff --git a/tests/libtest/lib582.c b/tests/libtest/lib582.c index 7b640a0b7b..3a4e278e38 100644 --- a/tests/libtest/lib582.c +++ b/tests/libtest/lib582.c @@ -164,7 +164,7 @@ static ssize_t t582_getMicroSecondTimeout(struct curltime *timeout) struct curltime now; ssize_t result; now = curlx_now(); - result = (ssize_t)((timeout->tv_sec - now.tv_sec) * 1000000 + + result = (ssize_t)(((timeout->tv_sec - now.tv_sec) * 1000000) + timeout->tv_usec - now.tv_usec); if(result < 0) result = 0; diff --git a/tests/libtest/lib597.c b/tests/libtest/lib597.c index 476da71f16..0c1fc473f1 100644 --- a/tests/libtest/lib597.c +++ b/tests/libtest/lib597.c @@ -98,7 +98,7 @@ static CURLcode test_lib597(const char *URL) interval.tv_usec = (itimeout % 1000) * 1000; } else { - interval.tv_sec = TEST_HANG_TIMEOUT / 1000 - 1; + interval.tv_sec = (TEST_HANG_TIMEOUT / 1000) - 1; interval.tv_usec = 0; } diff --git a/tests/libtest/lib666.c b/tests/libtest/lib666.c index 5a5d644cec..55dd33ab35 100644 --- a/tests/libtest/lib666.c +++ b/tests/libtest/lib666.c @@ -40,7 +40,7 @@ static CURLcode test_lib666(const char *URL) if(i % 77 == 76) testbuf[i] = '\n'; else - testbuf[i] = (char)(0x41 + i % 26); /* A...Z */ + testbuf[i] = (char)(0x41 + (i % 26)); /* A...Z */ if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { curl_mfprintf(stderr, "curl_global_init() failed\n"); diff --git a/tests/libtest/lib758.c b/tests/libtest/lib758.c index 71d75b1028..e743da7f58 100644 --- a/tests/libtest/lib758.c +++ b/tests/libtest/lib758.c @@ -263,7 +263,7 @@ static ssize_t t758_getMicroSecondTimeout(struct curltime *timeout) struct curltime now; ssize_t result; now = curlx_now(); - result = (ssize_t)((timeout->tv_sec - now.tv_sec) * 1000000 + + result = (ssize_t)(((timeout->tv_sec - now.tv_sec) * 1000000) + timeout->tv_usec - now.tv_usec); if(result < 0) result = 0; diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c index 80eb22abf2..fcc97b2ca3 100644 --- a/tests/server/rtspd.c +++ b/tests/server/rtspd.c @@ -180,7 +180,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req) return 1; } - req->prot_version = prot_major * 10 + prot_minor; + req->prot_version = (prot_major * 10) + prot_minor; /* find the last slash */ ptr = strrchr(doc, '/'); diff --git a/tests/server/socksd.c b/tests/server/socksd.c index 85001340c2..f9bff8d5f3 100644 --- a/tests/server/socksd.c +++ b/tests/server/socksd.c @@ -293,8 +293,8 @@ static curl_socket_t socks4(curl_socket_t fd, static curl_socket_t sockit(curl_socket_t fd) { - unsigned char buffer[2 * 256 + 16]; - unsigned char response[2 * 256 + 16]; + unsigned char buffer[(2 * 256) + 16]; + unsigned char response[(2 * 256) + 16]; ssize_t rc; unsigned char len; unsigned char type; diff --git a/tests/server/sws.c b/tests/server/sws.c index c1b246d50f..e0072506fd 100644 --- a/tests/server/sws.c +++ b/tests/server/sws.c @@ -386,7 +386,7 @@ static int sws_ProcessRequest(struct sws_httprequest *req) if(fine) { const char *ptr; - req->prot_version = prot_major * 10 + prot_minor; + req->prot_version = (prot_major * 10) + prot_minor; /* find the last slash */ ptr = &httppath[npath]; diff --git a/tests/unit/unit1309.c b/tests/unit/unit1309.c index b5620dcdbb..5807d497ee 100644 --- a/tests/unit/unit1309.c +++ b/tests/unit/unit1309.c @@ -109,9 +109,9 @@ static CURLcode test_unit1309(const char *arg) /* add some nodes with the same key */ for(j = 0; j <= i % 3; j++) { - storage[i * 3 + j] = key.tv_usec * 10 + j; - Curl_splayset(&nodes[i * 3 + j], &storage[i * 3 + j]); - root = Curl_splayinsert(&key, root, &nodes[i * 3 + j]); + storage[(i * 3) + j] = (key.tv_usec * 10) + j; + Curl_splayset(&nodes[(i * 3) + j], &storage[(i * 3) + j]); + root = Curl_splayinsert(&key, root, &nodes[(i * 3) + j]); } } From 453470fab1bd2920d40af67620d24d711770fd61 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 23 Feb 2026 22:12:03 +0100 Subject: [PATCH 11/88] spacecheck: double spaces in folded strings, fix fallouts Closes #20695 --- lib/http2.c | 2 +- lib/rtsp.c | 4 ++-- lib/tftp.c | 2 +- lib/vtls/schannel.c | 2 +- scripts/spacecheck.pl | 10 ++++++++++ 5 files changed, 15 insertions(+), 5 deletions(-) diff --git a/lib/http2.c b/lib/http2.c index 8712934a5c..fa160c1cf6 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -1702,7 +1702,7 @@ static CURLcode http2_handle_stream_close(struct Curl_cfilter *cf, } else if(!stream->bodystarted) { failf(data, "HTTP/2 stream %d was closed cleanly, but before getting " - " all response header fields, treated as error", stream->id); + "all response header fields, treated as error", stream->id); return CURLE_HTTP2_STREAM; } diff --git a/lib/rtsp.c b/lib/rtsp.c index d0e5cf43e3..58bebc90e2 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -902,8 +902,8 @@ static CURLcode rtsp_rtp_write_resp(struct Curl_easy *data, /* we SHOULD have consumed all bytes, unless the response is borked. * In which case we write out the left over bytes, letting the client * writer deal with it (it will report EXCESS and fail the transfer). */ - DEBUGF(infof(data, "rtsp_rtp_write_resp(len=%zu, in_header=%d, done=%d " - " rtspc->state=%d, req.size=%" FMT_OFF_T ")", + DEBUGF(infof(data, "rtsp_rtp_write_resp(len=%zu, in_header=%d, done=%d, " + "rtspc->state=%d, req.size=%" FMT_OFF_T ")", blen, rtspc->in_header, data->req.done, rtspc->state, data->req.size)); if(!result && (is_eos || blen)) { diff --git a/lib/tftp.c b/lib/tftp.c index 7b503436dd..d6dbc4afa4 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -451,7 +451,7 @@ static CURLcode tftp_tx(struct tftp_conn *state, tftp_event_t event) /* Increment the retry counter and log the timeout */ state->retries++; infof(data, "Timeout waiting for block %d ACK. " - " Retries = %d", NEXT_BLOCKNUM(state->block), state->retries); + "Retries = %d", NEXT_BLOCKNUM(state->block), state->retries); /* Decide if we have had enough */ if(state->retries > state->retry_max) { state->error = TFTP_ERR_TIMEOUT; diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index d533d9a5b6..5f0bdcc8ac 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -407,7 +407,7 @@ static CURLcode get_client_cert(struct Curl_easy *data, if((fInCert || blob) && data->set.ssl.cert_type && !curl_strequal(data->set.ssl.cert_type, "P12")) { failf(data, "schannel: certificate format compatibility error " - " for %s", + "for %s", blob ? "(memory blob)" : data->set.ssl.primary.clientcert); curlx_free(cert_store_path); if(fInCert) diff --git a/scripts/spacecheck.pl b/scripts/spacecheck.pl index ad450119fd..2fb2c9793f 100755 --- a/scripts/spacecheck.pl +++ b/scripts/spacecheck.pl @@ -170,6 +170,16 @@ while(my $filename = <$git_ls_files>) { } } + my $search = $content; + my $linepos = 0; + while($search =~ / "\n *" /) { + my $part = substr($search, 0, $+[0]); + $search = substr($search, $+[0]); + my $line = ($part =~ tr/\n//); + push @err, sprintf("line %d: double spaces in folded string", $linepos + $line); + $linepos += $line; + } + if($content =~ /([\x00-\x08\x0b\x0c\x0e-\x1f\x7f])/) { push @err, "content: has binary contents"; } From 67298a80b3a2d092d801a4dc4a6f115935092eec Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 23 Feb 2026 20:23:58 +0100 Subject: [PATCH 12/88] INSTALL-CMAKE.md: document the `curl` build target Can be useful to together with `testdeps` to build all binaries. Closes #20694 --- docs/INSTALL-CMAKE.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index d59a509d47..552a40bcfa 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -564,6 +564,7 @@ Note: These variables are internal and subject to change. where is the .c filename without extension. - `curl-examples-build`: Build examples quickly but without the ability to run them. (for build tests) - `curl-man`: Build man pages. (built by default unless disabled) +- `curl`: Build curl tool. - `curl_uninstall`: Uninstall curl. - `curl-completion-fish`: Build shell completions for fish. (built by default if enabled) - `curl-completion-zsh`: Build shell completions for zsh. (built by default if enabled) From 9d94b1a06620ed838ae1354b414316e5f707486a Mon Sep 17 00:00:00 2001 From: Diogo Correia Date: Tue, 24 Feb 2026 01:58:35 +0100 Subject: [PATCH 13/88] docs: use dot instead of comma at end of sentences Some sentences incorrectly ended with a command instead of a dot. Closes #20700 --- docs/CONTRIBUTE.md | 2 +- docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/CONTRIBUTE.md b/docs/CONTRIBUTE.md index 093244f2f5..1449cc191e 100644 --- a/docs/CONTRIBUTE.md +++ b/docs/CONTRIBUTE.md @@ -48,7 +48,7 @@ By submitting a patch to the curl project, you are assumed to have the right to the code and to be allowed by your employer or whatever to hand over that patch/code to us. We credit you for your changes as far as possible, to give credit but also to keep a trace back to who made what changes. Please always -provide us with your full real name when contributing, +provide us with your full real name when contributing. ## What To Read diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md index 72a4d41cb0..4a5d429107 100644 --- a/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md +++ b/docs/libcurl/opts/CURLOPT_SSL_VERIFYHOST.md @@ -47,7 +47,7 @@ Subject Alternate Name field in the certificate matches the hostname in the URL to which you told curl to connect. When the *verify* value is 0, the connection succeeds regardless of the names -in the certificate. Use that ability with caution, +in the certificate. Use that ability with caution. This option controls checking the server's certificate's claimed identity. The separate CURLOPT_SSL_VERIFYPEER(3) options enables/disables verification that From 956e1ae84f2fec9f027b4ce80999744326b30992 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 24 Feb 2026 11:01:35 +0100 Subject: [PATCH 14/88] setopt: refuse blobs with zero length A blob must have a length or it will not be accepted. By enforcing the check here, TLS backend code can rely on the fact that the length is always non-zero from this point. Reported-by: aisle-research-bot URL: https://github.com/curl/curl/pull/20689#pullrequestreview-3846390367 Closes #20705 --- lib/setopt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/setopt.c b/lib/setopt.c index 604c9cbc4c..5d5da804d4 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -107,7 +107,7 @@ CURLcode Curl_setblobopt(struct curl_blob **blobp, if(blob) { struct curl_blob *nblob; - if(blob->len > CURL_MAX_INPUT_LENGTH) + if(!blob->len || (blob->len > CURL_MAX_INPUT_LENGTH)) return CURLE_BAD_FUNCTION_ARGUMENT; nblob = (struct curl_blob *) curlx_malloc(sizeof(struct curl_blob) + From 7981594df590030e6fe01b8f44704f0cf02cf9c1 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 23 Feb 2026 14:45:44 +0100 Subject: [PATCH 15/88] mbedtls: split mbed_connect_step1 into sub functions Increase readability. Reduce complexity. Closes #20689 --- lib/vtls/mbedtls.c | 284 ++++++++++++++++++++++++++++----------------- 1 file changed, 175 insertions(+), 109 deletions(-) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index 846c9caaf3..f37dc81944 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -246,10 +246,10 @@ mbed_set_ssl_version_min_max(struct Curl_easy *data, return CURLE_OK; } -/* TLS_ECJPAKE_WITH_AES_128_CCM_8 (0xC0FF) is marked experimental - in mbedTLS. The number is not reserved by IANA nor is the - cipher suite present in other SSL implementations. Provide - provisional support for specifying the cipher suite here. */ +/* TLS_ECJPAKE_WITH_AES_128_CCM_8 (0xC0FF) is marked experimental in mbedTLS. + The number is not reserved by IANA nor is the cipher suite present in other + SSL implementations. Provide provisional support for specifying the cipher + suite here. */ #ifdef MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 static int mbed_cipher_suite_get_str(uint16_t id, char *buf, size_t buf_size, bool prefer_rfc) @@ -469,39 +469,26 @@ static int mbed_verify_cb(void *ptr, mbedtls_x509_crt *crt, return 0; } -static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, - struct Curl_easy *data) +static CURLcode mbed_load_cacert(struct Curl_cfilter *cf, + struct Curl_easy *data) { struct ssl_connect_data *connssl = cf->ctx; struct mbed_ssl_backend_data *backend = (struct mbed_ssl_backend_data *)connssl->backend; struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); const struct curl_blob *ca_info_blob = conn_config->ca_info_blob; - struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); const char * const ssl_cafile = /* CURLOPT_CAINFO_BLOB overrides CURLOPT_CAINFO */ (ca_info_blob ? NULL : conn_config->CAfile); const bool verifypeer = conn_config->verifypeer; const char * const ssl_capath = conn_config->CApath; - char * const ssl_cert = ssl_config->primary.clientcert; - const struct curl_blob *ssl_cert_blob = ssl_config->primary.cert_blob; #ifdef MBEDTLS_PEM_PARSE_C + struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); const char * const ssl_cert_type = ssl_config->cert_type; #endif - const char * const ssl_crlfile = ssl_config->primary.CRLfile; int ret = -1; char errorbuf[128]; - DEBUGASSERT(backend); - DEBUGASSERT(!backend->initialized); - - if((conn_config->version == CURL_SSLVERSION_SSLv2) || - (conn_config->version == CURL_SSLVERSION_SSLv3)) { - failf(data, "Not supported SSL version"); - return CURLE_NOT_BUILT_IN; - } - - /* Load the trusted CA */ mbedtls_x509_crt_init(&backend->cacert); if(ca_info_blob && verifypeer) { @@ -510,18 +497,16 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, mbedtls_x509_crt_parse(). */ if((ssl_cert_type && curl_strequal(ssl_cert_type, "DER")) || ((char *)(ca_info_blob->data))[ca_info_blob->len - 1] == '\0') { - - ret = mbedtls_x509_crt_parse(&backend->cacert, - ca_info_blob->data, + ret = mbedtls_x509_crt_parse(&backend->cacert, ca_info_blob->data, ca_info_blob->len); } else { /* they say it is PEM and it is not null-terminated */ - /* Unfortunately, mbedtls_x509_crt_parse() requires the data to - be null-terminated if the data is PEM encoded (even when - provided the exact length). The function accepts PEM or DER - formats, but we cannot assume if the user passed in a PEM - format cert that it is null-terminated. */ + /* Unfortunately, mbedtls_x509_crt_parse() requires the data to be + null-terminated if the data is PEM encoded (even when provided the + exact length). The function accepts PEM or DER formats, but we cannot + assume if the user passed in a PEM format cert that it is + null-terminated. */ unsigned char *newblob = curlx_memdup0(ca_info_blob->data, ca_info_blob->len); if(!newblob) @@ -532,12 +517,10 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, curlx_free(newblob); } #else - /* DER encoded certs do not need to be null terminated - because it is a binary format. So if we are not compiling - with PEM_PARSE we can avoid the extra memory copies - altogether. */ - ret = mbedtls_x509_crt_parse_der(&backend->cacert, - ca_info_blob->data, + /* DER encoded certs do not need to be null terminated because it is a + binary format. So if we are not compiling with PEM_PARSE we can avoid + the extra memory copies altogether. */ + ret = mbedtls_x509_crt_parse_der(&backend->cacert, ca_info_blob->data, ca_info_blob->len); #endif @@ -583,7 +566,24 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, #endif } - /* Load the client certificate */ + return CURLE_OK; +} + +static CURLcode mbed_load_clicert(struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + struct ssl_connect_data *connssl = cf->ctx; + struct mbed_ssl_backend_data *backend = + (struct mbed_ssl_backend_data *)connssl->backend; + struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); + char * const ssl_cert = ssl_config->primary.clientcert; + const struct curl_blob *ssl_cert_blob = ssl_config->primary.cert_blob; +#ifdef MBEDTLS_PEM_PARSE_C + const char * const ssl_cert_type = ssl_config->cert_type; +#endif + int ret = -1; + char errorbuf[128]; + mbedtls_x509_crt_init(&backend->clicert); if(ssl_cert) { @@ -616,11 +616,11 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, } else { /* they say it is PEM and it is not null-terminated */ - /* Unfortunately, mbedtls_x509_crt_parse() requires the data to - be null-terminated if the data is PEM encoded (even when - provided the exact length). The function accepts PEM or DER - formats, but we cannot assume if the user passed in a PEM - format cert that it is null-terminated. */ + /* Unfortunately, mbedtls_x509_crt_parse() requires the data to be + null-terminated if the data is PEM encoded (even when provided the + exact length). The function accepts PEM or DER formats, but we cannot + assume if the user passed in a PEM format cert that it is + null-terminated. */ unsigned char *newblob = curlx_memdup0(ssl_cert_blob->data, ssl_cert_blob->len); if(!newblob) @@ -630,24 +630,34 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, curlx_free(newblob); } #else - /* DER encoded certs do not need to be null terminated - because it is a binary format. So if we are not compiling - with PEM_PARSE we can avoid the extra memory copies - altogether. */ - ret = mbedtls_x509_crt_parse_der(&backend->clicert, - ssl_cert_blob->data, + /* DER encoded certs do not need to be null terminated because it is a + binary format. So if we are not compiling with PEM_PARSE we can avoid + the extra memory copies altogether. */ + ret = mbedtls_x509_crt_parse_der(&backend->clicert, ssl_cert_blob->data, ssl_cert_blob->len); #endif if(ret) { mbedtls_strerror(ret, errorbuf, sizeof(errorbuf)); - failf(data, "mbedTLS: error reading client cert data %s: (-0x%04X) %s", - ssl_config->key, -ret, errorbuf); + failf(data, "mbedTLS: error reading client cert blob: (-0x%04X) %s", + -ret, errorbuf); return CURLE_SSL_CERTPROBLEM; } } - /* Load the client private key */ + return CURLE_OK; +} + +static CURLcode mbed_load_privkey(struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + struct ssl_connect_data *connssl = cf->ctx; + struct mbed_ssl_backend_data *backend = + (struct mbed_ssl_backend_data *)connssl->backend; + struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); + int ret = -1; + char errorbuf[128]; + mbedtls_pk_init(&backend->pk); if(ssl_config->key || ssl_config->key_blob) { @@ -656,12 +666,13 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, #if MBEDTLS_VERSION_NUMBER >= 0x04000000 ret = mbedtls_pk_parse_keyfile(&backend->pk, ssl_config->key, ssl_config->key_passwd); - if(ret == 0 && !(mbedtls_pk_can_do_psa(&backend->pk, - PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH), - PSA_KEY_USAGE_SIGN_HASH) || - mbedtls_pk_can_do_psa(&backend->pk, - MBEDTLS_PK_ALG_ECDSA(PSA_ALG_ANY_HASH), - PSA_KEY_USAGE_SIGN_HASH))) + if(ret == 0 && + !(mbedtls_pk_can_do_psa(&backend->pk, + PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH), + PSA_KEY_USAGE_SIGN_HASH) || + mbedtls_pk_can_do_psa(&backend->pk, + MBEDTLS_PK_ALG_ECDSA(PSA_ALG_ANY_HASH), + PSA_KEY_USAGE_SIGN_HASH))) ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; #else ret = mbedtls_pk_parse_keyfile(&backend->pk, ssl_config->key, @@ -693,12 +704,13 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len, (const unsigned char *)passwd, passwd ? strlen(passwd) : 0); - if(ret == 0 && !(mbedtls_pk_can_do_psa(&backend->pk, - PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH), - PSA_KEY_USAGE_SIGN_HASH) || - mbedtls_pk_can_do_psa(&backend->pk, - MBEDTLS_PK_ALG_ECDSA(PSA_ALG_ANY_HASH), - PSA_KEY_USAGE_SIGN_HASH))) + if(ret == 0 && + !(mbedtls_pk_can_do_psa(&backend->pk, + PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH), + PSA_KEY_USAGE_SIGN_HASH) || + mbedtls_pk_can_do_psa(&backend->pk, + MBEDTLS_PK_ALG_ECDSA(PSA_ALG_ANY_HASH), + PSA_KEY_USAGE_SIGN_HASH))) ret = MBEDTLS_ERR_PK_TYPE_MISMATCH; #else ret = mbedtls_pk_parse_key(&backend->pk, key_data, ssl_key_blob->len, @@ -720,13 +732,25 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, } } - /* Load the CRL */ + return CURLE_OK; +} + +static CURLcode mbed_load_crl(struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + struct ssl_connect_data *connssl = cf->ctx; + struct mbed_ssl_backend_data *backend = + (struct mbed_ssl_backend_data *)connssl->backend; + struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); + const char * const ssl_crlfile = ssl_config->primary.CRLfile; + #ifdef MBEDTLS_X509_CRL_PARSE_C mbedtls_x509_crl_init(&backend->crl); if(ssl_crlfile) { + char errorbuf[128]; #ifdef MBEDTLS_FS_IO - ret = mbedtls_x509_crl_parse_file(&backend->crl, ssl_crlfile); + int ret = mbedtls_x509_crl_parse_file(&backend->crl, ssl_crlfile); if(ret) { mbedtls_strerror(ret, errorbuf, sizeof(errorbuf)); @@ -736,17 +760,34 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, return CURLE_SSL_CRL_BADFILE; } #else + (void)errorbuf; failf(data, "mbedTLS: functions that use the file system not built in"); return CURLE_NOT_BUILT_IN; #endif } #else + (void)backend; if(ssl_crlfile) { failf(data, "mbedTLS: CRL support not built in"); return CURLE_NOT_BUILT_IN; } #endif + return CURLE_OK; +} + +static CURLcode mbed_configure_ssl(struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + struct ssl_connect_data *connssl = cf->ctx; + struct mbed_ssl_backend_data *backend = + (struct mbed_ssl_backend_data *)connssl->backend; + struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); + struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data); + int ret; + CURLcode result; + char errorbuf[128]; + infof(data, "mbedTLS: Connecting to %s:%d", connssl->peer.hostname, connssl->peer.port); @@ -773,11 +814,12 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && \ - MBEDTLS_VERSION_NUMBER >= 0x03060100 && MBEDTLS_VERSION_NUMBER < 0x04000000 - /* New in mbedTLS 3.6.1, need to enable, default is now disabled. - 4.0.0 enabled it by default for TLSv1.3. */ - mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(&backend->config, - MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED); + MBEDTLS_VERSION_NUMBER >= 0x03060100 && \ + MBEDTLS_VERSION_NUMBER < 0x04000000 + /* New in mbedTLS 3.6.1, need to enable, default is now disabled. 4.0.0 + enabled it by default for TLSv1.3. */ + mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets( + &backend->config, MBEDTLS_SSL_TLS1_3_SIGNAL_NEW_SESSION_TICKETS_ENABLED); #endif /* Always let mbedTLS verify certificates, if verifypeer or verifyhost are @@ -793,20 +835,21 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, mbedtls_ssl_conf_cert_profile(&backend->config, &mbedtls_x509_crt_profile_next); - ret = mbed_set_ssl_version_min_max(data, backend, conn_config); - if(ret != CURLE_OK) - return ret; + result = mbed_set_ssl_version_min_max(data, backend, conn_config); + if(result) + return result; #if MBEDTLS_VERSION_NUMBER < 0x04000000 mbedtls_ssl_conf_rng(&backend->config, mbedtls_ctr_drbg_random, &rng.drbg); #endif - ret = mbedtls_ssl_setup(&backend->ssl, &backend->config); + ret = mbedtls_ssl_setup(&backend->ssl, + &backend->config); if(ret) { mbedtls_strerror(ret, errorbuf, sizeof(errorbuf)); - failf(data, "mbedTLS: ssl_setup failed: (-0x%04X) %s", - -ret, errorbuf); + failf(data, "mbedTLS: ssl_setup failed: " + "(-0x%04X) %s", -ret, errorbuf); return CURLE_SSL_CONNECT_ERROR; } @@ -817,16 +860,15 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, #ifndef MBEDTLS_SSL_PROTO_TLS1_3 if(conn_config->cipher_list) { - CURLcode result = mbed_set_selected_ciphers(data, backend, - conn_config->cipher_list, - NULL); + result = mbed_set_selected_ciphers(data, backend, + conn_config->cipher_list, NULL); #else if(conn_config->cipher_list || conn_config->cipher_list13) { - CURLcode result = mbed_set_selected_ciphers(data, backend, - conn_config->cipher_list, - conn_config->cipher_list13); + result = mbed_set_selected_ciphers(data, backend, + conn_config->cipher_list, + conn_config->cipher_list13); #endif - if(result != CURLE_OK) { + if(result) { failf(data, "mbedTLS: failed to set cipher suites"); return result; } @@ -849,11 +891,9 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, /* Check if there is a cached ID we can/should use here! */ if(Curl_ssl_scache_use(cf, data)) { struct Curl_ssl_session *sc_session = NULL; - CURLcode result; - - result = Curl_ssl_scache_take(cf, data, connssl->peer.scache_key, - &sc_session); - if(!result && sc_session && sc_session->sdata && sc_session->sdata_len) { + CURLcode sresult = Curl_ssl_scache_take(cf, data, connssl->peer.scache_key, + &sc_session); + if(!sresult && sc_session && sc_session->sdata && sc_session->sdata_len) { mbedtls_ssl_session session; mbedtls_ssl_session_init(&session); @@ -871,20 +911,21 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, } mbedtls_ssl_session_free(&session); } - Curl_ssl_scache_return(cf, data, connssl->peer.scache_key, sc_session); + Curl_ssl_scache_return(cf, data, connssl->peer.scache_key, + sc_session); } - mbedtls_ssl_conf_ca_chain(&backend->config, - &backend->cacert, + mbedtls_ssl_conf_ca_chain(&backend->config, &backend->cacert, #ifdef MBEDTLS_X509_CRL_PARSE_C - &backend->crl); + &backend->crl #else - NULL); + NULL #endif + ); if(ssl_config->key || ssl_config->key_blob) { - mbedtls_ssl_conf_own_cert(&backend->config, - &backend->clicert, &backend->pk); + mbedtls_ssl_conf_own_cert(&backend->config, &backend->clicert, + &backend->pk); } if(mbedtls_ssl_set_hostname(&backend->ssl, connssl->peer.sni ? @@ -918,16 +959,41 @@ static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, /* give application a chance to interfere with mbedTLS set up. */ if(data->set.ssl.fsslctx) { - CURLcode result = (*data->set.ssl.fsslctx)(data, &backend->config, - data->set.ssl.fsslctxp); - if(result != CURLE_OK) { + result = (*data->set.ssl.fsslctx)(data, &backend->config, + data->set.ssl.fsslctxp); + if(result) failf(data, "error signaled by ssl ctx callback"); - return result; - } } - connssl->connecting_state = ssl_connect_2; + return result; +} +static CURLcode mbed_connect_step1(struct Curl_cfilter *cf, + struct Curl_easy *data) +{ + struct ssl_connect_data *connssl = cf->ctx; + struct ssl_primary_config *conn_config = Curl_ssl_cf_get_primary_config(cf); + CURLcode result; + + if((conn_config->version == CURL_SSLVERSION_SSLv2) || + (conn_config->version == CURL_SSLVERSION_SSLv3)) { + failf(data, "Not supported SSL version"); + return CURLE_NOT_BUILT_IN; + } + + result = mbed_load_cacert(cf, data); + if(!result) + result = mbed_load_clicert(cf, data); + if(!result) + result = mbed_load_privkey(cf, data); + if(!result) + result = mbed_load_crl(cf, data); + if(!result) + result = mbed_configure_ssl(cf, data); + if(result) + return result; + + connssl->connecting_state = ssl_connect_2; return CURLE_OK; } @@ -1375,7 +1441,7 @@ static CURLcode mbedtls_connect(struct Curl_cfilter *cf, struct Curl_easy *data, bool *done) { - CURLcode retcode; + CURLcode result; struct ssl_connect_data *connssl = cf->ctx; /* check if the connection has already been established */ @@ -1388,15 +1454,15 @@ static CURLcode mbedtls_connect(struct Curl_cfilter *cf, connssl->io_need = CURL_SSL_IO_NEED_NONE; if(ssl_connect_1 == connssl->connecting_state) { - retcode = mbed_connect_step1(cf, data); - if(retcode) - return retcode; + result = mbed_connect_step1(cf, data); + if(result) + return result; } if(ssl_connect_2 == connssl->connecting_state) { - retcode = mbed_connect_step2(cf, data); - if(retcode) - return retcode; + result = mbed_connect_step2(cf, data); + if(result) + return result; } if(ssl_connect_3 == connssl->connecting_state) { @@ -1407,9 +1473,9 @@ static CURLcode mbedtls_connect(struct Curl_cfilter *cf, if(mbedtls_ssl_get_version_number(&backend->ssl) <= MBEDTLS_SSL_VERSION_TLS1_2) { - retcode = mbed_new_session(cf, data); - if(retcode) - return retcode; + result = mbed_new_session(cf, data); + if(result) + return result; } connssl->connecting_state = ssl_connect_done; } From ba685ad5e5712fed4c3772df0372569b4e5ff428 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 19 Feb 2026 18:10:58 +0100 Subject: [PATCH 16/88] openssl: fix potential NULL dereference when loading certs (Windows) This could happen if the first cert to be loaded missed EKU (Enhanced Key Usage) data, when using native CA on Windows. Fix by skipping certs without Enhanced Key Usage data. Detected by clang-tidy: ``` lib/vtls/openssl.c:2922:15: warning: Access to field 'cUsageIdentifier' results in a dereference of a null pointer (loaded from variable 'enhkey_usage') [clang-analyzer-core.NullDereference] 2922 | if(!enhkey_usage->cUsageIdentifier) { | ^ ``` Refs: https://learn.microsoft.com/windows/win32/secgloss/e-gly https://learn.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-certgetenhancedkeyusage https://gitlab.winehq.org/wine/wine/-/blob/wine-11.2/dlls/crypt32/cert.c?ref_type=tags#L3061-3164 Assisted-by: Stefan Eissing Closes #20634 --- lib/vtls/openssl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 8572f0ec13..04db896473 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -2917,8 +2917,8 @@ static CURLcode ossl_win_load_store(struct Curl_easy *data, * depending on what is found. For more details see * CertGetEnhancedKeyUsage doc. */ - if(CertGetEnhancedKeyUsage(pContext, 0, NULL, &req_size)) { - if(req_size && req_size > enhkey_usage_size) { + if(CertGetEnhancedKeyUsage(pContext, 0, NULL, &req_size) && req_size) { + if(req_size > enhkey_usage_size) { void *tmp = curlx_realloc(enhkey_usage, req_size); if(!tmp) { From 6ef6fb84ac40b6cd39d60f2b9aa3d6947c5ac3c2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 24 Feb 2026 11:21:20 +0100 Subject: [PATCH 17/88] top-complexity: lower the max allowed complexity to 60 Closes #20706 --- scripts/top-complexity | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/top-complexity b/scripts/top-complexity index 7ee0c825ec..26fa20ee87 100755 --- a/scripts/top-complexity +++ b/scripts/top-complexity @@ -78,8 +78,9 @@ my %whitelist = ( ); -# functions with complexity above this level causes the function to return error -my $cutoff = 70; +# complexity above this level is treated as an error and contributes to the +# script's exit code +my $cutoff = 60; # show this many from the top my $top = $ARGV[0] ? $ARGV[0] : 25; From 704a0a3fa99be093601f7a065f73f2fef78e061f Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 24 Feb 2026 14:59:01 +0100 Subject: [PATCH 18/88] config-riscos.h: drop all undefs They are superfluous Closes #20711 --- lib/config-riscos.h | 81 --------------------------------------------- 1 file changed, 81 deletions(-) diff --git a/lib/config-riscos.h b/lib/config-riscos.h index 9f585565d8..879be03d52 100644 --- a/lib/config-riscos.h +++ b/lib/config-riscos.h @@ -36,36 +36,15 @@ /* Define if you want the built-in manual */ #define USE_MANUAL -/* Define if you have the gethostbyname_r() function with 3 arguments */ -#undef HAVE_GETHOSTBYNAME_R_3 - -/* Define if you have the gethostbyname_r() function with 5 arguments */ -#undef HAVE_GETHOSTBYNAME_R_5 - -/* Define if you have the gethostbyname_r() function with 6 arguments */ -#undef HAVE_GETHOSTBYNAME_R_6 - -/* Define if you need the _REENTRANT define for some functions */ -#undef NEED_REENTRANT - -/* Define if you want to enable IPv6 support */ -#undef USE_IPV6 - /* Define if struct sockaddr_in6 has the sin6_scope_id member */ #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1 -/* Define this to 'int' if ssize_t is not an available typedefed type */ -#undef ssize_t - /* Define if you have the alarm function. */ #define HAVE_ALARM /* Define if you have the header file. */ #define HAVE_ARPA_INET_H -/* Define if you have the `closesocket' function. */ -#undef HAVE_CLOSESOCKET - /* Define if you have the header file. */ #define HAVE_FCNTL_H @@ -75,30 +54,15 @@ /* Define if getaddrinfo exists and works */ #define HAVE_GETADDRINFO -/* Define if you have the `geteuid' function. */ -#undef HAVE_GETEUID - -/* Define if you have the `gethostbyname_r' function. */ -#undef HAVE_GETHOSTBYNAME_R - /* Define if you have the `gethostname' function. */ #define HAVE_GETHOSTNAME -/* Define if you have the `getpass_r' function. */ -#undef HAVE_GETPASS_R - -/* Define if you have the `getpwuid' function. */ -#undef HAVE_GETPWUID - /* Define if you have the `gettimeofday' function. */ #define HAVE_GETTIMEOFDAY /* Define if you have the `timeval' struct. */ #define HAVE_STRUCT_TIMEVAL -/* Define if you have the header file. */ -#undef HAVE_IO_H - /* Define if you have the header file. */ #define HAVE_NETDB_H @@ -108,51 +72,24 @@ /* Define if you have the header file. */ #define HAVE_NET_IF_H -/* Define if you have the header file. */ -#undef HAVE_PWD_H - /* Define if you have the `select' function. */ #define HAVE_SELECT -/* Define if you have the `sigaction' function. */ -#undef HAVE_SIGACTION - /* Define if you have the `signal' function. */ #define HAVE_SIGNAL /* Define if you have the `socket' function. */ #define HAVE_SOCKET -/* Define if you have the `strcasecmp' function. */ -#undef HAVE_STRCASECMP - -/* Define if you have the `strcmpi' function. */ -#undef HAVE_STRCMPI - /* Define if you have the `stricmp' function. */ #define HAVE_STRICMP -/* Define if you have the header file. */ -#undef HAVE_STRINGS_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PARAM_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SELECT_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SOCKIO_H - /* Define if you have the header file. */ #define HAVE_SYS_TYPES_H /* Define if you have the header file. */ #define HAVE_TERMIOS_H -/* Define if you have the header file. */ -#undef HAVE_TERMIO_H - /* Define if you have the header file. */ #define HAVE_UNISTD_H @@ -162,24 +99,6 @@ /* The size of `size_t', as computed by sizeof. */ #define SIZEOF_SIZE_T 4 -/* Define if you have the ANSI C header files. */ -#undef STDC_HEADERS - -/* Version number of package */ -#undef VERSION - -/* Number of bits in a file offset, on hosts where this is settable. */ -#undef _FILE_OFFSET_BITS - -/* Define to empty if `const' does not conform to ANSI C. */ -#undef const - -/* Define to `unsigned' if does not define. */ -#undef size_t - -/* Define to `int' if does not define. */ -#undef ssize_t - /* Define if you have a working ioctl FIONBIO function. */ #define HAVE_IOCTL_FIONBIO From c513b1d520a4a5ee0ceec92b43308f06393c3212 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 23 Feb 2026 23:55:59 +0100 Subject: [PATCH 19/88] DEPRECATE.md: TLS SRP support gets removed in August 2026 Closes #20697 --- docs/DEPRECATE.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md index c8231c36b2..79569f86f3 100644 --- a/docs/DEPRECATE.md +++ b/docs/DEPRECATE.md @@ -34,6 +34,14 @@ We remove support for CMake <3.18 in April 2026. CMake 3.18 was released on 2020-07-15. +## TLS SRP Authentication + +Transport Layer Security Secure Remote Password is a TLS feature that does not +work with TLS 1.3 or QUIC and is virtually unused by curl users and in +general. + +TLS-SRP support gets removed in August 2026. + ## Past removals - axTLS (removed in 7.63.0) From be2499f7dda1f2d541004d10937f018cea1639ef Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 24 Feb 2026 12:07:45 +0100 Subject: [PATCH 20/88] managen: silence Perl warnings Closes #20707 --- scripts/managen | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/managen b/scripts/managen index f800f37dd9..13a2302865 100755 --- a/scripts/managen +++ b/scripts/managen @@ -581,10 +581,10 @@ sub single { my $magic; # cmdline special option my $line; my $dline; - my $multi; + my $multi = ""; my $scope; my $experimental; - my $start; + my $start = 0; my $list; # identifies the list, 1 example, 2 see-also while(<$fh>) { $line++; @@ -819,7 +819,7 @@ sub single { "when you use several URLs in a command line.\n", manpageify($long, $manpage)); } - else { + elsif($multi) { print STDERR "$f:$line:1:ERROR: unrecognized Multi: '$multi'\n"; return 2; } From 102d4c8ba9e162f4f1f9ac4d45571de26a49739a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 15 Feb 2026 20:34:09 +0100 Subject: [PATCH 21/88] tidy-up: macro parentheses Add missing and drop redundant parentheses. Also: fix whitespace. Ref: #20690 Closes #20710 --- include/curl/curl.h | 4 ++-- include/curl/multi.h | 2 +- lib/curl_setup.h | 2 +- lib/headers.h | 6 +++--- lib/mime.h | 2 +- lib/rand.h | 4 ++-- lib/select.h | 20 ++++++++++---------- lib/setup-os400.h | 2 +- lib/vtls/vtls.h | 2 +- 9 files changed, 22 insertions(+), 22 deletions(-) diff --git a/include/curl/curl.h b/include/curl/curl.h index 923b6f5473..99b517adb3 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -3254,10 +3254,10 @@ CURL_EXTERN const char *curl_share_strerror(CURLSHcode error); CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int bitmask); #define CURLPAUSE_RECV (1 << 0) -#define CURLPAUSE_RECV_CONT (0) +#define CURLPAUSE_RECV_CONT 0 #define CURLPAUSE_SEND (1 << 2) -#define CURLPAUSE_SEND_CONT (0) +#define CURLPAUSE_SEND_CONT 0 #define CURLPAUSE_ALL (CURLPAUSE_RECV | CURLPAUSE_SEND) #define CURLPAUSE_CONT (CURLPAUSE_RECV_CONT | CURLPAUSE_SEND_CONT) diff --git a/include/curl/multi.h b/include/curl/multi.h index ba43123152..6c098e5a0c 100644 --- a/include/curl/multi.h +++ b/include/curl/multi.h @@ -329,7 +329,7 @@ curl_multi_socket_all(CURLM *multi_handle, int *running_handles); /* This macro below was added in 7.16.3 to push users who recompile to use * the new curl_multi_socket_action() instead of the old curl_multi_socket() */ -#define curl_multi_socket(x,y,z) curl_multi_socket_action(x,y,0,z) +#define curl_multi_socket(x, y, z) curl_multi_socket_action(x, y, 0, z) #endif /* diff --git a/lib/curl_setup.h b/lib/curl_setup.h index caf9cab4ea..2a1f75d441 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -1234,7 +1234,7 @@ typedef unsigned int curl_bit; #elif defined(_WIN32) || defined(__CYGWIN__) #define CURL_BINMODE(stream) (void)_setmode(fileno(stream), CURL_O_BINARY) #else -#define CURL_BINMODE(stream) (void)stream +#define CURL_BINMODE(stream) (void)(stream) #endif /* In Windows the default file mode is text but an application can override it. diff --git a/lib/headers.h b/lib/headers.h index e031c5aa14..4e14509c09 100644 --- a/lib/headers.h +++ b/lib/headers.h @@ -54,9 +54,9 @@ CURLcode Curl_headers_push(struct Curl_easy *data, const char *header, CURLcode Curl_headers_cleanup(struct Curl_easy *data); #else -#define Curl_headers_init(x) CURLE_OK -#define Curl_headers_push(x,y,z,a) CURLE_OK -#define Curl_headers_cleanup(x) Curl_nop_stmt +#define Curl_headers_init(x) CURLE_OK +#define Curl_headers_push(x, y, z, a) CURLE_OK +#define Curl_headers_cleanup(x) Curl_nop_stmt #endif #endif /* HEADER_CURL_HEADER_H */ diff --git a/lib/mime.h b/lib/mime.h index 5ef05506a4..e84f04051b 100644 --- a/lib/mime.h +++ b/lib/mime.h @@ -167,7 +167,7 @@ CURLcode Curl_creader_set_mime(struct Curl_easy *data, curl_mimepart *part); #define Curl_mime_set_subparts(a, b, c) CURLE_NOT_BUILT_IN #define Curl_mime_prepare_headers(a, b, c, d, e) CURLE_NOT_BUILT_IN #define Curl_mime_read NULL -#define Curl_creader_set_mime(x, y) ((void)x, CURLE_NOT_BUILT_IN) +#define Curl_creader_set_mime(x, y) ((void)(x), CURLE_NOT_BUILT_IN) #endif #endif /* HEADER_CURL_MIME_H */ diff --git a/lib/rand.h b/lib/rand.h index 03c69a0df4..86765806f9 100644 --- a/lib/rand.h +++ b/lib/rand.h @@ -30,9 +30,9 @@ CURLcode Curl_rand_bytes(struct Curl_easy *data, unsigned char *rnd, size_t num); #ifdef DEBUGBUILD -#define Curl_rand(a, b, c) Curl_rand_bytes((a), TRUE, (b), (c)) +#define Curl_rand(a, b, c) Curl_rand_bytes(a, TRUE, b, c) #else -#define Curl_rand(a, b, c) Curl_rand_bytes((a), (b), (c)) +#define Curl_rand(a, b, c) Curl_rand_bytes(a, b, c) #endif /* diff --git a/lib/select.h b/lib/select.h index 68150451c4..4069f78b52 100644 --- a/lib/select.h +++ b/lib/select.h @@ -161,22 +161,22 @@ CURLcode Curl_pollset_set(struct Curl_easy *data, bool do_in, bool do_out) WARN_UNUSED_RESULT; #define Curl_pollset_add_in(data, ps, sock) \ - Curl_pollset_change((data), (ps), (sock), CURL_POLL_IN, 0) + Curl_pollset_change(data, ps, sock, CURL_POLL_IN, 0) #define Curl_pollset_remove_in(data, ps, sock) \ - Curl_pollset_change((data), (ps), (sock), 0, CURL_POLL_IN) + Curl_pollset_change(data, ps, sock, 0, CURL_POLL_IN) #define Curl_pollset_add_out(data, ps, sock) \ - Curl_pollset_change((data), (ps), (sock), CURL_POLL_OUT, 0) + Curl_pollset_change(data, ps, sock, CURL_POLL_OUT, 0) #define Curl_pollset_remove_out(data, ps, sock) \ - Curl_pollset_change((data), (ps), (sock), 0, CURL_POLL_OUT) + Curl_pollset_change(data, ps, sock, 0, CURL_POLL_OUT) #define Curl_pollset_add_inout(data, ps, sock) \ - Curl_pollset_change((data), (ps), (sock), \ - CURL_POLL_IN | CURL_POLL_OUT, 0) + Curl_pollset_change(data, ps, sock, \ + CURL_POLL_IN | CURL_POLL_OUT, 0) #define Curl_pollset_set_in_only(data, ps, sock) \ - Curl_pollset_change((data), (ps), (sock), \ - CURL_POLL_IN, CURL_POLL_OUT) + Curl_pollset_change(data, ps, sock, \ + CURL_POLL_IN, CURL_POLL_OUT) #define Curl_pollset_set_out_only(data, ps, sock) \ - Curl_pollset_change((data), (ps), (sock), \ - CURL_POLL_OUT, CURL_POLL_IN) + Curl_pollset_change(data, ps, sock, \ + CURL_POLL_OUT, CURL_POLL_IN) /* return < = on error, 0 on timeout or how many sockets are ready */ int Curl_pollset_poll(struct Curl_easy *data, diff --git a/lib/setup-os400.h b/lib/setup-os400.h index 9a174e7aa0..084cd9f62b 100644 --- a/lib/setup-os400.h +++ b/lib/setup-os400.h @@ -39,7 +39,7 @@ #include /* Be sure it is loaded. */ #undef puts -#define puts(s) (fputs((s), stdout) == EOF ? EOF : putchar('\n')) +#define puts(s) (fputs(s, stdout) == EOF ? EOF : putchar('\n')) /* System API wrapper prototypes & definitions to support ASCII parameters. */ diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index 3dff1f04fd..0850f5306d 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -257,7 +257,7 @@ extern struct Curl_cftype Curl_cft_ssl_proxy; #define Curl_ssl_set_engine_default(x) CURLE_NOT_BUILT_IN #define Curl_ssl_engines_list(x) NULL #define Curl_ssl_free_certinfo(x) Curl_nop_stmt -#define Curl_ssl_random(x, y, z) ((void)x, CURLE_NOT_BUILT_IN) +#define Curl_ssl_random(x, y, z) ((void)(x), CURLE_NOT_BUILT_IN) #define Curl_ssl_cert_status_request() FALSE #define Curl_ssl_supports(a, b) FALSE #define Curl_ssl_cfilter_add(a, b, c) CURLE_NOT_BUILT_IN From 3e198f75861cc2e12daf299689e145949dddd19b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 24 Feb 2026 13:42:13 +0100 Subject: [PATCH 22/88] build: fix building rare combinations - http/2 + !headers - gnutls + !verbose - ssls-export + !verbose Closes #20712 --- lib/headers.h | 3 ++- lib/vquic/curl_ngtcp2.c | 2 ++ lib/vtls/vtls_scache.c | 9 ++++++--- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/lib/headers.h b/lib/headers.h index 4e14509c09..85905e5141 100644 --- a/lib/headers.h +++ b/lib/headers.h @@ -55,7 +55,8 @@ CURLcode Curl_headers_cleanup(struct Curl_easy *data); #else #define Curl_headers_init(x) CURLE_OK -#define Curl_headers_push(x, y, z, a) CURLE_OK +#define Curl_headers_push(x, y, z, a) \ + ((void)(x), (void)(y), (void)(z), (void)(a), CURLE_OK) #define Curl_headers_cleanup(x) Curl_nop_stmt #endif diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c index ac8e4f35c9..54e1e37fd1 100644 --- a/lib/vquic/curl_ngtcp2.c +++ b/lib/vquic/curl_ngtcp2.c @@ -2341,6 +2341,7 @@ static int quic_ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid) #ifdef USE_GNUTLS +#ifdef CURLVERBOSE static const char *gtls_hs_msg_name(int mtype) { switch(mtype) { @@ -2367,6 +2368,7 @@ static const char *gtls_hs_msg_name(int mtype) } return "Unknown"; } +#endif static int quic_gtls_handshake_cb(gnutls_session_t session, unsigned int htype, unsigned when, unsigned int incoming, diff --git a/lib/vtls/vtls_scache.c b/lib/vtls/vtls_scache.c index 1bc0b4fba9..9b7bc84197 100644 --- a/lib/vtls/vtls_scache.c +++ b/lib/vtls/vtls_scache.c @@ -1148,9 +1148,12 @@ CURLcode Curl_ssl_session_export(struct Curl_easy *data, struct Curl_ssl_scache_peer *peer; struct dynbuf sbuf, hbuf; struct Curl_llist_node *n; - size_t i, npeers = 0, ntickets = 0; + size_t i; curl_off_t now = time(NULL); CURLcode r = CURLE_OK; +#ifdef CURLVERBOSE + size_t npeers = 0, ntickets = 0; +#endif if(!export_fn) return CURLE_BAD_FUNCTION_ARGUMENT; @@ -1173,7 +1176,7 @@ CURLcode Curl_ssl_session_export(struct Curl_easy *data, cf_scache_peer_remove_expired(peer, now); n = Curl_llist_head(&peer->sessions); if(n) - ++npeers; + VERBOSE(++npeers); while(n) { struct Curl_ssl_session *s = Curl_node_elem(n); if(!peer->hmac_set) { @@ -1201,7 +1204,7 @@ CURLcode Curl_ssl_session_export(struct Curl_easy *data, s->alpn, s->earlydata_max); if(r) goto out; - ++ntickets; + VERBOSE(++ntickets); n = Curl_node_next(n); } } From a4ce687af2cca02c0add0d89d9a709919f256392 Mon Sep 17 00:00:00 2001 From: Hamza Bensliman Date: Tue, 24 Feb 2026 07:09:07 +0000 Subject: [PATCH 23/88] docs: add reproducible example for generating man page Fixes #20699 Reported-by: sammydono on github Closes #20703 --- docs/cmdline-opts/MANPAGE.md | 48 ++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/docs/cmdline-opts/MANPAGE.md b/docs/cmdline-opts/MANPAGE.md index 3e2e7151f6..e768e9c46e 100644 --- a/docs/cmdline-opts/MANPAGE.md +++ b/docs/cmdline-opts/MANPAGE.md @@ -101,6 +101,17 @@ There are three different "variables" that can be used when creating the output. They need to be written within backticks in the source file (to escape getting spellchecked by CI jobs): `%DATE`, `%VERSION` and `%GLOBALS`. +During rendering, the generator expands them as follows: + +- `%VERSION` -- replaced with the curl version string read from + `include/curl/curlver.h` (e.g. `8.12.0`). Can be overridden by setting + the `CURL_MAKETGZ_VERSION` environment variable. +- `%DATE` -- replaced with the current date in `YYYY-MM-DD` format, or + the date derived from `SOURCE_DATE_EPOCH` if that environment variable + is set (for reproducible builds). +- `%GLOBALS` -- replaced with a comma-separated list of all command line + options that have `Scope: global` in their meta-data. + ## Generate `managen mainpage [list of markdown option file names]` @@ -116,3 +127,40 @@ curl man page in text format, used to build `tool_hugehelp.c`. `managen listhelp` Generates a full `curl --help` output for all known command line options. + +## Generating the man page + +The `curl.1` man page is generated from the source files in this directory +using the `managen` Perl script located in `scripts/managen`. The build +system runs this automatically, but it can also be invoked manually. + +### Prerequisites + +The generator requires Perl. The version string is read from +`include/curl/curlver.h` (or from the `CURL_MAKETGZ_VERSION` environment +variable if set). The date defaults to the current date unless +`SOURCE_DATE_EPOCH` is set. + +### Manual invocation + +From the `docs/cmdline-opts` directory, run: + + cd docs/cmdline-opts + perl ../../scripts/managen -I ../../include mainpage ./*.md > curl.1 + +This produces the complete `curl.1` nroff man page. To produce a plain-text +version instead, replace `mainpage` with `ascii`: + + perl ../../scripts/managen -I ../../include ascii ./*.md > curl.txt + +The `-d` flag specifies the directory containing `mainpage.idx` and the +`.md` option files. The `-I` flag specifies the include directory root +used to locate `curl/curlver.h` for the version string. + +### How it works + +The generator reads `mainpage.idx`, which lists the documentation source +files in their intended order. Each line names one `.md` file to render. +When the generator encounters the `%options` keyword in `mainpage.idx`, +it inserts the documentation for every command line option (one `.md` file +per option), sorted alphabetically by long option name. From baf32a5cf402b4d9dfcbbce72de63e364032a5bd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 25 Feb 2026 02:08:09 +0100 Subject: [PATCH 24/88] build: enable `-Wjump-misses-init` for clang 21+ Refs: https://github.com/llvm/llvm-project/commit/543f112e148a81de290d099f10784dc3ff698aa4 https://github.com/llvm/llvm-project/commit/43c05d97389d479f78ca18b5d7957f51cb4022fd Follow-up to db4d617c1cfbe74e010183a3595642434f55ea00 #16252 Closes #20716 --- CMake/PickyWarnings.cmake | 3 ++- m4/curl-compilers.m4 | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CMake/PickyWarnings.cmake b/CMake/PickyWarnings.cmake index 1650af3ea4..9e144ed7f3 100644 --- a/CMake/PickyWarnings.cmake +++ b/CMake/PickyWarnings.cmake @@ -255,6 +255,7 @@ if(PICKY_COMPILER) list(APPEND _picky_enable -Warray-compare # clang 20.1 gcc 12.0 appleclang ? -Wc++-hidden-decl # clang 21.1 appleclang ? + -Wjump-misses-init # clang 21.1 gcc 4.5 appleclang ? -Wno-implicit-void-ptr-cast # clang 21.1 appleclang ? -Wtentative-definition-compat # clang 21.1 appleclang ? ) @@ -283,7 +284,7 @@ if(PICKY_COMPILER) endif() if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 4.5) list(APPEND _picky_enable - -Wjump-misses-init # gcc 4.5 + -Wjump-misses-init # clang 21.1 gcc 4.5 appleclang ? ) if(MINGW) list(APPEND _picky_enable diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4 index 12309e1525..9c981faa88 100644 --- a/m4/curl-compilers.m4 +++ b/m4/curl-compilers.m4 @@ -951,6 +951,7 @@ AC_DEFUN([CURL_SET_COMPILER_WARNING_OPTS], [ dnl clang 21 or later if test "$compiler_num" -ge "2101"; then CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [c++-hidden-decl]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [jump-misses-init]) tmp_CFLAGS="$tmp_CFLAGS -Wno-implicit-void-ptr-cast" CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [tentative-definition-compat]) if test "$curl_cv_native_windows" = "yes"; then From 92eddc1fae5619464ba76fcc2ccbef37ef461373 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 25 Feb 2026 02:10:29 +0100 Subject: [PATCH 25/88] build: map Apple clang 26.4+ to llvm/clang 21.1 Ref: https://en.wikipedia.org/wiki/Xcode#Xcode_26.0_(since_version_number_change)_2 Closes #20717 --- CMake/PickyWarnings.cmake | 21 +++++++++++---------- m4/curl-compilers.m4 | 3 ++- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/CMake/PickyWarnings.cmake b/CMake/PickyWarnings.cmake index 9e144ed7f3..b3fdad46d5 100644 --- a/CMake/PickyWarnings.cmake +++ b/CMake/PickyWarnings.cmake @@ -251,21 +251,22 @@ if(PICKY_COMPILER) -Wno-format-signedness # clang 19.1 gcc 5.1 appleclang 17.0 # In clang-cl enums are signed ints by default ) endif() - if(CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 21.1) + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 21.1) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 26.4)) list(APPEND _picky_enable - -Warray-compare # clang 20.1 gcc 12.0 appleclang ? - -Wc++-hidden-decl # clang 21.1 appleclang ? - -Wjump-misses-init # clang 21.1 gcc 4.5 appleclang ? - -Wno-implicit-void-ptr-cast # clang 21.1 appleclang ? - -Wtentative-definition-compat # clang 21.1 appleclang ? + -Warray-compare # clang 20.1 gcc 12.0 appleclang 26.4 + -Wc++-hidden-decl # clang 21.1 appleclang 26.4 + -Wjump-misses-init # clang 21.1 gcc 4.5 appleclang 26.4 + -Wno-implicit-void-ptr-cast # clang 21.1 appleclang 26.4 + -Wtentative-definition-compat # clang 21.1 appleclang 26.4 ) if(WIN32) list(APPEND _picky_enable - -Wno-c++-keyword # clang 21.1 appleclang ? # `wchar_t` triggers it on Windows + -Wno-c++-keyword # clang 21.1 appleclang 26.4 # `wchar_t` triggers it on Windows ) else() list(APPEND _picky_enable - -Wc++-keyword # clang 21.1 appleclang ? + -Wc++-keyword # clang 21.1 appleclang 26.4 ) endif() endif() @@ -284,7 +285,7 @@ if(PICKY_COMPILER) endif() if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 4.5) list(APPEND _picky_enable - -Wjump-misses-init # clang 21.1 gcc 4.5 appleclang ? + -Wjump-misses-init # clang 21.1 gcc 4.5 appleclang 26.4 ) if(MINGW) list(APPEND _picky_enable @@ -332,7 +333,7 @@ if(PICKY_COMPILER) endif() if(CMAKE_C_COMPILER_VERSION VERSION_GREATER_EQUAL 13.0) list(APPEND _picky_enable - -Warray-compare # clang 20.0 gcc 12.0 appleclang ? + -Warray-compare # clang 20.1 gcc 12.0 appleclang 26.4 -Wenum-int-mismatch # gcc 13.0 -Wxor-used-as-pow # clang 10.0 gcc 13.0 appleclang 12.0 ) diff --git a/m4/curl-compilers.m4 b/m4/curl-compilers.m4 index 9c981faa88..bb991b47e6 100644 --- a/m4/curl-compilers.m4 +++ b/m4/curl-compilers.m4 @@ -120,7 +120,8 @@ AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [ compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null` if test "$appleclang" = "1" && test "$oldapple" = "0"; then dnl Starting with Xcode 7 / clang 3.7, Apple clang does not tell its upstream version - if test "$compiler_num" -ge '1700'; then compiler_num='1901' + if test "$compiler_num" -ge '2604'; then compiler_num='2101' + elif test "$compiler_num" -ge '1700'; then compiler_num='1901' elif test "$compiler_num" -ge '1600'; then compiler_num='1700' elif test "$compiler_num" -ge '1500'; then compiler_num='1600' elif test "$compiler_num" -ge '1400'; then compiler_num='1400' From 86772a76c71cfac8646c256bc3831a6fdbf2e02c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 25 Feb 2026 14:13:54 +0100 Subject: [PATCH 26/88] RELEASE-NOTES: synced --- RELEASE-NOTES | 69 +++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 56 insertions(+), 13 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 500ec1d0b7..81314483b1 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.19.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3601 + Contributors: 3607 This release includes the following changes: @@ -21,12 +21,14 @@ This release includes the following bugfixes: o altsvc: only accept 17 byte dates from files [22] o asyn-ares: abort with OOM error when Curl_dnscache_mk_entry fails [107] + o build: adjust minimum version for some clang picky warnings [211] o build: check `MSG_NOSIGNAL` directly, drop detection and interim macro [26] o build: constify `memchr()`/`strchr()`/etc result variables (cont.) [85] o build: detect and include `inttypes.h` again [13] o build: drop duplicate C includes [54] o build: drop global suppression of `-Wformat-nonliteral`, fix fallouts [19] o build: fix `-Wunused-macros` warnings, and related tidy-ups [176] + o build: fix building rare combinations [109] o build: fully omit verbose strings and code when disabled [113] o build: globally suppress DJGPP warnings in `FD_SET()` [56] o build: merge TrackMemory (`CURLDEBUG`) into debug-enabled option [46] @@ -38,12 +40,16 @@ This release includes the following bugfixes: o checksrc-all.pl: skip non-repository files [144] o checksrc: do not apply `BANNEDFUNC` to struct member functions [35] o checksrc: warn for leading spaces before the preprocessor hash [72] + o clang-tidy: check `bugprone-macro-parentheses`, fix fallouts [212] + o clang-tidy: drop redundant conditions reported by `misc-redundant-expression` [217] o cmake/FindMbedTLS: add workaround for missing static MSVC `mbedcrypto.lib` 4.0.0 [174] o cmake: add `CURL_DROP_UNUSED` option to reduce binary sizes [105] + o cmake: always build curlu and curltool test libs in unity mode [190] o cmake: always define `CURL::win32_winsock` on Windows in `curl-config.cmake` [104] o cmake: enable binutils ld workaround for all toolchains at build-time [57] o cmake: fix logic for openssl/zlib binutils ld workaround [71] o cmake: normalize uppercase hex winver (for display) [191] + o cmake: omit `curl.rc` from curltool lib [209] o cmake: reference OpenSSL and ZLIB imported targets only when enabled [41] o cmake: silence silly Apple clang warnings in C89 mode, test in CI [14] o cmake: silence useless compiler warnings triggered by the FASTBuild generator [43] @@ -70,16 +76,20 @@ This release includes the following bugfixes: o docs/INSTALL: update configure details [45] o docs/libcurl: unify WARNING use [89] o docs: add LibreELEC to DISTROS.md + o docs: add reproducible example for generating man page [95] o docs: clarify --ipv4 and --ipv6 [149] o docs: document the need for a 64-bit type and stdint.h [118] o docs: explicitly call out Slowloris as not a security flaw [6] o docs: fix grammar nitpicks [128] o docs: reword explanation of --variable option [150] + o docs: use dot instead of comma at end of sentences [168] o easy: reset errorbuf on eyeballing success [179] + o easy: reset pausing when resetting request [218] o examples/usercertinmem: use modern OpenSSL API, drop mentions of RSA [188] o examples: omit forward declarations, apply misc fixes [60] o fopen.h: simplify curl memory macro mappings [160] o ftp: replace a `curlx_free()` with `curlx_dyn_free()` [86] + o ftp: split ftp_state_use_port into sub functions [172] o GOVERNANCE.md: Post-Daniel BDFL [31] o gss: exclude verbose error logic from non-verbose builds [122] o h2+h3: align stream close handling [131] @@ -113,8 +123,10 @@ This release includes the following bugfixes: o libtests: drop two redundant `memset()`s [110] o Makefile.am: delete RPM targets referencing non-existent files [9] o Makefile.am: drop stray VC project files from dist [5] + o managen: silence Perl warnings [141] o mbedtls: no pinnedpubkey wo MBEDTLS_SSL_KEEP_PEER_CERTIFICATE [29] o mbedtls: remove newline from failf() call [25] + o mbedtls: split mbed_connect_step1 into sub functions [166] o md4, md5: drop redundant forward declarations [64] o md4, md5: replace custom types with `uint32_t` [111] o memdebug: include `backtrace.h` as system header [148] @@ -136,17 +148,23 @@ This release includes the following bugfixes: o openldap: avoid forward declarations in ldaps code [62] o OpenSSL: check reuse of sessions for verify status [142] o openssl: disable local keylog feature if built-in upstream [178] + o openssl: fix compiler warning with OpenSSL master [193] + o openssl: fix potential NULL dereference when loading certs (Windows) [165] + o openssl: fix potential OOB read in debug/verbose logging [216] o plan9: drop special build and orphaned references [33] o pytest: remove 03_02 [127] o ratelimit: download finetune [16] + o request.h: rename parameter 'buf' to 'req' in Curl_req_send [219] o REUSE: drop broken reference to `MAIL-ETIQUETTE` [59] o rtspd: fix to check `realloc()` result [173] o runtests: pass config filename to stunnel in native format (Windows) [94] o schannel: refactor: reduce variable scopes, fix comment, fix indent [196] o send: drop `CURL_UNCONST()` from buffer argument on most platforms [116] o setopt: fix checking range for CURLOPT_MAXCONNECTS [92] + o setopt: refuse blobs with zero length [167] o setup-os400.h: drop no longer used custom type `u_int32_t` [112] o sigpipe: unset SA_SIGINFO since it is using sa_handler [40] + o silent.md: also mention it shuts off warning messages [213] o smb: include arpa/inet.h for NonStop [195] o socket: check result of SO_NOSIGPIPE [124] o socketpair: set SO_NOSIGPIPE where possible [103] @@ -162,6 +180,7 @@ This release includes the following bugfixes: o tls: add new SSLSUPP flags for several options [32] o tls: remove checks for DEFAULT [136] o tool: enable header separation for HTTPS proxies [106] + o tool: improve config error messaging [208] o tool: improve error/warning messages when output filename sanitization fails [36] o tool: rename curl handle and result variable in `--libcurl`-generated code [146] o tool: return code variable consistency [84] @@ -174,6 +193,7 @@ This release includes the following bugfixes: o tool_getparam: avoid `-Wcomma` with Apple clang in C89 mode [38] o tool_operate: remove 'else' for VMS [3] o typos: silence false positives found in C code [164] + o URL-SYNTAX.md: fix port number mistakes for IMAP and LDAP [200] o url.c: code/comment cleanup around conn creation [132] o url.h: fix `-Wdocumentation` [61] o url: fix reuse of connections using HTTP Negotiate [100] @@ -205,26 +225,29 @@ Planned upcoming removals include: o RTMP support o Support for c-ares versions before 1.16.0 o Support for Windows XP/2003 + o TLS-SRP support See https://curl.se/dev/deprecate.html This release would not have looked like this without help, code, reports and advice from friends like these: - Andrew Kvalheim, Anna Liberty, Arnav Purushotam, Arnav-Purushotam-CUBoulder, - Billy O'Neal, calm329, Christian Schmitz, Christian Schmitza, - cooldadpresident on github, Dag Haavi Finstad, Dan Fandrich, - Daniel Gustafsson, Daniel Lublin, Daniel Stenberg, Daniil Gentili, dEajL3kA, - dependabot[bot], Frank Buss, gudyuu on hackerone, Itay Bookstein, - Jacek Migacz, James Fuller, Jan Macku, jhauga, Joshua Vandaële, Juan Belon, - Kai Pastor, Maksim Ściepanienka, Marcel Raad, Megamouse on github, - Michał Antoniak, nono303 on github, Nuno Goncalves, Patrick Monnerat, - Paul Howarth, programmerlexi on github, Randall S. Becker, Ray Satiro, - renovate[bot], Rudi Heitbaum, Sascha Frinken, Spenser Black, Stefan Eissing, - tawmoto on github, Tenant HellTower, Thibault de Villèle, + aisle-research-bot, Andrew Kvalheim, Anna Liberty, Arnav Purushotam, + Arnav-Purushotam-CUBoulder, Augment code, Billy O'Neal, calm329, + Christian Schmitz, Christian Schmitza, cooldadpresident on github, + Dag Haavi Finstad, dahmono on github, Dan Fandrich, Daniel Gustafsson, + Daniel Lublin, Daniel Stenberg, Daniil Gentili, dEajL3kA, dependabot[bot], + Diogo Correia, Frank Buss, gudyuu on hackerone, Hamza Bensliman, + Itay Bookstein, Jacek Migacz, James Fuller, Jan Macku, jhauga, + Joshua Vandaële, Juan Belon, Kai Pastor, Maksim Ściepanienka, Marcel Raad, + Megamouse on github, Michał Antoniak, Natris on github, nono303 on github, + Nuno Goncalves, Patrick Monnerat, Paul Howarth, programmerlexi on github, + Randall S. Becker, Ray Satiro, renovate[bot], Rudi Heitbaum, + sammydono on github, Samuel Henrique, Sascha Frinken, Spenser Black, + Stefan Eissing, tawmoto on github, Tenant HellTower, Thibault de Villèle, Tim Friedrich Brüggemann, Tomáš Malý, tommy, Viktor Szakats, Wyuer on github, z2_, Zhicheng Chen, Йоте - (54 contributors) + (62 contributors) References to bug reports and discussions on issues: @@ -322,6 +345,7 @@ References to bug reports and discussions on issues: [92] = https://curl.se/bug/?i=20414 [93] = https://curl.se/bug/?i=20542 [94] = https://curl.se/bug/?i=20413 + [95] = https://curl.se/bug/?i=20699 [96] = https://curl.se/bug/?i=20386 [97] = https://curl.se/mail/lib-2026-01/0033.html [98] = https://curl.se/bug/?i=20475 @@ -335,6 +359,7 @@ References to bug reports and discussions on issues: [106] = https://curl.se/bug/?i=20398 [107] = https://curl.se/bug/?i=20385 [108] = https://curl.se/bug/?i=20387 + [109] = https://curl.se/bug/?i=20712 [110] = https://curl.se/bug/?i=20649 [111] = https://curl.se/bug/?i=20469 [112] = https://curl.se/bug/?i=20470 @@ -365,6 +390,7 @@ References to bug reports and discussions on issues: [138] = https://curl.se/bug/?i=20527 [139] = https://curl.se/bug/?i=20452 [140] = https://curl.se/bug/?i=20526 + [141] = https://curl.se/bug/?i=20707 [142] = https://curl.se/bug/?i=20435 [143] = https://curl.se/bug/?i=20444 [144] = https://curl.se/bug/?i=20439 @@ -385,6 +411,11 @@ References to bug reports and discussions on issues: [162] = https://curl.se/bug/?i=20497 [163] = https://curl.se/bug/?i=20499 [164] = https://curl.se/bug/?i=20500 + [165] = https://curl.se/bug/?i=20634 + [166] = https://curl.se/bug/?i=20689 + [167] = https://curl.se/bug/?i=20705 + [168] = https://curl.se/bug/?i=20700 + [172] = https://curl.se/bug/?i=20685 [173] = https://curl.se/bug/?i=20621 [174] = https://curl.se/bug/?i=20616 [176] = https://curl.se/bug/?i=20593 @@ -397,11 +428,23 @@ References to bug reports and discussions on issues: [185] = https://curl.se/bug/?i=20601 [188] = https://curl.se/bug/?i=20595 [189] = https://curl.se/bug/?i=20587 + [190] = https://curl.se/bug/?i=20677 [191] = https://curl.se/bug/?i=20586 [192] = https://curl.se/bug/?i=20582 + [193] = https://curl.se/bug/?i=20681 [194] = https://curl.se/bug/?i=20568 [195] = https://curl.se/bug/?i=20579 [196] = https://curl.se/bug/?i=20569 [197] = https://curl.se/bug/?i=20573 [198] = https://curl.se/bug/?i=20577 + [200] = https://curl.se/bug/?i=20679 [203] = https://curl.se/bug/?i=20567 + [208] = https://curl.se/bug/?i=20598 + [209] = https://curl.se/bug/?i=20671 + [211] = https://curl.se/bug/?i=20665 + [212] = https://curl.se/bug/?i=20647 + [213] = https://curl.se/bug/?i=20664 + [216] = https://curl.se/bug/?i=20654 + [217] = https://curl.se/bug/?i=20644 + [218] = https://curl.se/bug/?i=20641 + [219] = https://curl.se/bug/?i=20660 From ac46392f441410e6ac9770b53106e9289dbff711 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 18 Feb 2026 17:39:23 +0100 Subject: [PATCH 27/88] clang-tidy: enable `bugprone-signed-char-misuse`, fix fallouts Examples: ``` lib/vtls/openssl.c:2585:18: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse] 2585 | msg_type = *(const char *)buf; lib/vtls/openssl.c:2593:18: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse] 2593 | msg_type = *(const char *)buf; tests/server/mqttd.c:514:10: warning: comparison between 'signed char' and 'unsigned char' [bugprone-signed-char-misuse] 514 | if(passwd_flag == (char)(conn_flags & passwd_flag)) { tests/server/tftpd.c:362:13: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse] 362 | c = test->rptr[0]; tests/server/tftpd.c:454:9: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse] 454 | c = *p++; /* pick up a character */ src/tool_urlglob.c:272:46: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse] 272 | pat->c.ascii.letter = pat->c.ascii.min = min_c; src/tool_urlglob.c:273:24: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse] 273 | pat->c.ascii.max = max_c; tests/libtest/cli_h2_pausing.c:164:23: warning: suspicious usage of 'sizeof()' on an expression of pointer type [bugprone-sizeof-expression] 164 | memset(&resolve, 0, sizeof(resolve)); tests/libtest/cli_upload_pausing.c:158:23: warning: suspicious usage of 'sizeof()' on an expression of pointer type [bugprone-sizeof-expression] 158 | memset(&resolve, 0, sizeof(resolve)); tests/libtest/first.c:86:15: warning: 'signed char' to 'int' conversion; consider casting to 'unsigned char' first. [bugprone-signed-char-misuse] 86 | coptopt = arg[optpos]; ``` Also: - tests/server/mqttd: drop a redundant and a wrongly signed cast. Ref: https://clang.llvm.org/extra/clang-tidy/checks/bugprone/signed-char-misuse.html Closes #20654 --- .clang-tidy.yml | 1 + lib/curlx/inet_pton.c | 4 ++-- lib/mime.c | 2 +- lib/vtls/openssl.c | 8 +++++--- src/tool_urlglob.c | 4 ++-- tests/libtest/first.c | 2 +- tests/server/mqttd.c | 4 ++-- tests/server/tftpd.c | 4 ++-- 8 files changed, 16 insertions(+), 13 deletions(-) diff --git a/.clang-tidy.yml b/.clang-tidy.yml index 9ccbbf83d9..17f7a93041 100644 --- a/.clang-tidy.yml +++ b/.clang-tidy.yml @@ -13,6 +13,7 @@ Checks: - -clang-diagnostic-nullability-extension - bugprone-macro-parentheses - bugprone-redundant-branch-condition + - bugprone-signed-char-misuse - bugprone-suspicious-realloc-usage - misc-const-correctness - misc-header-include-cycle diff --git a/lib/curlx/inet_pton.c b/lib/curlx/inet_pton.c index ce324e6d88..d3c53fb579 100644 --- a/lib/curlx/inet_pton.c +++ b/lib/curlx/inet_pton.c @@ -70,7 +70,7 @@ static int inet_pton4(const char *src, unsigned char *dst) octets = 0; tp = tmp; *tp = 0; - while((ch = *src++) != '\0') { + while((ch = (unsigned char)*src++) != '\0') { if(ISDIGIT(ch)) { unsigned int val = (*tp * 10) + (ch - '0'); @@ -129,7 +129,7 @@ static int inet_pton6(const char *src, unsigned char *dst) curtok = src; saw_xdigit = 0; val = 0; - while((ch = *src++) != '\0') { + while((ch = (unsigned char)*src++) != '\0') { if(ISXDIGIT(ch)) { val <<= 4; val |= curlx_hexval(ch); diff --git a/lib/mime.c b/lib/mime.c index 05b24435d4..51c0fcf28a 100644 --- a/lib/mime.c +++ b/lib/mime.c @@ -464,7 +464,7 @@ static size_t encoder_qp_read(char *buffer, size_t size, bool ateof, while(st->bufbeg < st->bufend) { size_t len = 1; size_t consumed = 1; - int i = st->buf[st->bufbeg]; + int i = (unsigned char)st->buf[st->bufbeg]; buf[0] = (char)i; buf[1] = aschex[(i >> 4) & 0xF]; buf[2] = aschex[i & 0xF]; diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 04db896473..014aadd17d 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -2592,18 +2592,20 @@ static void ossl_trace(int direction, int ssl_ver, int content_type, if(content_type == SSL3_RT_CHANGE_CIPHER_SPEC) { if(len) { - msg_type = *(const char *)buf; + msg_type = *(const unsigned char *)buf; msg_name = "Change cipher spec"; } } else if(content_type == SSL3_RT_ALERT) { if(len >= 2) { - msg_type = (((const char *)buf)[0] << 8) + ((const char *)buf)[1]; + msg_type = + (((const unsigned char *)buf)[0] << 8) + + ((const unsigned char *)buf)[1]; msg_name = SSL_alert_desc_string_long(msg_type); } } else if(len) { - msg_type = *(const char *)buf; + msg_type = *(const unsigned char *)buf; msg_name = ssl_msg_type(ssl_ver, msg_type); } diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c index b8144c8673..f9389b48e5 100644 --- a/src/tool_urlglob.c +++ b/src/tool_urlglob.c @@ -269,8 +269,8 @@ static CURLcode glob_range(struct URLGlob *glob, const char **patternp, /* if there was a ":[num]" thing, use that as step or else use 1 */ pat->c.ascii.step = step; - pat->c.ascii.letter = pat->c.ascii.min = min_c; - pat->c.ascii.max = max_c; + pat->c.ascii.letter = pat->c.ascii.min = (unsigned char)min_c; + pat->c.ascii.max = (unsigned char)max_c; if(multiply(amount, (((pat->c.ascii.max - pat->c.ascii.min) / pat->c.ascii.step) + 1))) diff --git a/tests/libtest/first.c b/tests/libtest/first.c index 16be8ef9e6..9a82b7ee6e 100644 --- a/tests/libtest/first.c +++ b/tests/libtest/first.c @@ -83,7 +83,7 @@ int cgetopt(int argc, const char * const argv[], const char *optstring) } else { const char *opt = strchr(optstring, arg[optpos]); - coptopt = arg[optpos]; + coptopt = (unsigned char)arg[optpos]; if(!opt) { if(!arg[++optpos]) { coptind++; diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c index 05e58d28bb..c2bff9b751 100644 --- a/tests/server/mqttd.c +++ b/tests/server/mqttd.c @@ -503,7 +503,7 @@ static curl_socket_t mqttit(curl_socket_t fd) conn_flags = buffer[7]; start_usr = client_id_offset + payload_len; - if(usr_flag == (unsigned char)(conn_flags & usr_flag)) { + if(usr_flag == (conn_flags & usr_flag)) { logmsg("User flag is present in CONN flag"); payload_len += (size_t)(buffer[start_usr] << 8) | buffer[start_usr + 1]; @@ -511,7 +511,7 @@ static curl_socket_t mqttit(curl_socket_t fd) } start_passwd = client_id_offset + payload_len; - if(passwd_flag == (char)(conn_flags & passwd_flag)) { + if(passwd_flag == (conn_flags & passwd_flag)) { logmsg("Password flag is present in CONN flags"); payload_len += (size_t)(buffer[start_passwd] << 8) | buffer[start_passwd + 1]; diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c index 1bf6433e4b..c99fc05a96 100644 --- a/tests/server/tftpd.c +++ b/tests/server/tftpd.c @@ -359,7 +359,7 @@ static void read_ahead(struct testcase *test, } else { if(test->rcount) { - c = test->rptr[0]; + c = (unsigned char)test->rptr[0]; test->rptr++; test->rcount--; } @@ -451,7 +451,7 @@ static ssize_t write_behind(struct testcase *test, int convert) p = writebuf; ct = count; while(ct--) { /* loop over the buffer */ - c = *p++; /* pick up a character */ + c = (unsigned char)*p++; /* pick up a character */ if(prevchar == '\r') { /* if prev char was cr */ if(c == '\n') /* if have cr,lf then just */ curl_lseek(test->ofile, -1, SEEK_CUR); /* smash lf on top of the cr */ From af78b199b2fb291470c4cd3c478e19cc5d4cd753 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 13 Feb 2026 01:47:10 +0100 Subject: [PATCH 28/88] tidy-up: miscellaneous - vms/curlmsg_vms.h: delete unused/commented code. - vtls/schannel_verify: sort includes. - typecheck-gcc.h: fix indent and alignment. - lib/config-win32.h: drop idle `#undef`. - spacecheck: check for stray empty lines before after curly braces. - make literals more readable: 1048576 -> 1024 * 1024 - scope variables. - use ISO date in a comment. - drop redundant parentheses. - drop empty comments. - unfold lines. - duplicate/stray spaces in comments. - fix indent, whitespace, minor typos. Closes #20690 --- CMake/CurlTests.c | 4 +- CMakeLists.txt | 3 +- docs/DEPRECATE.md | 2 +- docs/examples/chkspeed.c | 2 +- docs/examples/externalsocket.c | 4 +- docs/examples/getinmemory.c | 2 +- docs/examples/htmltidy.c | 2 +- docs/examples/http2-pushinmemory.c | 2 +- docs/examples/imap-search.c | 2 +- docs/examples/maxconnects.c | 2 +- docs/examples/postinmemory.c | 2 +- docs/examples/sepheaders.c | 2 +- docs/examples/smtp-expn.c | 2 +- docs/examples/smtp-vrfy.c | 2 +- docs/examples/url2file.c | 2 +- docs/examples/version-check.pl | 1 - docs/libcurl/curl_mime_data.md | 2 +- docs/libcurl/opts/CURLOPT_PROGRESSDATA.md | 2 +- docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.md | 2 +- docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.md | 2 +- docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.md | 2 +- docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.md | 2 +- docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md | 2 +- docs/libcurl/opts/CURLOPT_XFERINFODATA.md | 2 +- docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.md | 2 +- docs/libcurl/symbols.pl | 1 - include/curl/curl.h | 11 +- include/curl/header.h | 2 +- include/curl/system.h | 12 +- include/curl/typecheck-gcc.h | 468 +++++++++--------- lib/altsvc.c | 1 - lib/asyn-ares.c | 8 +- lib/cfilters.h | 4 +- lib/config-win32.h | 1 - lib/connect.c | 2 +- lib/curl_addrinfo.c | 8 +- lib/curl_config-cmake.h.in | 8 +- lib/curl_printf.h | 4 +- lib/curl_sasl.h | 4 +- lib/curlx/timeval.c | 1 - lib/escape.h | 2 +- lib/fake_addrinfo.c | 8 +- lib/ftp.c | 4 +- lib/http.c | 18 +- lib/http2.c | 4 +- lib/http_aws_sigv4.c | 1 - lib/imap.c | 3 +- lib/mprintf.c | 38 +- lib/mqtt.c | 4 - lib/netrc.c | 2 +- lib/openldap.c | 1 - lib/select.h | 9 +- lib/sendf.h | 2 +- lib/setup-vms.h | 9 +- lib/sha256.c | 4 +- lib/smb.c | 2 +- lib/smtp.c | 4 +- lib/socks.c | 1 - lib/socks_sspi.c | 2 +- lib/system_win32.c | 2 +- lib/url.c | 3 +- lib/urldata.h | 12 +- lib/vssh/libssh.c | 2 +- lib/vssh/libssh2.c | 2 +- lib/vtls/openssl.c | 2 +- lib/vtls/schannel.c | 10 +- lib/vtls/schannel_verify.c | 15 +- lib/vtls/vtls.h | 2 +- lib/vtls/wolfssl.c | 1 - projects/vms/curlmsg_vms.h | 14 - scripts/checksrc.pl | 1 - scripts/managen | 1 - scripts/spacecheck.pl | 20 + scripts/top-complexity | 1 - src/tool_doswin.c | 8 +- src/tool_getparam.c | 14 +- src/tool_parsecfg.c | 3 +- src/tool_urlglob.c | 6 +- src/tool_vms.c | 2 +- tests/libtest/lib2405.c | 2 +- tests/libtest/mk-lib1521.pl | 18 +- tests/libtest/test613.pl | 2 +- tests/memanalyzer.pm | 2 - tests/runtests.pl | 2 - tests/server/socksd.c | 1 - tests/servers.pm | 2 +- tests/test1139.pl | 1 - tests/unit/unit1664.c | 6 +- tests/unit/unit2600.c | 8 +- 89 files changed, 424 insertions(+), 448 deletions(-) diff --git a/CMake/CurlTests.c b/CMake/CurlTests.c index a06c7701f5..425fb4bb78 100644 --- a/CMake/CurlTests.c +++ b/CMake/CurlTests.c @@ -27,7 +27,7 @@ #include #include #include -/* */ + #if defined(sun) || defined(__sun__) || \ defined(__SUNPRO_C) || defined(__SUNPRO_CC) # if defined(__SVR4) || defined(__srv4__) @@ -39,7 +39,7 @@ #if (defined(_AIX) || defined(__xlC__)) && !defined(_AIX41) # define PLATFORM_AIX_V3 #endif -/* */ + #if defined(PLATFORM_SUNOS4) || defined(PLATFORM_AIX_V3) #error "O_NONBLOCK does not work on this platform" #endif diff --git a/CMakeLists.txt b/CMakeLists.txt index cb294a8036..b13ba6248c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2335,8 +2335,7 @@ if(NOT CURL_DISABLE_INSTALL) FILES_MATCHING PATTERN "*.h") include(CMakePackageConfigHelpers) - write_basic_package_version_file( - "${_version_config}" + write_basic_package_version_file("${_version_config}" VERSION ${_curl_version} COMPATIBILITY SameMajorVersion) file(READ "${_version_config}" _generated_version_config) diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md index 79569f86f3..a040842baf 100644 --- a/docs/DEPRECATE.md +++ b/docs/DEPRECATE.md @@ -34,7 +34,7 @@ We remove support for CMake <3.18 in April 2026. CMake 3.18 was released on 2020-07-15. -## TLS SRP Authentication +## TLS-SRP Authentication Transport Layer Security Secure Remote Password is a TLS feature that does not work with TLS 1.3 or QUIC and is virtually unused by curl users and in diff --git a/docs/examples/chkspeed.c b/docs/examples/chkspeed.c index f69215da4b..869d9f95c4 100644 --- a/docs/examples/chkspeed.c +++ b/docs/examples/chkspeed.c @@ -172,7 +172,7 @@ int main(int argc, const char *argv[]) /* specify URL to get */ curl_easy_setopt(curl, CURLOPT_URL, url); - /* send all data to this function */ + /* send all data to this function */ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* some servers do not like requests that are made without a user-agent diff --git a/docs/examples/externalsocket.c b/docs/examples/externalsocket.c index 959fbf7f11..b35f7aad63 100644 --- a/docs/examples/externalsocket.c +++ b/docs/examples/externalsocket.c @@ -100,7 +100,7 @@ int main(void) { CURL *curl; CURLcode result; - struct sockaddr_in servaddr; /* socket address structure */ + struct sockaddr_in servaddr; /* socket address structure */ curl_socket_t sockfd; result = curl_global_init(CURL_GLOBAL_ALL); @@ -141,7 +141,7 @@ int main(void) /* no progress meter please */ curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); - /* send all data to this function */ + /* send all data to this function */ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* call this function to get a socket */ diff --git a/docs/examples/getinmemory.c b/docs/examples/getinmemory.c index 1743b203f5..899704bc5c 100644 --- a/docs/examples/getinmemory.c +++ b/docs/examples/getinmemory.c @@ -78,7 +78,7 @@ int main(void) /* specify URL to get */ curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); - /* send all data to this function */ + /* send all data to this function */ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* we pass our 'chunk' struct to the callback function */ diff --git a/docs/examples/htmltidy.c b/docs/examples/htmltidy.c index c73e5385e9..2e2def59c3 100644 --- a/docs/examples/htmltidy.c +++ b/docs/examples/htmltidy.c @@ -35,7 +35,7 @@ #include -/* curl write callback, to fill tidy's input buffer... */ +/* curl write callback, to fill tidy's input buffer... */ static uint write_cb(char *in, uint size, uint nmemb, TidyBuffer *out) { uint r; diff --git a/docs/examples/http2-pushinmemory.c b/docs/examples/http2-pushinmemory.c index e99fe746d0..f52309561f 100644 --- a/docs/examples/http2-pushinmemory.c +++ b/docs/examples/http2-pushinmemory.c @@ -77,7 +77,7 @@ static void setup(CURL *curl) curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); - /* write data to a struct */ + /* write data to a struct */ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); init_memory(&files[0]); curl_easy_setopt(curl, CURLOPT_WRITEDATA, &files[0]); diff --git a/docs/examples/imap-search.c b/docs/examples/imap-search.c index f06f6a551d..ae944bb9ec 100644 --- a/docs/examples/imap-search.c +++ b/docs/examples/imap-search.c @@ -56,7 +56,7 @@ int main(void) * this can contain a message sequence set and a number of search criteria * keywords including flags such as ANSWERED, DELETED, DRAFT, FLAGGED, NEW, * RECENT and SEEN. For more information about the search criteria please - * see RFC-3501 section 6.4.4. */ + * see RFC-3501 section 6.4.4. */ curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "SEARCH NEW"); /* Perform the custom request */ diff --git a/docs/examples/maxconnects.c b/docs/examples/maxconnects.c index 3c6f3c8b3d..7ef29828ea 100644 --- a/docs/examples/maxconnects.c +++ b/docs/examples/maxconnects.c @@ -47,7 +47,7 @@ int main(void) }; int i = 0; - /* Change the maximum number of persistent connection */ + /* Change the maximum number of persistent connection */ curl_easy_setopt(curl, CURLOPT_MAXCONNECTS, 1L); curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); diff --git a/docs/examples/postinmemory.c b/docs/examples/postinmemory.c index 5b3251f506..16fabb8d22 100644 --- a/docs/examples/postinmemory.c +++ b/docs/examples/postinmemory.c @@ -74,7 +74,7 @@ int main(void) if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.org/"); - /* send all data to this function */ + /* send all data to this function */ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* we pass our 'chunk' struct to the callback function */ diff --git a/docs/examples/sepheaders.c b/docs/examples/sepheaders.c index e300205223..a315766d90 100644 --- a/docs/examples/sepheaders.c +++ b/docs/examples/sepheaders.c @@ -64,7 +64,7 @@ int main(void) /* no progress meter please */ curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); - /* send all data to this function */ + /* send all data to this function */ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* open the header file */ diff --git a/docs/examples/smtp-expn.c b/docs/examples/smtp-expn.c index 42a7480625..25b560f3ec 100644 --- a/docs/examples/smtp-expn.c +++ b/docs/examples/smtp-expn.c @@ -53,7 +53,7 @@ int main(void) /* This is the URL for your mailserver */ curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com"); - /* Note that the CURLOPT_MAIL_RCPT takes a list, not a char array */ + /* Note that the CURLOPT_MAIL_RCPT takes a list, not a char array */ recipients = curl_slist_append(recipients, "Friends"); curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients); diff --git a/docs/examples/smtp-vrfy.c b/docs/examples/smtp-vrfy.c index b60dfef25e..65783d6903 100644 --- a/docs/examples/smtp-vrfy.c +++ b/docs/examples/smtp-vrfy.c @@ -56,7 +56,7 @@ int main(void) /* This is the URL for your mailserver */ curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com"); - /* Note that the CURLOPT_MAIL_RCPT takes a list, not a char array */ + /* Note that the CURLOPT_MAIL_RCPT takes a list, not a char array */ recipients = curl_slist_append(recipients, ""); curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients); diff --git a/docs/examples/url2file.c b/docs/examples/url2file.c index 9ff0dd4fca..d871083073 100644 --- a/docs/examples/url2file.c +++ b/docs/examples/url2file.c @@ -74,7 +74,7 @@ int main(int argc, const char *argv[]) /* disable progress meter, set to 0L to enable it */ curl_easy_setopt(curl, CURLOPT_NOPROGRESS, 1L); - /* send all data to this function */ + /* send all data to this function */ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_cb); /* open the file */ diff --git a/docs/examples/version-check.pl b/docs/examples/version-check.pl index bc065770bc..e6ad784fc8 100755 --- a/docs/examples/version-check.pl +++ b/docs/examples/version-check.pl @@ -58,7 +58,6 @@ while() { $rem{$sym}=$a[2]; } } - } close(S); diff --git a/docs/libcurl/curl_mime_data.md b/docs/libcurl/curl_mime_data.md index 9af7a91d8a..a03f6b555b 100644 --- a/docs/libcurl/curl_mime_data.md +++ b/docs/libcurl/curl_mime_data.md @@ -68,7 +68,7 @@ int main(void) /* add a part */ part = curl_mime_addpart(mime); - /* add data to the part */ + /* add data to the part */ curl_mime_data(part, "raw contents to send", CURL_ZERO_TERMINATED); } } diff --git a/docs/libcurl/opts/CURLOPT_PROGRESSDATA.md b/docs/libcurl/opts/CURLOPT_PROGRESSDATA.md index d86210b3e2..c8f59321ca 100644 --- a/docs/libcurl/opts/CURLOPT_PROGRESSDATA.md +++ b/docs/libcurl/opts/CURLOPT_PROGRESSDATA.md @@ -63,7 +63,7 @@ int main(void) if(curl) { struct progress data; - /* pass struct to callback */ + /* pass struct to callback */ curl_easy_setopt(curl, CURLOPT_PROGRESSDATA, &data); curl_easy_setopt(curl, CURLOPT_PROGRESSFUNCTION, progress_callback); diff --git a/docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.md b/docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.md index 5334edbe22..47718002da 100644 --- a/docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_PROGRESSFUNCTION.md @@ -109,7 +109,7 @@ int main(void) CURL *curl = curl_easy_init(); if(curl) { - /* pass struct to callback */ + /* pass struct to callback */ curl_easy_setopt(curl, CURLOPT_PROGRESSDATA, &data); curl_easy_setopt(curl, CURLOPT_PROGRESSFUNCTION, progress_callback); diff --git a/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.md b/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.md index 8ff3d95c58..89dd79ebc9 100644 --- a/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.md +++ b/docs/libcurl/opts/CURLOPT_TLSAUTH_PASSWORD.md @@ -41,7 +41,7 @@ option. Using this option multiple times makes the last set string override the previous ones. Set it to NULL to disable its use again. -This feature relies on TLS SRP which does not work with TLS 1.3. +This feature relies on TLS-SRP which does not work with TLS 1.3. # DEFAULT diff --git a/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.md b/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.md index 078c41c253..35ae6bf467 100644 --- a/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.md +++ b/docs/libcurl/opts/CURLOPT_TLSAUTH_TYPE.md @@ -45,7 +45,7 @@ defined in RFC 5054 and provides mutual authentication if both sides have a shared secret. To use TLS-SRP, you must also set the CURLOPT_TLSAUTH_USERNAME(3) and CURLOPT_TLSAUTH_PASSWORD(3) options. -TLS SRP does not work with TLS 1.3. +TLS-SRP does not work with TLS 1.3. # DEFAULT diff --git a/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.md b/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.md index 654d858f83..b1d352e80e 100644 --- a/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.md +++ b/docs/libcurl/opts/CURLOPT_TLSAUTH_USERNAME.md @@ -40,7 +40,7 @@ option. Using this option multiple times makes the last set string override the previous ones. Set it to NULL to disable its use again. -This feature relies on TLS SRP which does not work with TLS 1.3. +This feature relies on TLS-SRP which does not work with TLS 1.3. # DEFAULT diff --git a/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md b/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md index 8cc97a6e40..407484debb 100644 --- a/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_WRITEFUNCTION.md @@ -110,7 +110,7 @@ int main(void) CURLcode result; CURL *curl = curl_easy_init(); if(curl) { - /* send all data to this function */ + /* send all data to this function */ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, cb); /* we pass our 'chunk' struct to the callback function */ diff --git a/docs/libcurl/opts/CURLOPT_XFERINFODATA.md b/docs/libcurl/opts/CURLOPT_XFERINFODATA.md index 3cc0ddd1ca..5099e0a469 100644 --- a/docs/libcurl/opts/CURLOPT_XFERINFODATA.md +++ b/docs/libcurl/opts/CURLOPT_XFERINFODATA.md @@ -65,7 +65,7 @@ int main(void) if(curl) { struct progress data; - /* pass struct to callback */ + /* pass struct to callback */ curl_easy_setopt(curl, CURLOPT_XFERINFODATA, &data); curl_easy_setopt(curl, CURLOPT_XFERINFOFUNCTION, progress_cb); } diff --git a/docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.md b/docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.md index 67f48afcb2..161be8fd4b 100644 --- a/docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_XFERINFOFUNCTION.md @@ -105,7 +105,7 @@ int main(void) if(curl) { struct progress data; - /* pass struct to callback */ + /* pass struct to callback */ curl_easy_setopt(curl, CURLOPT_XFERINFODATA, &data); /* enable progress callback getting called */ diff --git a/docs/libcurl/symbols.pl b/docs/libcurl/symbols.pl index d20554ab93..4126fe54e1 100755 --- a/docs/libcurl/symbols.pl +++ b/docs/libcurl/symbols.pl @@ -100,6 +100,5 @@ EOS EOS ; } - } } diff --git a/include/curl/curl.h b/include/curl/curl.h index 99b517adb3..632333d799 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -59,7 +59,7 @@ #define CURL_IGNORE_DEPRECATION(statements) statements #endif -#include "curlver.h" /* libcurl version defines */ +#include "curlver.h" /* libcurl version defines */ #include "system.h" /* determine things runtime */ #include @@ -1358,7 +1358,7 @@ typedef enum { /* Set the krb4/5 security level, this also enables krb4/5 awareness. This * is a string, 'clear', 'safe', 'confidential' or 'private'. If the string - * is set but does not match one of these, 'private' will be used. */ + * is set but does not match one of these, 'private' will be used. */ CURLOPTDEPRECATED(CURLOPT_KRBLEVEL, CURLOPTTYPE_STRINGPOINT, 63, 8.17.0, "removed"), @@ -2203,7 +2203,7 @@ typedef enum { CURLOPT(CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256, CURLOPTTYPE_STRINGPOINT, 311), /* Function that will be called immediately before the initial request - is made on a connection (after any protocol negotiation step). */ + is made on a connection (after any protocol negotiation step). */ CURLOPT(CURLOPT_PREREQFUNCTION, CURLOPTTYPE_FUNCTIONPOINT, 312), /* Data passed to the CURLOPT_PREREQFUNCTION callback */ @@ -2283,7 +2283,6 @@ typedef enum { #define CURLOPT_SSLCERTPASSWD CURLOPT_KEYPASSWD #define CURLOPT_KRB4LEVEL CURLOPT_KRBLEVEL -/* */ #define CURLOPT_FTP_RESPONSE_TIMEOUT CURLOPT_SERVER_RESPONSE_TIMEOUT /* Added in 8.2.0 */ @@ -3310,7 +3309,7 @@ CURL_EXTERN CURLcode curl_easy_ssls_export(CURL *handle, #endif /* unfortunately, the easy.h and multi.h include files need options and info - stuff before they can be included! */ + stuff before they can be included! */ #include "easy.h" /* nothing in curl is fun without the easy stuff */ #include "multi.h" #include "urlapi.h" @@ -3330,7 +3329,7 @@ CURL_EXTERN CURLcode curl_easy_ssls_export(CURL *handle, /* This preprocessor magic that replaces a call with the exact same call is only done to make sure application authors pass exactly three arguments to these functions. Use recursive macros to allow using these symbols via - the C++ global namespace '::' or reuse them as method names. */ + the C++ global namespace '::' or reusing them as method names. */ #define curl_easy_setopt(handle, opt, param) \ curl_easy_setopt(handle, opt, param) #define curl_easy_getinfo(handle, info, arg) \ diff --git a/include/curl/header.h b/include/curl/header.h index e7334b5a3a..85c10c8d78 100644 --- a/include/curl/header.h +++ b/include/curl/header.h @@ -31,7 +31,7 @@ extern "C" { struct curl_header { char *name; /* this might not use the same case */ char *value; - size_t amount; /* number of headers using this name */ + size_t amount; /* number of headers using this name */ size_t index; /* ... of this instance, 0 or higher */ unsigned int origin; /* see bits below */ void *anchor; /* handle privately used by libcurl */ diff --git a/include/curl/system.h b/include/curl/system.h index a5b3e9eba7..064833d6e1 100644 --- a/include/curl/system.h +++ b/include/curl/system.h @@ -367,20 +367,20 @@ #define CURL_PULL_SYS_POLL_H #endif -/* CURL_PULL_SYS_TYPES_H is defined above when inclusion of header file */ -/* sys/types.h is required here to properly make type definitions below. */ +/* CURL_PULL_SYS_TYPES_H is defined above when inclusion of header file + sys/types.h is required here to properly make type definitions below. */ #ifdef CURL_PULL_SYS_TYPES_H # include #endif -/* CURL_PULL_SYS_SOCKET_H is defined above when inclusion of header file */ -/* sys/socket.h is required here to properly make type definitions below. */ +/* CURL_PULL_SYS_SOCKET_H is defined above when inclusion of header file + sys/socket.h is required here to properly make type definitions below. */ #ifdef CURL_PULL_SYS_SOCKET_H # include #endif -/* CURL_PULL_SYS_POLL_H is defined above when inclusion of header file */ -/* sys/poll.h is required here to properly make type definitions below. */ +/* CURL_PULL_SYS_POLL_H is defined above when inclusion of header file + sys/poll.h is required here to properly make type definitions below. */ #ifdef CURL_PULL_SYS_POLL_H # include #endif diff --git a/include/curl/typecheck-gcc.h b/include/curl/typecheck-gcc.h index 7e6ef5baf4..3ac3182c50 100644 --- a/include/curl/typecheck-gcc.h +++ b/include/curl/typecheck-gcc.h @@ -43,186 +43,186 @@ #define curl_easy_setopt(handle, option, value) \ __extension__({ \ - if(__builtin_constant_p(option)) { \ - CURL_IGNORE_DEPRECATION( \ - if(curlcheck_long_option(option)) \ - if(!curlcheck_long(value)) \ - Wcurl_easy_setopt_err_long(); \ - if(curlcheck_off_t_option(option)) \ - if(!curlcheck_off_t(value)) \ - Wcurl_easy_setopt_err_curl_off_t(); \ - if(curlcheck_string_option(option)) \ - if(!curlcheck_string(value)) \ - Wcurl_easy_setopt_err_string(); \ - if((option) == CURLOPT_PRIVATE) { } \ - if(curlcheck_write_cb_option(option)) \ - if(!curlcheck_write_cb(value)) \ - Wcurl_easy_setopt_err_write_callback(); \ - if(curlcheck_curl_option(option)) \ - if(!curlcheck_curl(value)) \ - Wcurl_easy_setopt_err_curl(); \ - if((option) == CURLOPT_RESOLVER_START_FUNCTION) \ - if(!curlcheck_resolver_start_callback(value)) \ - Wcurl_easy_setopt_err_resolver_start_callback(); \ - if((option) == CURLOPT_READFUNCTION) \ - if(!curlcheck_read_cb(value)) \ - Wcurl_easy_setopt_err_read_cb(); \ - if((option) == CURLOPT_IOCTLFUNCTION) \ - if(!curlcheck_ioctl_cb(value)) \ - Wcurl_easy_setopt_err_ioctl_cb(); \ - if((option) == CURLOPT_SOCKOPTFUNCTION) \ - if(!curlcheck_sockopt_cb(value)) \ - Wcurl_easy_setopt_err_sockopt_cb(); \ - if((option) == CURLOPT_OPENSOCKETFUNCTION) \ - if(!curlcheck_opensocket_cb(value)) \ - Wcurl_easy_setopt_err_opensocket_cb(); \ - if((option) == CURLOPT_PROGRESSFUNCTION) \ - if(!curlcheck_progress_cb(value)) \ - Wcurl_easy_setopt_err_progress_cb(); \ - if((option) == CURLOPT_XFERINFOFUNCTION) \ - if(!curlcheck_xferinfo_cb(value)) \ - Wcurl_easy_setopt_err_xferinfo_cb(); \ - if((option) == CURLOPT_DEBUGFUNCTION) \ - if(!curlcheck_debug_cb(value)) \ - Wcurl_easy_setopt_err_debug_cb(); \ - if((option) == CURLOPT_SSL_CTX_FUNCTION) \ - if(!curlcheck_ssl_ctx_cb(value)) \ - Wcurl_easy_setopt_err_ssl_ctx_cb(); \ - if(curlcheck_conv_cb_option(option)) \ - if(!curlcheck_conv_cb(value)) \ - Wcurl_easy_setopt_err_conv_cb(); \ - if((option) == CURLOPT_SEEKFUNCTION) \ - if(!curlcheck_seek_cb(value)) \ - Wcurl_easy_setopt_err_seek_cb(); \ - if((option) == CURLOPT_CHUNK_BGN_FUNCTION) \ - if(!curlcheck_chunk_bgn_cb(value)) \ - Wcurl_easy_setopt_err_chunk_bgn_cb(); \ - if((option) == CURLOPT_CHUNK_END_FUNCTION) \ - if(!curlcheck_chunk_end_cb(value)) \ - Wcurl_easy_setopt_err_chunk_end_cb(); \ - if((option) == CURLOPT_CLOSESOCKETFUNCTION) \ - if(!curlcheck_close_socket_cb(value)) \ - Wcurl_easy_setopt_err_close_socket_cb(); \ - if((option) == CURLOPT_FNMATCH_FUNCTION) \ - if(!curlcheck_fnmatch_cb(value)) \ - Wcurl_easy_setopt_err_fnmatch_cb(); \ - if((option) == CURLOPT_HSTSREADFUNCTION) \ - if(!curlcheck_hstsread_cb(value)) \ - Wcurl_easy_setopt_err_hstsread_cb(); \ - if((option) == CURLOPT_HSTSWRITEFUNCTION) \ - if(!curlcheck_hstswrite_cb(value)) \ - Wcurl_easy_setopt_err_hstswrite_cb(); \ - if((option) == CURLOPT_SSH_HOSTKEYFUNCTION) \ - if(!curlcheck_ssh_hostkey_cb(value)) \ - Wcurl_easy_setopt_err_ssh_hostkey_cb(); \ - if((option) == CURLOPT_SSH_KEYFUNCTION) \ - if(!curlcheck_ssh_key_cb(value)) \ - Wcurl_easy_setopt_err_ssh_key_cb(); \ - if((option) == CURLOPT_INTERLEAVEFUNCTION) \ - if(!curlcheck_interleave_cb(value)) \ - Wcurl_easy_setopt_err_interleave_cb(); \ - if((option) == CURLOPT_PREREQFUNCTION) \ - if(!curlcheck_prereq_cb(value)) \ - Wcurl_easy_setopt_err_prereq_cb(); \ - if((option) == CURLOPT_TRAILERFUNCTION) \ - if(!curlcheck_trailer_cb(value)) \ - Wcurl_easy_setopt_err_trailer_cb(); \ - if(curlcheck_cb_data_option(option)) \ - if(!curlcheck_cb_data(value)) \ - Wcurl_easy_setopt_err_cb_data(); \ - if((option) == CURLOPT_ERRORBUFFER) \ - if(!curlcheck_error_buffer(value)) \ - Wcurl_easy_setopt_err_error_buffer(); \ - if((option) == CURLOPT_CURLU) \ - if(!curlcheck_ptr((value), CURLU)) \ - Wcurl_easy_setopt_err_curlu(); \ - if((option) == CURLOPT_STDERR) \ - if(!curlcheck_FILE(value)) \ - Wcurl_easy_setopt_err_FILE(); \ - if(curlcheck_postfields_option(option)) \ - if(!curlcheck_postfields(value)) \ - Wcurl_easy_setopt_err_postfields(); \ - if((option) == CURLOPT_HTTPPOST) \ - if(!curlcheck_arr((value), struct curl_httppost)) \ - Wcurl_easy_setopt_err_curl_httpost(); \ - if((option) == CURLOPT_MIMEPOST) \ - if(!curlcheck_ptr((value), curl_mime)) \ - Wcurl_easy_setopt_err_curl_mimepost(); \ - if(curlcheck_slist_option(option)) \ - if(!curlcheck_arr((value), struct curl_slist)) \ - Wcurl_easy_setopt_err_curl_slist(); \ - if((option) == CURLOPT_SHARE) \ - if(!curlcheck_ptr((value), CURLSH)) \ - Wcurl_easy_setopt_err_CURLSH(); \ - ) \ - } \ - (curl_easy_setopt)(handle, option, value); \ - }) + if(__builtin_constant_p(option)) { \ + CURL_IGNORE_DEPRECATION( \ + if(curlcheck_long_option(option)) \ + if(!curlcheck_long(value)) \ + Wcurl_easy_setopt_err_long(); \ + if(curlcheck_off_t_option(option)) \ + if(!curlcheck_off_t(value)) \ + Wcurl_easy_setopt_err_curl_off_t(); \ + if(curlcheck_string_option(option)) \ + if(!curlcheck_string(value)) \ + Wcurl_easy_setopt_err_string(); \ + if((option) == CURLOPT_PRIVATE) { } \ + if(curlcheck_write_cb_option(option)) \ + if(!curlcheck_write_cb(value)) \ + Wcurl_easy_setopt_err_write_callback(); \ + if(curlcheck_curl_option(option)) \ + if(!curlcheck_curl(value)) \ + Wcurl_easy_setopt_err_curl(); \ + if((option) == CURLOPT_RESOLVER_START_FUNCTION) \ + if(!curlcheck_resolver_start_callback(value)) \ + Wcurl_easy_setopt_err_resolver_start_callback(); \ + if((option) == CURLOPT_READFUNCTION) \ + if(!curlcheck_read_cb(value)) \ + Wcurl_easy_setopt_err_read_cb(); \ + if((option) == CURLOPT_IOCTLFUNCTION) \ + if(!curlcheck_ioctl_cb(value)) \ + Wcurl_easy_setopt_err_ioctl_cb(); \ + if((option) == CURLOPT_SOCKOPTFUNCTION) \ + if(!curlcheck_sockopt_cb(value)) \ + Wcurl_easy_setopt_err_sockopt_cb(); \ + if((option) == CURLOPT_OPENSOCKETFUNCTION) \ + if(!curlcheck_opensocket_cb(value)) \ + Wcurl_easy_setopt_err_opensocket_cb(); \ + if((option) == CURLOPT_PROGRESSFUNCTION) \ + if(!curlcheck_progress_cb(value)) \ + Wcurl_easy_setopt_err_progress_cb(); \ + if((option) == CURLOPT_XFERINFOFUNCTION) \ + if(!curlcheck_xferinfo_cb(value)) \ + Wcurl_easy_setopt_err_xferinfo_cb(); \ + if((option) == CURLOPT_DEBUGFUNCTION) \ + if(!curlcheck_debug_cb(value)) \ + Wcurl_easy_setopt_err_debug_cb(); \ + if((option) == CURLOPT_SSL_CTX_FUNCTION) \ + if(!curlcheck_ssl_ctx_cb(value)) \ + Wcurl_easy_setopt_err_ssl_ctx_cb(); \ + if(curlcheck_conv_cb_option(option)) \ + if(!curlcheck_conv_cb(value)) \ + Wcurl_easy_setopt_err_conv_cb(); \ + if((option) == CURLOPT_SEEKFUNCTION) \ + if(!curlcheck_seek_cb(value)) \ + Wcurl_easy_setopt_err_seek_cb(); \ + if((option) == CURLOPT_CHUNK_BGN_FUNCTION) \ + if(!curlcheck_chunk_bgn_cb(value)) \ + Wcurl_easy_setopt_err_chunk_bgn_cb(); \ + if((option) == CURLOPT_CHUNK_END_FUNCTION) \ + if(!curlcheck_chunk_end_cb(value)) \ + Wcurl_easy_setopt_err_chunk_end_cb(); \ + if((option) == CURLOPT_CLOSESOCKETFUNCTION) \ + if(!curlcheck_close_socket_cb(value)) \ + Wcurl_easy_setopt_err_close_socket_cb(); \ + if((option) == CURLOPT_FNMATCH_FUNCTION) \ + if(!curlcheck_fnmatch_cb(value)) \ + Wcurl_easy_setopt_err_fnmatch_cb(); \ + if((option) == CURLOPT_HSTSREADFUNCTION) \ + if(!curlcheck_hstsread_cb(value)) \ + Wcurl_easy_setopt_err_hstsread_cb(); \ + if((option) == CURLOPT_HSTSWRITEFUNCTION) \ + if(!curlcheck_hstswrite_cb(value)) \ + Wcurl_easy_setopt_err_hstswrite_cb(); \ + if((option) == CURLOPT_SSH_HOSTKEYFUNCTION) \ + if(!curlcheck_ssh_hostkey_cb(value)) \ + Wcurl_easy_setopt_err_ssh_hostkey_cb(); \ + if((option) == CURLOPT_SSH_KEYFUNCTION) \ + if(!curlcheck_ssh_key_cb(value)) \ + Wcurl_easy_setopt_err_ssh_key_cb(); \ + if((option) == CURLOPT_INTERLEAVEFUNCTION) \ + if(!curlcheck_interleave_cb(value)) \ + Wcurl_easy_setopt_err_interleave_cb(); \ + if((option) == CURLOPT_PREREQFUNCTION) \ + if(!curlcheck_prereq_cb(value)) \ + Wcurl_easy_setopt_err_prereq_cb(); \ + if((option) == CURLOPT_TRAILERFUNCTION) \ + if(!curlcheck_trailer_cb(value)) \ + Wcurl_easy_setopt_err_trailer_cb(); \ + if(curlcheck_cb_data_option(option)) \ + if(!curlcheck_cb_data(value)) \ + Wcurl_easy_setopt_err_cb_data(); \ + if((option) == CURLOPT_ERRORBUFFER) \ + if(!curlcheck_error_buffer(value)) \ + Wcurl_easy_setopt_err_error_buffer(); \ + if((option) == CURLOPT_CURLU) \ + if(!curlcheck_ptr((value), CURLU)) \ + Wcurl_easy_setopt_err_curlu(); \ + if((option) == CURLOPT_STDERR) \ + if(!curlcheck_FILE(value)) \ + Wcurl_easy_setopt_err_FILE(); \ + if(curlcheck_postfields_option(option)) \ + if(!curlcheck_postfields(value)) \ + Wcurl_easy_setopt_err_postfields(); \ + if((option) == CURLOPT_HTTPPOST) \ + if(!curlcheck_arr((value), struct curl_httppost)) \ + Wcurl_easy_setopt_err_curl_httpost(); \ + if((option) == CURLOPT_MIMEPOST) \ + if(!curlcheck_ptr((value), curl_mime)) \ + Wcurl_easy_setopt_err_curl_mimepost(); \ + if(curlcheck_slist_option(option)) \ + if(!curlcheck_arr((value), struct curl_slist)) \ + Wcurl_easy_setopt_err_curl_slist(); \ + if((option) == CURLOPT_SHARE) \ + if(!curlcheck_ptr((value), CURLSH)) \ + Wcurl_easy_setopt_err_CURLSH(); \ + ) \ + } \ + (curl_easy_setopt)(handle, option, value); \ + }) /* wraps curl_easy_getinfo() with type checking */ #define curl_easy_getinfo(handle, info, arg) \ __extension__({ \ - if(__builtin_constant_p(info)) { \ - CURL_IGNORE_DEPRECATION( \ - if(curlcheck_string_info(info)) \ - if(!curlcheck_arr((arg), char *)) \ - Wcurl_easy_getinfo_err_string(); \ - if(curlcheck_long_info(info)) \ - if(!curlcheck_arr((arg), long)) \ - Wcurl_easy_getinfo_err_long(); \ - if(curlcheck_double_info(info)) \ - if(!curlcheck_arr((arg), double)) \ - Wcurl_easy_getinfo_err_double(); \ - if(curlcheck_slist_info(info)) \ - if(!curlcheck_arr((arg), struct curl_slist *)) \ - Wcurl_easy_getinfo_err_curl_slist(); \ - if(curlcheck_tlssessioninfo_info(info)) \ - if(!curlcheck_arr((arg), struct curl_tlssessioninfo *)) \ - Wcurl_easy_getinfo_err_curl_tlssessioninfo(); \ - if(curlcheck_certinfo_info(info)) \ - if(!curlcheck_arr((arg), struct curl_certinfo *)) \ - Wcurl_easy_getinfo_err_curl_certinfo(); \ - if(curlcheck_socket_info(info)) \ - if(!curlcheck_arr((arg), curl_socket_t)) \ - Wcurl_easy_getinfo_err_curl_socket(); \ - if(curlcheck_off_t_info(info)) \ - if(!curlcheck_arr((arg), curl_off_t)) \ - Wcurl_easy_getinfo_err_curl_off_t(); \ - ) \ - } \ - (curl_easy_getinfo)(handle, info, arg); \ - }) + if(__builtin_constant_p(info)) { \ + CURL_IGNORE_DEPRECATION( \ + if(curlcheck_string_info(info)) \ + if(!curlcheck_arr((arg), char *)) \ + Wcurl_easy_getinfo_err_string(); \ + if(curlcheck_long_info(info)) \ + if(!curlcheck_arr((arg), long)) \ + Wcurl_easy_getinfo_err_long(); \ + if(curlcheck_double_info(info)) \ + if(!curlcheck_arr((arg), double)) \ + Wcurl_easy_getinfo_err_double(); \ + if(curlcheck_slist_info(info)) \ + if(!curlcheck_arr((arg), struct curl_slist *)) \ + Wcurl_easy_getinfo_err_curl_slist(); \ + if(curlcheck_tlssessioninfo_info(info)) \ + if(!curlcheck_arr((arg), struct curl_tlssessioninfo *)) \ + Wcurl_easy_getinfo_err_curl_tlssessioninfo(); \ + if(curlcheck_certinfo_info(info)) \ + if(!curlcheck_arr((arg), struct curl_certinfo *)) \ + Wcurl_easy_getinfo_err_curl_certinfo(); \ + if(curlcheck_socket_info(info)) \ + if(!curlcheck_arr((arg), curl_socket_t)) \ + Wcurl_easy_getinfo_err_curl_socket(); \ + if(curlcheck_off_t_info(info)) \ + if(!curlcheck_arr((arg), curl_off_t)) \ + Wcurl_easy_getinfo_err_curl_off_t(); \ + ) \ + } \ + (curl_easy_getinfo)(handle, info, arg); \ + }) #define curl_multi_setopt(handle, option, value) \ __extension__({ \ - if(__builtin_constant_p(option)) { \ - if(curlcheck_long_option(option)) \ - if(!curlcheck_long(value)) \ - Wcurl_multi_setopt_err_long(); \ - if(curlcheck_off_t_option(option)) \ - if(!curlcheck_off_t(value)) \ - Wcurl_multi_setopt_err_curl_off_t(); \ - if(curlcheck_multicb_data_option(option)) \ - if(!curlcheck_cb_data(value)) \ - Wcurl_multi_setopt_err_cb_data(); \ - if(curlcheck_charpp_option(option)) \ - if(!curlcheck_ptrptr(value, char)) \ - Wcurl_multi_setopt_err_charpp(); \ - if((option) == CURLMOPT_NOTIFYFUNCTION) \ - if(!curlcheck_multinotify_cb(value)) \ - Wcurl_multi_setopt_err_notifycb(); \ - if((option) == CURLMOPT_PUSHFUNCTION) \ - if(!curlcheck_multipush_cb(value)) \ - Wcurl_multi_setopt_err_pushcb(); \ - if((option) == CURLMOPT_SOCKETFUNCTION) \ - if(!curlcheck_multisocket_cb(value)) \ - Wcurl_multi_setopt_err_socketcb(); \ - if((option) == CURLMOPT_TIMERFUNCTION) \ - if(!curlcheck_multitimer_cb(value)) \ - Wcurl_multi_setopt_err_timercb(); \ - } \ - (curl_multi_setopt)(handle, option, value); \ - }) + if(__builtin_constant_p(option)) { \ + if(curlcheck_long_option(option)) \ + if(!curlcheck_long(value)) \ + Wcurl_multi_setopt_err_long(); \ + if(curlcheck_off_t_option(option)) \ + if(!curlcheck_off_t(value)) \ + Wcurl_multi_setopt_err_curl_off_t(); \ + if(curlcheck_multicb_data_option(option)) \ + if(!curlcheck_cb_data(value)) \ + Wcurl_multi_setopt_err_cb_data(); \ + if(curlcheck_charpp_option(option)) \ + if(!curlcheck_ptrptr(value, char)) \ + Wcurl_multi_setopt_err_charpp(); \ + if((option) == CURLMOPT_NOTIFYFUNCTION) \ + if(!curlcheck_multinotify_cb(value)) \ + Wcurl_multi_setopt_err_notifycb(); \ + if((option) == CURLMOPT_PUSHFUNCTION) \ + if(!curlcheck_multipush_cb(value)) \ + Wcurl_multi_setopt_err_pushcb(); \ + if((option) == CURLMOPT_SOCKETFUNCTION) \ + if(!curlcheck_multisocket_cb(value)) \ + Wcurl_multi_setopt_err_socketcb(); \ + if((option) == CURLMOPT_TIMERFUNCTION) \ + if(!curlcheck_multitimer_cb(value)) \ + Wcurl_multi_setopt_err_timercb(); \ + } \ + (curl_multi_setopt)(handle, option, value); \ + }) /* evaluates to true if the option takes a data argument to pass to a callback */ @@ -512,82 +512,84 @@ CURLWARNING(Wcurl_easy_getinfo_err_curl_off_t, (option) == CURLOPT_CONV_FROM_UTF8_FUNCTION) /* evaluates to true if option takes a data argument to pass to a callback */ -#define curlcheck_cb_data_option(option) \ - ((option) == CURLOPT_CHUNK_DATA || \ - (option) == CURLOPT_CLOSESOCKETDATA || \ - (option) == CURLOPT_DEBUGDATA || \ - (option) == CURLOPT_FNMATCH_DATA || \ - (option) == CURLOPT_HEADERDATA || \ - (option) == CURLOPT_HSTSREADDATA || \ - (option) == CURLOPT_HSTSWRITEDATA || \ - (option) == CURLOPT_INTERLEAVEDATA || \ - (option) == CURLOPT_IOCTLDATA || \ - (option) == CURLOPT_OPENSOCKETDATA || \ - (option) == CURLOPT_PREREQDATA || \ - (option) == CURLOPT_XFERINFODATA || \ - (option) == CURLOPT_READDATA || \ - (option) == CURLOPT_SEEKDATA || \ - (option) == CURLOPT_SOCKOPTDATA || \ - (option) == CURLOPT_SSH_KEYDATA || \ - (option) == CURLOPT_SSL_CTX_DATA || \ - (option) == CURLOPT_WRITEDATA || \ - (option) == CURLOPT_RESOLVER_START_DATA || \ - (option) == CURLOPT_TRAILERDATA || \ - (option) == CURLOPT_SSH_HOSTKEYDATA || \ +#define curlcheck_cb_data_option(option) \ + ((option) == CURLOPT_CHUNK_DATA || \ + (option) == CURLOPT_CLOSESOCKETDATA || \ + (option) == CURLOPT_DEBUGDATA || \ + (option) == CURLOPT_FNMATCH_DATA || \ + (option) == CURLOPT_HEADERDATA || \ + (option) == CURLOPT_HSTSREADDATA || \ + (option) == CURLOPT_HSTSWRITEDATA || \ + (option) == CURLOPT_INTERLEAVEDATA || \ + (option) == CURLOPT_IOCTLDATA || \ + (option) == CURLOPT_OPENSOCKETDATA || \ + (option) == CURLOPT_PREREQDATA || \ + (option) == CURLOPT_XFERINFODATA || \ + (option) == CURLOPT_READDATA || \ + (option) == CURLOPT_SEEKDATA || \ + (option) == CURLOPT_SOCKOPTDATA || \ + (option) == CURLOPT_SSH_KEYDATA || \ + (option) == CURLOPT_SSL_CTX_DATA || \ + (option) == CURLOPT_WRITEDATA || \ + (option) == CURLOPT_RESOLVER_START_DATA || \ + (option) == CURLOPT_TRAILERDATA || \ + (option) == CURLOPT_SSH_HOSTKEYDATA || \ 0) /* evaluates to true if option takes a POST data argument (void* or char*) */ -#define curlcheck_postfields_option(option) \ - ((option) == CURLOPT_POSTFIELDS || \ - (option) == CURLOPT_COPYPOSTFIELDS || \ +#define curlcheck_postfields_option(option) \ + ((option) == CURLOPT_POSTFIELDS || \ + (option) == CURLOPT_COPYPOSTFIELDS || \ 0) /* evaluates to true if option takes a struct curl_slist * argument */ -#define curlcheck_slist_option(option) \ - ((option) == CURLOPT_HTTP200ALIASES || \ - (option) == CURLOPT_HTTPHEADER || \ - (option) == CURLOPT_MAIL_RCPT || \ - (option) == CURLOPT_POSTQUOTE || \ - (option) == CURLOPT_PREQUOTE || \ - (option) == CURLOPT_PROXYHEADER || \ - (option) == CURLOPT_QUOTE || \ - (option) == CURLOPT_RESOLVE || \ - (option) == CURLOPT_TELNETOPTIONS || \ - (option) == CURLOPT_CONNECT_TO || \ +#define curlcheck_slist_option(option) \ + ((option) == CURLOPT_HTTP200ALIASES || \ + (option) == CURLOPT_HTTPHEADER || \ + (option) == CURLOPT_MAIL_RCPT || \ + (option) == CURLOPT_POSTQUOTE || \ + (option) == CURLOPT_PREQUOTE || \ + (option) == CURLOPT_PROXYHEADER || \ + (option) == CURLOPT_QUOTE || \ + (option) == CURLOPT_RESOLVE || \ + (option) == CURLOPT_TELNETOPTIONS || \ + (option) == CURLOPT_CONNECT_TO || \ 0) /* groups of curl_easy_getinfo infos that take the same type of argument */ /* evaluates to true if info expects a pointer to char * argument */ -#define curlcheck_string_info(info) \ - (CURLINFO_STRING < (info) && (info) < CURLINFO_LONG && \ +#define curlcheck_string_info(info) \ + (CURLINFO_STRING < (info) && (info) < CURLINFO_LONG && \ (info) != CURLINFO_PRIVATE) /* evaluates to true if info expects a pointer to long argument */ -#define curlcheck_long_info(info) \ +#define curlcheck_long_info(info) \ (CURLINFO_LONG < (info) && (info) < CURLINFO_DOUBLE) /* evaluates to true if info expects a pointer to double argument */ -#define curlcheck_double_info(info) \ +#define curlcheck_double_info(info) \ (CURLINFO_DOUBLE < (info) && (info) < CURLINFO_SLIST) /* true if info expects a pointer to struct curl_slist * argument */ #define curlcheck_slist_info(info) \ - (((info) == CURLINFO_SSL_ENGINES) || ((info) == CURLINFO_COOKIELIST)) + (((info) == CURLINFO_SSL_ENGINES) || \ + ((info) == CURLINFO_COOKIELIST)) /* true if info expects a pointer to struct curl_tlssessioninfo * argument */ -#define curlcheck_tlssessioninfo_info(info) \ - (((info) == CURLINFO_TLS_SSL_PTR) || ((info) == CURLINFO_TLS_SESSION)) +#define curlcheck_tlssessioninfo_info(info) \ + (((info) == CURLINFO_TLS_SSL_PTR) || \ + ((info) == CURLINFO_TLS_SESSION)) /* true if info expects a pointer to struct curl_certinfo * argument */ #define curlcheck_certinfo_info(info) ((info) == CURLINFO_CERTINFO) /* true if info expects a pointer to struct curl_socket_t argument */ -#define curlcheck_socket_info(info) \ +#define curlcheck_socket_info(info) \ (CURLINFO_SOCKET < (info) && (info) < CURLINFO_OFF_T) /* true if info expects a pointer to curl_off_t argument */ -#define curlcheck_off_t_info(info) \ +#define curlcheck_off_t_info(info) \ (CURLINFO_OFF_T < (info)) /* @@ -604,7 +606,7 @@ CURLWARNING(Wcurl_easy_getinfo_err_curl_off_t, */ /* XXX: should evaluate to true if expr is a pointer */ -#define curlcheck_any_ptr(expr) \ +#define curlcheck_any_ptr(expr) \ (sizeof(expr) == sizeof(void *)) /* evaluates to true if expr is NULL */ @@ -668,7 +670,7 @@ CURLWARNING(Wcurl_easy_getinfo_err_curl_off_t, ) /* evaluates to true if expr is of type curl_off_t */ -#define curlcheck_off_t(expr) \ +#define curlcheck_off_t(expr) \ (__builtin_types_compatible_p(__typeof__(expr), curl_off_t)) /* evaluates to true if expr is abuffer suitable for CURLOPT_ERRORBUFFER */ @@ -706,8 +708,8 @@ CURLWARNING(Wcurl_easy_getinfo_err_curl_off_t, __builtin_types_compatible_p(__typeof__(func) *, type)) /* evaluates to true if expr is of type curl_resolver_start_callback */ -#define curlcheck_resolver_start_callback(expr) \ - (curlcheck_NULL(expr) || \ +#define curlcheck_resolver_start_callback(expr) \ + (curlcheck_NULL(expr) || \ curlcheck_cb_compatible((expr), curl_resolver_start_callback)) /* evaluates to true if expr is of type curl_read_callback or "similar" */ @@ -741,11 +743,11 @@ typedef size_t (*Wcurl_read_callback6)(void *, size_t, size_t, FILE *); curlcheck_cb_compatible((expr), Wcurl_write_callback6)) typedef size_t (*Wcurl_write_callback1)(const char *, size_t, size_t, void *); typedef size_t (*Wcurl_write_callback2)(const char *, size_t, size_t, - const void *); + const void *); typedef size_t (*Wcurl_write_callback3)(const char *, size_t, size_t, FILE *); typedef size_t (*Wcurl_write_callback4)(const void *, size_t, size_t, void *); typedef size_t (*Wcurl_write_callback5)(const void *, size_t, size_t, - const void *); + const void *); typedef size_t (*Wcurl_write_callback6)(const void *, size_t, size_t, FILE *); /* evaluates to true if expr is of type curl_ioctl_callback or "similar" */ @@ -769,7 +771,7 @@ typedef curlioerr (*Wcurl_ioctl_callback4)(CURL *, curliocmd, const void *); curlcheck_cb_compatible((expr), Wcurl_sockopt_callback2)) typedef int (*Wcurl_sockopt_callback1)(void *, curl_socket_t, curlsocktype); typedef int (*Wcurl_sockopt_callback2)(const void *, curl_socket_t, - curlsocktype); + curlsocktype); /* evaluates to true if expr is of type curl_opensocket_callback or "similar" */ @@ -817,21 +819,21 @@ typedef int (*Wcurl_progress_callback2)(const void *, curlcheck_cb_compatible((expr), Wcurl_debug_callback6) || \ curlcheck_cb_compatible((expr), Wcurl_debug_callback7) || \ curlcheck_cb_compatible((expr), Wcurl_debug_callback8)) -typedef int (*Wcurl_debug_callback1) (CURL *, +typedef int (*Wcurl_debug_callback1)(CURL *, curl_infotype, char *, size_t, void *); -typedef int (*Wcurl_debug_callback2) (CURL *, +typedef int (*Wcurl_debug_callback2)(CURL *, curl_infotype, char *, size_t, const void *); -typedef int (*Wcurl_debug_callback3) (CURL *, +typedef int (*Wcurl_debug_callback3)(CURL *, curl_infotype, const char *, size_t, void *); -typedef int (*Wcurl_debug_callback4) (CURL *, +typedef int (*Wcurl_debug_callback4)(CURL *, curl_infotype, const char *, size_t, const void *); -typedef int (*Wcurl_debug_callback5) (CURL *, +typedef int (*Wcurl_debug_callback5)(CURL *, curl_infotype, unsigned char *, size_t, void *); -typedef int (*Wcurl_debug_callback6) (CURL *, +typedef int (*Wcurl_debug_callback6)(CURL *, curl_infotype, unsigned char *, size_t, const void *); -typedef int (*Wcurl_debug_callback7) (CURL *, +typedef int (*Wcurl_debug_callback7)(CURL *, curl_infotype, const unsigned char *, size_t, void *); -typedef int (*Wcurl_debug_callback8) (CURL *, +typedef int (*Wcurl_debug_callback8)(CURL *, curl_infotype, const unsigned char *, size_t, const void *); /* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */ diff --git a/lib/altsvc.c b/lib/altsvc.c index 3d3de12700..78d2a5083a 100644 --- a/lib/altsvc.c +++ b/lib/altsvc.c @@ -229,7 +229,6 @@ static CURLcode altsvc_load(struct altsvcinfo *asi, const char *file) /* * Write this single altsvc entry to a single output line */ - static CURLcode altsvc_out(struct altsvc *as, FILE *fp) { struct tm stamp; diff --git a/lib/asyn-ares.c b/lib/asyn-ares.c index a9e697ff60..2d710f56da 100644 --- a/lib/asyn-ares.c +++ b/lib/asyn-ares.c @@ -600,8 +600,8 @@ async_ares_node2addr(struct ares_addrinfo_node *node) for(ai = node; ai != NULL; ai = ai->ai_next) { size_t ss_size; struct Curl_addrinfo *ca; - /* ignore elements with unsupported address family, */ - /* settle family-specific sockaddr structure size. */ + /* ignore elements with unsupported address family, + settle family-specific sockaddr structure size. */ if(ai->ai_family == AF_INET) ss_size = sizeof(struct sockaddr_in); #ifdef USE_IPV6 @@ -625,8 +625,8 @@ async_ares_node2addr(struct ares_addrinfo_node *node) break; } - /* copy each structure member individually, member ordering, */ - /* size, or padding might be different for each platform. */ + /* copy each structure member individually, member ordering, + size, or padding might be different for each platform. */ ca->ai_flags = ai->ai_flags; ca->ai_family = ai->ai_family; diff --git a/lib/cfilters.h b/lib/cfilters.h index e3ce9577f9..c7546344af 100644 --- a/lib/cfilters.h +++ b/lib/cfilters.h @@ -117,7 +117,7 @@ typedef CURLcode Curl_cft_conn_keep_alive(struct Curl_cfilter *cf, */ /* data event arg1 arg2 return */ #define CF_CTRL_DATA_SETUP 4 /* 0 NULL first fail */ -/* unused now 5 */ +/* unused now 5 */ #define CF_CTRL_DATA_PAUSE 6 /* on/off NULL first fail */ #define CF_CTRL_DATA_DONE 7 /* premature NULL ignored */ #define CF_CTRL_DATA_DONE_SEND 8 /* 0 NULL ignored */ @@ -170,7 +170,7 @@ typedef CURLcode Curl_cft_cntrl(struct Curl_cfilter *cf, #define CF_QUERY_STREAM_ERROR 6 /* error code - */ #define CF_QUERY_NEED_FLUSH 7 /* TRUE/FALSE - */ #define CF_QUERY_IP_INFO 8 /* TRUE/FALSE struct ip_quadruple */ -#define CF_QUERY_HTTP_VERSION 9 /* number (10/11/20/30) - */ +#define CF_QUERY_HTTP_VERSION 9 /* number (10/11/20/30) - */ /* pass in a `const struct Curl_sockaddr_ex **` as `pres2`. Gets set * to NULL when not connected. */ #define CF_QUERY_REMOTE_ADDR 10 /* - `Curl_sockaddr_ex *` */ diff --git a/lib/config-win32.h b/lib/config-win32.h index 25409d02f3..dd93c04579 100644 --- a/lib/config-win32.h +++ b/lib/config-win32.h @@ -284,7 +284,6 @@ /* ---------------------------------------------------------------- */ #ifndef CURL_WINDOWS_UWP -#undef HAVE_LDAP_URL_PARSE #define HAVE_LDAP_SSL 1 #define USE_WIN32_LDAP 1 #endif diff --git a/lib/connect.c b/lib/connect.c index 4b363ebe31..78c9370804 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -61,7 +61,7 @@ #include "multiif.h" #include "curlx/inet_ntop.h" #include "curlx/strparse.h" -#include "vtls/vtls.h" /* for vtsl cfilters */ +#include "vtls/vtls.h" /* for vtls cfilters */ #include "progress.h" #include "conncache.h" #include "multihandle.h" diff --git a/lib/curl_addrinfo.c b/lib/curl_addrinfo.c index 63540c168d..43d398d119 100644 --- a/lib/curl_addrinfo.c +++ b/lib/curl_addrinfo.c @@ -115,8 +115,8 @@ int Curl_getaddrinfo_ex(const char *nodename, for(ai = aihead; ai != NULL; ai = ai->ai_next) { size_t namelen = ai->ai_canonname ? strlen(ai->ai_canonname) + 1 : 0; - /* ignore elements with unsupported address family, */ - /* settle family-specific sockaddr structure size. */ + /* ignore elements with unsupported address family, + settle family-specific sockaddr structure size. */ if(ai->ai_family == AF_INET) ss_size = sizeof(struct sockaddr_in); #ifdef USE_IPV6 @@ -140,8 +140,8 @@ int Curl_getaddrinfo_ex(const char *nodename, break; } - /* copy each structure member individually, member ordering, */ - /* size, or padding might be different for each platform. */ + /* copy each structure member individually, member ordering, + size, or padding might be different for each platform. */ ca->ai_flags = ai->ai_flags; ca->ai_family = ai->ai_family; diff --git a/lib/curl_config-cmake.h.in b/lib/curl_config-cmake.h.in index 8742ad64af..1dcab9d897 100644 --- a/lib/curl_config-cmake.h.in +++ b/lib/curl_config-cmake.h.in @@ -725,13 +725,13 @@ ${SIZEOF_TIME_T_CODE} automatically */ #cmakedefine CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG 1 -/* to enable NGHTTP2 */ +/* to enable NGHTTP2 */ #cmakedefine USE_NGHTTP2 1 /* to enable NGTCP2 */ #cmakedefine USE_NGTCP2 1 -/* to enable NGHTTP3 */ +/* to enable NGHTTP3 */ #cmakedefine USE_NGHTTP3 1 /* to enable quiche */ @@ -743,13 +743,13 @@ ${SIZEOF_TIME_T_CODE} /* Define to 1 if you have the quiche_conn_set_qlog_fd function. */ #cmakedefine HAVE_QUICHE_CONN_SET_QLOG_FD 1 -/* if Unix domain sockets are enabled */ +/* if Unix domain sockets are enabled */ #cmakedefine USE_UNIX_SOCKETS 1 /* to enable SSPI support */ #cmakedefine USE_WINDOWS_SSPI 1 -/* to enable Windows SSL */ +/* to enable Windows SSL */ #cmakedefine USE_SCHANNEL 1 /* if Watt-32 is in use */ diff --git a/lib/curl_printf.h b/lib/curl_printf.h index 207ba7125d..3b1a5af3b4 100644 --- a/lib/curl_printf.h +++ b/lib/curl_printf.h @@ -28,10 +28,10 @@ #define MERR_MEM 1 #define MERR_TOO_LARGE 2 -/* Lower-case digits. */ +/* Lower-case digits. */ extern const unsigned char Curl_ldigits[]; -/* Upper-case digits. */ +/* Upper-case digits. */ extern const unsigned char Curl_udigits[]; #endif /* HEADER_CURL_PRINTF_H */ diff --git a/lib/curl_sasl.h b/lib/curl_sasl.h index 5e03bf3565..8a97f52adc 100644 --- a/lib/curl_sasl.h +++ b/lib/curl_sasl.h @@ -147,11 +147,11 @@ void Curl_sasl_init(struct SASL *sasl, struct Curl_easy *data, /* Check if we have enough auth data and capabilities to authenticate */ bool Curl_sasl_can_authenticate(struct SASL *sasl, struct Curl_easy *data); -/* Calculate the required login details for SASL authentication */ +/* Calculate the required login details for SASL authentication */ CURLcode Curl_sasl_start(struct SASL *sasl, struct Curl_easy *data, bool force_ir, saslprogress *progress); -/* Continue an SASL authentication */ +/* Continue an SASL authentication */ CURLcode Curl_sasl_continue(struct SASL *sasl, struct Curl_easy *data, int code, saslprogress *progress); diff --git a/lib/curlx/timeval.c b/lib/curlx/timeval.c index ae67e9bb42..03eb80341c 100644 --- a/lib/curlx/timeval.c +++ b/lib/curlx/timeval.c @@ -194,7 +194,6 @@ timediff_t curlx_ptimediff_ms(const struct curltime *newer, return (diff * 1000) + ((newer->tv_usec - older->tv_usec) / 1000); } - timediff_t curlx_timediff_ms(struct curltime newer, struct curltime older) { return curlx_ptimediff_ms(&newer, &older); diff --git a/lib/escape.h b/lib/escape.h index 2ea06c444f..9f9a89e402 100644 --- a/lib/escape.h +++ b/lib/escape.h @@ -24,7 +24,7 @@ * ***************************************************************************/ /* Escape and unescape URL encoding in strings. The functions return a new - * allocated string or NULL if an error occurred. */ + * allocated string or NULL if an error occurred. */ enum urlreject { REJECT_NADA = 2, diff --git a/lib/fake_addrinfo.c b/lib/fake_addrinfo.c index bf5a44892c..d8b139830b 100644 --- a/lib/fake_addrinfo.c +++ b/lib/fake_addrinfo.c @@ -67,8 +67,8 @@ static struct addrinfo *mk_getaddrinfo(const struct ares_addrinfo *aihead) for(ai = aihead->nodes; ai != NULL; ai = ai->ai_next) { size_t ss_size; size_t namelen = name ? strlen(name) + 1 : 0; - /* ignore elements with unsupported address family, */ - /* settle family-specific sockaddr structure size. */ + /* ignore elements with unsupported address family, + settle family-specific sockaddr structure size. */ if(ai->ai_family == AF_INET) ss_size = sizeof(struct sockaddr_in); else if(ai->ai_family == AF_INET6) @@ -90,8 +90,8 @@ static struct addrinfo *mk_getaddrinfo(const struct ares_addrinfo *aihead) return NULL; } - /* copy each structure member individually, member ordering, */ - /* size, or padding might be different for each platform. */ + /* copy each structure member individually, member ordering, + size, or padding might be different for each platform. */ ca->ai_flags = ai->ai_flags; ca->ai_family = ai->ai_family; diff --git a/lib/ftp.c b/lib/ftp.c index fd10b07629..c234f35bac 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -637,7 +637,7 @@ static CURLcode getftpresponse(struct Curl_easy *data, * the OpenSSL read() does not grok that properly. * * Alas, read as much as possible, split up into lines, use the ending - * line in a response or continue reading. */ + * line in a response or continue reading. */ struct connectdata *conn = data->conn; curl_socket_t sockfd = conn->sock[FIRSTSOCKET]; @@ -1801,7 +1801,7 @@ static CURLcode ftp_state_retr(struct Curl_easy *data, } else { /* We got a file size report, so we check that there actually is a - part of the file left to get, or else we go home. */ + part of the file left to get, or else we go home. */ if(data->state.resume_from < 0) { /* We are supposed to download the last abs(from) bytes */ if(filesize < -data->state.resume_from) { diff --git a/lib/http.c b/lib/http.c index 183a39966e..50b128c531 100644 --- a/lib/http.c +++ b/lib/http.c @@ -684,11 +684,12 @@ static CURLcode output_auth_headers(struct Curl_easy *data, /* Basic */ if( #ifndef CURL_DISABLE_PROXY - (proxy && conn->bits.proxy_user_passwd && - !Curl_checkProxyheaders(data, conn, STRCONST("Proxy-authorization"))) || + (proxy && conn->bits.proxy_user_passwd && + !Curl_checkProxyheaders(data, conn, + STRCONST("Proxy-authorization"))) || #endif - (!proxy && data->state.aptr.user && - !Curl_checkheaders(data, STRCONST("Authorization")))) { + (!proxy && data->state.aptr.user && + !Curl_checkheaders(data, STRCONST("Authorization")))) { auth = "Basic"; result = http_output_basic(data, proxy); if(result) @@ -703,8 +704,8 @@ static CURLcode output_auth_headers(struct Curl_easy *data, #ifndef CURL_DISABLE_BEARER_AUTH if(authstatus->picked == CURLAUTH_BEARER) { /* Bearer */ - if((!proxy && data->set.str[STRING_BEARER] && - !Curl_checkheaders(data, STRCONST("Authorization")))) { + if(!proxy && data->set.str[STRING_BEARER] && + !Curl_checkheaders(data, STRCONST("Authorization"))) { auth = "Bearer"; result = http_output_bearer(data); if(result) @@ -2625,7 +2626,6 @@ static CURLcode http_range(struct Curl_easy *data, data->state.aptr.rangeline = curl_maprintf("Content-Range: bytes 0-%" FMT_OFF_T "/" "%" FMT_OFF_T "\r\n", req_clen - 1, req_clen); - } else if(data->state.resume_from) { /* This is because "resume" was selected */ @@ -3776,7 +3776,7 @@ static CURLcode http_statusline(struct Curl_easy *data, /* (quote from RFC2616, section 10.3.5): The 304 response * MUST NOT contain a message-body, and thus is always * terminated by the first empty line after the header - * fields. */ + * fields. */ if(data->set.timecondition) data->info.timecond = TRUE; FALLTHROUGH(); @@ -4345,7 +4345,7 @@ void Curl_http_to_fold(struct dynbuf *bf) len--; if(len && (hd[len - 1] == '\r')) len--; - while(len && (ISBLANK(hd[len - 1]))) /* strip off trailing whitespace */ + while(len && ISBLANK(hd[len - 1])) /* strip off trailing whitespace */ len--; curlx_dyn_setlen(bf, len); } diff --git a/lib/http2.c b/lib/http2.c index fa160c1cf6..27f60b7656 100644 --- a/lib/http2.c +++ b/lib/http2.c @@ -65,7 +65,7 @@ #define H2_NW_RECV_CHUNKS (H2_CONN_WINDOW_SIZE / H2_CHUNK_SIZE) /* on send into TLS, we just want to accumulate small frames */ #define H2_NW_SEND_CHUNKS 1 -/* this is how much we want "in flight" for a stream, unthrottled */ +/* this is how much we want "in flight" for a stream, unthrottled */ #define H2_STREAM_WINDOW_SIZE_MAX (10 * 1024 * 1024) /* this is how much we want "in flight" for a stream, initially, IFF * nghttp2 allows us to tweak the local window size. */ @@ -888,7 +888,6 @@ static void h2_xfer_write_resp_hd(struct Curl_cfilter *cf, struct h2_stream_ctx *stream, const char *buf, size_t blen, bool eos) { - /* If we already encountered an error, skip further writes */ if(!stream->xfer_result) { stream->xfer_result = Curl_xfer_write_resp_hd(data, buf, blen, eos); @@ -905,7 +904,6 @@ static void h2_xfer_write_resp(struct Curl_cfilter *cf, struct h2_stream_ctx *stream, const char *buf, size_t blen, bool eos) { - /* If we already encountered an error, skip further writes */ if(!stream->xfer_result) stream->xfer_result = Curl_xfer_write_resp(data, buf, blen, eos); diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c index 40edcf315c..492be1ab58 100644 --- a/lib/http_aws_sigv4.c +++ b/lib/http_aws_sigv4.c @@ -645,7 +645,6 @@ fail: static int compare_func(const void *a, const void *b) { - const struct pair *aa = a; const struct pair *bb = b; const size_t aa_key_len = curlx_dyn_len(&aa->key); diff --git a/lib/imap.c b/lib/imap.c index 06244b6dac..8aa0afb8d2 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -1176,7 +1176,7 @@ static CURLcode imap_state_login_resp(struct Curl_easy *data, return result; } -/* Detect IMAP listings vs. downloading a single email */ +/* Detect IMAP listings vs. downloading a single email */ static bool is_custom_fetch_listing_match(const char *params) { /* match " 1:* (FLAGS ..." or " 1,2,3 (FLAGS ..." */ @@ -2324,7 +2324,6 @@ static const struct Curl_protocol Curl_protocol_imap = { #endif /* CURL_DISABLE_IMAP */ - /* * IMAP protocol handler. */ diff --git a/lib/mprintf.c b/lib/mprintf.c index 6d267e18cd..d874efe81a 100644 --- a/lib/mprintf.c +++ b/lib/mprintf.c @@ -32,10 +32,10 @@ #define MAX_PARAMETERS 128 /* number of input arguments */ #define MAX_SEGMENTS 128 /* number of output segments */ -/* Lower-case digits. */ +/* Lower-case digits. */ const unsigned char Curl_ldigits[] = "0123456789abcdef"; -/* Upper-case digits. */ +/* Upper-case digits. */ const unsigned char Curl_udigits[] = "0123456789ABCDEF"; #define OUTCHAR(x) \ @@ -131,9 +131,9 @@ struct asprintf { }; /* the provided input number is 1-based but this returns the number 0-based. - - returns -1 if no valid number was provided. -*/ + * + * returns -1 if no valid number was provided. + */ static int dollarstring(const char *p, const char **end) { curl_off_t num; @@ -596,8 +596,8 @@ static int parsefmt(const char *format, } struct mproperty { - int width; /* Width of a field. */ - int prec; /* Precision of a field. */ + int width; /* Width of a field. */ + int prec; /* Precision of a field. */ unsigned int flags; }; @@ -722,7 +722,7 @@ static bool out_number(void *userp, char *w; if(flags & FLAGS_CHAR) { - /* Character. */ + /* Character. */ if(!(flags & FLAGS_LEFT)) while(--width > 0) OUTCHAR(' '); @@ -746,11 +746,11 @@ static bool out_number(void *userp, ; else { - /* Decimal integer. */ + /* Decimal integer. */ is_neg = (nums < 0); if(is_neg) { /* signed_num might fail to hold absolute negative minimum by 1 */ - int64_t signed_num; /* Used to convert negative in positive. */ + int64_t signed_num; /* Used to convert negative in positive. */ signed_num = nums + (int64_t)1; signed_num = -signed_num; num = (uint64_t)signed_num; @@ -758,11 +758,11 @@ static bool out_number(void *userp, } } - /* Supply a default precision if none was given. */ + /* Supply a default precision if none was given. */ if(prec == -1) prec = 1; - /* Put the number in WORK. */ + /* Put the number in WORK. */ w = workend; DEBUGASSERT(base <= 16); switch(base) { @@ -822,7 +822,7 @@ static bool out_number(void *userp, while(width-- > 0) OUTCHAR('0'); - /* Write the number. */ + /* Write the number. */ while(++w <= workend) { OUTCHAR(*w); } @@ -848,7 +848,7 @@ static bool out_string(void *userp, size_t len; if(!str) { - /* Write null string if there is space. */ + /* Write null string if there is space. */ if(prec == -1 || prec >= (int)sizeof(nilstr) - 1) { str = nilstr; len = sizeof(nilstr) - 1; @@ -895,17 +895,17 @@ static bool out_pointer(void *userp, char *work, int *donep) { - /* Generic pointer. */ + /* Generic pointer. */ if(ptr) { size_t num = (size_t)ptr; - /* If the pointer is not NULL, write it as a %#x spec. */ + /* If the pointer is not NULL, write it as a %#x spec. */ p->flags |= FLAGS_HEX | FLAGS_ALT; if(out_number(userp, stream, p, num, 0, work, donep)) return TRUE; } else { - /* Write "(nil)" for a nil pointer. */ + /* Write "(nil)" for a nil pointer. */ const char *point; int width = p->width; int flags = p->flags; @@ -946,7 +946,7 @@ static int formatf(void *userp, /* untouched by format(), just sent to the const char *format, /* %-formatted string */ va_list ap_save) /* list of parameters */ { - int done = 0; /* number of characters written */ + int done = 0; /* number of characters written */ int i; int ocount = 0; /* number of output segments */ int icount = 0; /* number of input arguments */ @@ -1042,7 +1042,7 @@ static int formatf(void *userp, /* untouched by format(), just sent to the break; case MTYPE_INTPTR: - /* Answer the count of characters written. */ + /* Answer the count of characters written. */ if(p.flags & FLAGS_LONGLONG) *(int64_t *)iptr->val.ptr = (int64_t)done; else diff --git a/lib/mqtt.c b/lib/mqtt.c index 446918cc44..ef373c0638 100644 --- a/lib/mqtt.c +++ b/lib/mqtt.c @@ -962,7 +962,6 @@ static CURLcode mqtts_connecting(struct Curl_easy *data, bool *done) /* * MQTTS protocol. */ - static const struct Curl_protocol Curl_protocol_mqtts = { mqtt_setup_conn, /* setup_connection */ mqtt_do, /* do_it */ @@ -988,7 +987,6 @@ static const struct Curl_protocol Curl_protocol_mqtts = { /* * MQTT protocol. */ - static const struct Curl_protocol Curl_protocol_mqtt = { mqtt_setup_conn, /* setup_connection */ mqtt_do, /* do_it */ @@ -1011,7 +1009,6 @@ static const struct Curl_protocol Curl_protocol_mqtt = { #endif /* CURL_DISABLE_MQTT */ - const struct Curl_scheme Curl_scheme_mqtts = { "mqtts", /* scheme */ #if defined(CURL_DISABLE_MQTT) || !defined(USE_SSL) @@ -1028,7 +1025,6 @@ const struct Curl_scheme Curl_scheme_mqtts = { /* * MQTT protocol. */ - const struct Curl_scheme Curl_scheme_mqtt = { "mqtt", /* scheme */ #ifdef CURL_DISABLE_MQTT diff --git a/lib/netrc.c b/lib/netrc.c index 031660c531..1073cc5365 100644 --- a/lib/netrc.c +++ b/lib/netrc.c @@ -151,7 +151,7 @@ static NETRCcode parsenetrc(struct store_netrc *store, } if(!*tok || (*tok == '\n')) - /* end of line */ + /* end of line */ break; /* leading double-quote means quoted string */ diff --git a/lib/openldap.c b/lib/openldap.c index 83ae013593..8dd984132c 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -114,7 +114,6 @@ struct ldapreqinfo { /* meta key for storing ldapconninfo at connection */ #define CURL_META_LDAP_CONN "meta:proto:ldap:conn" - /* * oldap_state() * diff --git a/lib/select.h b/lib/select.h index 4069f78b52..ffcd44cfcf 100644 --- a/lib/select.h +++ b/lib/select.h @@ -169,14 +169,11 @@ CURLcode Curl_pollset_set(struct Curl_easy *data, #define Curl_pollset_remove_out(data, ps, sock) \ Curl_pollset_change(data, ps, sock, 0, CURL_POLL_OUT) #define Curl_pollset_add_inout(data, ps, sock) \ - Curl_pollset_change(data, ps, sock, \ - CURL_POLL_IN | CURL_POLL_OUT, 0) + Curl_pollset_change(data, ps, sock, CURL_POLL_IN | CURL_POLL_OUT, 0) #define Curl_pollset_set_in_only(data, ps, sock) \ - Curl_pollset_change(data, ps, sock, \ - CURL_POLL_IN, CURL_POLL_OUT) + Curl_pollset_change(data, ps, sock, CURL_POLL_IN, CURL_POLL_OUT) #define Curl_pollset_set_out_only(data, ps, sock) \ - Curl_pollset_change(data, ps, sock, \ - CURL_POLL_OUT, CURL_POLL_IN) + Curl_pollset_change(data, ps, sock, CURL_POLL_OUT, CURL_POLL_IN) /* return < = on error, 0 on timeout or how many sockets are ready */ int Curl_pollset_poll(struct Curl_easy *data, diff --git a/lib/sendf.h b/lib/sendf.h index 952ed4c123..75c6e248ea 100644 --- a/lib/sendf.h +++ b/lib/sendf.h @@ -55,7 +55,7 @@ struct Curl_cwriter; struct Curl_easy; /** - * Write `len` bytes at `prt` to the client. `type` indicates what + * Write `len` bytes at `buf` to the client. `type` indicates what * kind of data is being written. */ CURLcode Curl_client_write(struct Curl_easy *data, int type, const char *buf, diff --git a/lib/setup-vms.h b/lib/setup-vms.h index dd460223b9..331d5edcae 100644 --- a/lib/setup-vms.h +++ b/lib/setup-vms.h @@ -24,11 +24,10 @@ * ***************************************************************************/ -/* */ -/* JEM, 12/30/12, VMS now generates config.h, so only define wrappers for */ -/* getenv(), getpwuid() and provide is_vms_shell() */ -/* Also need upper case symbols for system services, and */ -/* OpenSSL, and some Kerberos image */ +/* JEM, 2012-12-30, VMS now generates config.h, so only define wrappers for */ +/* getenv(), getpwuid() and provide is_vms_shell() */ +/* Also need upper case symbols for system services, and */ +/* OpenSSL, and some Kerberos image */ #ifdef __DECC #pragma message save diff --git a/lib/sha256.c b/lib/sha256.c index e35aa30649..b438b2cc01 100644 --- a/lib/sha256.c +++ b/lib/sha256.c @@ -232,8 +232,8 @@ static void my_sha256_final(unsigned char *digest, void *in) (a)[3] = (unsigned char) (((unsigned long)(val)) & 0xff); \ } while(0) -#define WPA_PUT_BE64(a, val) \ - do { \ +#define WPA_PUT_BE64(a, val) \ + do { \ (a)[0] = (unsigned char)(((uint64_t)(val)) >> 56); \ (a)[1] = (unsigned char)(((uint64_t)(val)) >> 48); \ (a)[2] = (unsigned char)(((uint64_t)(val)) >> 40); \ diff --git a/lib/smb.c b/lib/smb.c index 8e76edc83d..41ba48fe89 100644 --- a/lib/smb.c +++ b/lib/smb.c @@ -1249,7 +1249,7 @@ const struct Curl_scheme Curl_scheme_smb = { */ const struct Curl_scheme Curl_scheme_smbs = { "smbs", /* scheme */ -#if defined(CURL_DISABLE_SMB) || !defined(USE_CURL_NTLM_CORE) || \ +#if defined(CURL_DISABLE_SMB) || !defined(USE_CURL_NTLM_CORE) || \ !defined(USE_SSL) ZERO_NULL, #else diff --git a/lib/smtp.c b/lib/smtp.c index 93f1211ab0..7b0d242afb 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -1061,9 +1061,9 @@ static CURLcode smtp_perform_mail(struct Curl_easy *data, "MAIL FROM:%s%s%s%s%s%s", from, /* Mandatory */ auth ? " AUTH=" : "", /* Optional on AUTH support */ - auth ? auth : "", /* */ + auth ? auth : "", size ? " SIZE=" : "", /* Optional on SIZE support */ - size ? size : "", /* */ + size ? size : "", utf8 ? " SMTPUTF8" /* Internationalised mailbox */ : ""); /* included in our envelope */ diff --git a/lib/socks.c b/lib/socks.c index 569d10945c..912e8c52f5 100644 --- a/lib/socks.c +++ b/lib/socks.c @@ -1339,7 +1339,6 @@ static CURLcode socks_cf_adjust_pollset(struct Curl_cfilter *cf, static void socks_proxy_cf_close(struct Curl_cfilter *cf, struct Curl_easy *data) { - DEBUGASSERT(cf->next); cf->connected = FALSE; socks_proxy_cf_free(cf); diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 84a974db6a..cc0e043887 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -281,7 +281,7 @@ static CURLcode socks5_sspi_encrypt(struct Curl_cfilter *cf, infof(data, "SOCKS5 server supports GSS-API %s data protection.", (gss_enc == 0) ? "no" : - ((gss_enc == 1) ? "integrity" : "confidentiality") ); + ((gss_enc == 1) ? "integrity" : "confidentiality")); sspi_w_token[0].pvBuffer = sspi_w_token[1].pvBuffer = diff --git a/lib/system_win32.c b/lib/system_win32.c index 2f24fe5c0c..c951da9d99 100644 --- a/lib/system_win32.c +++ b/lib/system_win32.c @@ -45,7 +45,7 @@ CURLcode Curl_win32_init(long flags) if(res) /* Tell the user that we could not find a usable */ - /* winsock.dll. */ + /* winsock.dll. */ return CURLE_FAILED_INIT; /* Confirm that the Windows Sockets DLL supports what we need.*/ diff --git a/lib/url.c b/lib/url.c index 7e7408a5d7..0e594681ea 100644 --- a/lib/url.c +++ b/lib/url.c @@ -1844,7 +1844,7 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, #ifdef USE_IPV6 if(data->set.scope_id) - /* Override any scope that was set above. */ + /* Override any scope that was set above. */ conn->scope_id = data->set.scope_id; #endif @@ -2538,7 +2538,6 @@ error: static CURLcode parse_remote_port(struct Curl_easy *data, struct connectdata *conn) { - if(data->set.use_port && data->state.allow_port) { /* if set, we use this instead of the port possibly given in the URL */ char portbuf[16]; diff --git a/lib/urldata.h b/lib/urldata.h index 2ca2233c56..b437771517 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -217,7 +217,7 @@ typedef CURLcode (Curl_recv)(struct Curl_easy *data, /* transfer */ * us early warning on things only discovered by valgrind otherwise. */ #define GOOD_EASY_HANDLE(x) \ (((x) && ((x)->magic == CURLEASY_MAGIC_NUMBER)) ? TRUE : \ - (DEBUGASSERT(!(x)), FALSE)) + (DEBUGASSERT(!(x)), FALSE)) #else #define GOOD_EASY_HANDLE(x) \ ((x) && ((x)->magic == CURLEASY_MAGIC_NUMBER)) @@ -1303,7 +1303,7 @@ struct UserDefined { curl_write_callback fwrite_header; /* function that stores headers */ curl_write_callback fwrite_rtp; /* function that stores interleaved RTP */ curl_read_callback fread_func_set; /* function that reads the input */ - curl_progress_callback fprogress; /* OLD and deprecated progress callback */ + curl_progress_callback fprogress; /* OLD and deprecated progress callback */ curl_xferinfo_callback fxferinfo; /* progress callback */ curl_debug_callback fdebug; /* function that write informational data */ curl_ioctl_callback ioctl_func; /* function for I/O control */ @@ -1373,7 +1373,7 @@ struct UserDefined { curl_off_t max_filesize; /* Maximum file size to download */ #ifndef CURL_DISABLE_FTP timediff_t accepttimeout; /* in milliseconds, 0 means no timeout */ - uint8_t ftp_filemethod; /* how to get to a file: curl_ftpfile */ + uint8_t ftp_filemethod; /* how to get to a file: curl_ftpfile */ uint8_t ftpsslauth; /* what AUTH XXX to try: curl_ftpauth */ uint8_t ftp_ccc; /* FTP CCC options: curl_ftpccc */ #endif @@ -1443,7 +1443,7 @@ struct UserDefined { #endif uint32_t maxconnects; /* Max idle connections in the connection cache */ #ifdef USE_ECH - int tls_ech; /* TLS ECH configuration */ + int tls_ech; /* TLS ECH configuration */ #endif short maxredirs; /* maximum no. of http(s) redirects to follow, set to -1 for infinity */ @@ -1460,7 +1460,7 @@ struct UserDefined { uint16_t tftp_blksize; /* in bytes, 0 means use default */ #endif #ifndef CURL_DISABLE_NETRC - uint8_t use_netrc; /* enum CURL_NETRC_OPTION values */ + uint8_t use_netrc; /* enum CURL_NETRC_OPTION values */ #endif #if !defined(CURL_DISABLE_FTP) || defined(USE_SSH) /* Despite the name, ftp_create_missing_dirs is for FTP(S) and SFTP @@ -1543,7 +1543,7 @@ struct UserDefined { BIT(opt_no_body); /* as set with CURLOPT_NOBODY */ BIT(verbose); /* output verbosity */ BIT(reuse_forbid); /* forbidden to be reused, close after use */ - BIT(reuse_fresh); /* do not reuse an existing connection */ + BIT(reuse_fresh); /* do not reuse an existing connection */ BIT(no_signal); /* do not use any signal/alarm handler */ BIT(tcp_nodelay); /* whether to enable TCP_NODELAY or not */ BIT(ignorecl); /* ignore content length */ diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index ad08f34a8f..53617773b5 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1227,7 +1227,7 @@ static int myssh_in_SFTP_CLOSE(struct Curl_easy *data, /* Check if nextstate is set and move .nextstate could be POSTQUOTE_INIT After nextstate is executed, the control should come back to - SSH_SFTP_CLOSE to pass the correct result back */ + SSH_SFTP_CLOSE to pass the correct result back */ if(sshc->nextstate != SSH_NO_STATE && sshc->nextstate != SSH_SFTP_CLOSE) { myssh_to(data, sshc, sshc->nextstate); diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index 61086d6f68..db52d1e703 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -2297,7 +2297,7 @@ static CURLcode ssh_state_sftp_close(struct Curl_easy *data, /* Check if nextstate is set and move .nextstate could be POSTQUOTE_INIT After nextstate is executed, the control should come back to - SSH_SFTP_CLOSE to pass the correct result back */ + SSH_SFTP_CLOSE to pass the correct result back */ if(sshc->nextstate != SSH_NO_STATE && sshc->nextstate != SSH_SFTP_CLOSE) { myssh_to(data, sshc, sshc->nextstate); diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 014aadd17d..b5263d398b 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -5384,7 +5384,7 @@ static CURLcode ossl_random(struct Curl_easy *data, if(!rand_enough()) return CURLE_FAILED_INIT; } - /* RAND_bytes() returns 1 on success, 0 otherwise. */ + /* RAND_bytes() returns 1 on success, 0 otherwise. */ rc = RAND_bytes(entropy, (ossl_valsize_t)curlx_uztosi(length)); return rc == 1 ? CURLE_OK : CURLE_FAILED_INIT; } diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 5f0bdcc8ac..f9b475b122 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -416,7 +416,7 @@ static CURLcode get_client_cert(struct Curl_easy *data, } if(fInCert || blob) { - /* Reading a .P12 or .pfx file, like the example at bottom of + /* Reading a .p12 or .pfx file, like the example at bottom of https://learn.microsoft.com/archive/msdn-technet-forums/3e7bc95f-b21a-4bcd-bd2c-7f996718cae5 */ CRYPT_DATA_BLOB datablob; @@ -2030,8 +2030,8 @@ static CURLcode schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data, timediff_t timeout_ms = Curl_timeleft_ms(data); if(timeout_ms < 0) { /* we already got the timeout */ - failf(data, "schannel: timed out sending data " - "(bytes sent: %zu)", *pnwritten); + failf(data, "schannel: timed out sending data (bytes sent: %zu)", + *pnwritten); result = CURLE_OPERATION_TIMEDOUT; break; } @@ -2045,8 +2045,8 @@ static CURLcode schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data, break; } else if(what == 0) { - failf(data, "schannel: timed out sending data " - "(bytes sent: %zu)", *pnwritten); + failf(data, "schannel: timed out sending data (bytes sent: %zu)", + *pnwritten); result = CURLE_OPERATION_TIMEDOUT; break; } diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c index 8533e9ccc1..414b2e915a 100644 --- a/lib/vtls/schannel_verify.c +++ b/lib/vtls/schannel_verify.c @@ -38,20 +38,20 @@ #include "vtls/schannel.h" #include "vtls/schannel_int.h" -#include "curlx/fopen.h" -#include "curlx/inet_pton.h" +#include "vtls/hostcheck.h" #include "vtls/vtls.h" #include "vtls/vtls_int.h" #include "curl_trc.h" #include "strerror.h" -#include "curlx/winapi.h" +#include "curlx/fopen.h" +#include "curlx/inet_pton.h" #include "curlx/multibyte.h" -#include "vtls/hostcheck.h" #include "curlx/version_win32.h" +#include "curlx/winapi.h" #define BACKEND ((struct schannel_ssl_backend_data *)connssl->backend) -#define MAX_CAFILE_SIZE 1048576 /* 1 MiB */ +#define MAX_CAFILE_SIZE (1024 * 1024) /* 1 MiB */ #define BEGIN_CERT "-----BEGIN CERTIFICATE-----" #define END_CERT "\n-----END CERTIFICATE-----" @@ -438,10 +438,8 @@ static DWORD cert_get_name_string(struct Curl_easy *data, static bool get_num_host_info(struct num_ip_data *ip_blob, LPCSTR hostname) { - struct in_addr ia; - struct in6_addr ia6; bool result = FALSE; - + struct in_addr ia; int res = curlx_inet_pton(AF_INET, hostname, &ia); if(res) { ip_blob->size = sizeof(struct in_addr); @@ -449,6 +447,7 @@ static bool get_num_host_info(struct num_ip_data *ip_blob, LPCSTR hostname) result = TRUE; } else { + struct in6_addr ia6; res = curlx_inet_pton(AF_INET6, hostname, &ia6); if(res) { ip_blob->size = sizeof(struct in6_addr); diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index 0850f5306d..83e2a7ca54 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -97,7 +97,7 @@ struct ssl_peer { CURLsslset Curl_init_sslset_nolock(curl_sslbackend id, const char *name, const curl_ssl_backend ***avail); -#define MAX_PINNED_PUBKEY_SIZE 1048576 /* 1 MiB */ +#define MAX_PINNED_PUBKEY_SIZE (1024 * 1024) /* 1 MiB */ curl_sslbackend Curl_ssl_backend(void); diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 377175d56d..89310adfae 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -1424,7 +1424,6 @@ CURLcode Curl_wssl_ctx_init(struct wssl_ctx *wctx, result = CURLE_SSL_CONNECT_ERROR; goto out; } - } #endif /* HAVE_WOLFSSL_CTX_GENERATEECHCONFIG */ diff --git a/projects/vms/curlmsg_vms.h b/projects/vms/curlmsg_vms.h index 29a38db493..83af6400f0 100644 --- a/projects/vms/curlmsg_vms.h +++ b/projects/vms/curlmsg_vms.h @@ -37,20 +37,6 @@ #include "curlmsg.h" -/* -#define FAC_CURL 0xC01 -#define FAC_SYSTEM 0 -#define MSG_NORMAL 0 -*/ - -/* -#define SEV_WARNING 0 -#define SEV_SUCCESS 1 -#define SEV_ERROR 2 -#define SEV_INFO 3 -#define SEV_FATAL 4 -*/ - static const long vms_cond[] = { CURL_OK, diff --git a/scripts/checksrc.pl b/scripts/checksrc.pl index 14d94d09bb..2ae5232f4b 100755 --- a/scripts/checksrc.pl +++ b/scripts/checksrc.pl @@ -1230,7 +1230,6 @@ sub scanfile { checksrc_endoffile($file); close($R); - } if($errors || $warnings || $verbose) { diff --git a/scripts/managen b/scripts/managen index 13a2302865..d70df2fbfd 100755 --- a/scripts/managen +++ b/scripts/managen @@ -529,7 +529,6 @@ sub render { my $qstr = $quote ? "q" : ""; push @desc, "[".(1 + $level)."$qstr]$d" if(!$manpage); $header = 0; - } if($finalblank) { print STDERR "$f:$line:1:ERROR: trailing blank line\n"; diff --git a/scripts/spacecheck.pl b/scripts/spacecheck.pl index 2fb2c9793f..ff8d866198 100755 --- a/scripts/spacecheck.pl +++ b/scripts/spacecheck.pl @@ -180,6 +180,26 @@ while(my $filename = <$git_ls_files>) { $linepos += $line; } + $search = $content; + $linepos = 0; + while($search =~ /\n\n *}\n/) { + my $part = substr($search, 0, $+[0] - 1); + $search = substr($search, $+[0]); + my $line = ($part =~ tr/\n//); + push @err, sprintf("line %d: '}' preceded by empty line", $linepos + $line); + $linepos += $line + 1; + } + + $search = $content; + $linepos = 0; + while($search =~ /\n\{\n\n/) { + my $part = substr($search, 0, $+[0]); + $search = substr($search, $+[0]); + my $line = ($part =~ tr/\n//); + push @err, sprintf("line %d: top-level '{' followed by empty line", $linepos + $line); + $linepos += $line; + } + if($content =~ /([\x00-\x08\x0b\x0c\x0e-\x1f\x7f])/) { push @err, "content: has binary contents"; } diff --git a/scripts/top-complexity b/scripts/top-complexity index 26fa20ee87..69a9256bb8 100755 --- a/scripts/top-complexity +++ b/scripts/top-complexity @@ -111,7 +111,6 @@ for my $l (@output) { $alllines += $len; $allscore += ($len * $score); } - } my $showncutoff; diff --git a/src/tool_doswin.c b/src/tool_doswin.c index 45886952d6..2f7630059c 100644 --- a/src/tool_doswin.c +++ b/src/tool_doswin.c @@ -185,12 +185,12 @@ static SANITIZEcode msdosify(char ** const sanitized, const char *file_name, and a filename cannot have more than a single dot. We leave the first non-leading dot alone, unless it comes too close to the beginning of the name: we want sh.lex.c to become sh_lex.c, not - sh.lex-c. */ + sh.lex-c. */ else if(*s == '.') { if((flags & SANITIZE_ALLOW_PATH) && idx == 0 && (s[1] == '/' || s[1] == '\\' || (s[1] == '.' && (s[2] == '/' || s[2] == '\\')))) { - /* Copy "./" and "../" verbatim. */ + /* Copy "./" and "../" verbatim. */ *d++ = *s++; if(d == dlimit) break; @@ -225,7 +225,7 @@ static SANITIZEcode msdosify(char ** const sanitized, const char *file_name, *d = 'x'; } else { - /* libg++ etc. */ + /* libg++ etc. */ if(dlimit - d < 4) { *d++ = 'x'; if(d == dlimit) @@ -326,7 +326,7 @@ static SANITIZEcode rename_if_reserved_dos(char ** const sanitized, Examples: CON => _CON, CON.EXT => CON_EXT, CON:ADS => CON_ADS https://web.archive.org/web/20160314141551/support.microsoft.com/en-us/kb/74496 https://learn.microsoft.com/windows/win32/fileio/naming-a-file - */ + */ for(p = buffer; p; p = (p == buffer && buffer != base ? base : NULL)) { size_t p_len; int x = (curl_strnequal(p, "CON", 3) || diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 511a48bf03..e30a4ad815 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -456,7 +456,7 @@ UNITTEST ParameterError parse_cert_parameter(const char *cert_parameter, #ifdef _WIN32 if((param_place == &cert_parameter[1]) && (cert_parameter[2] == '\\' || cert_parameter[2] == '/') && - (ISALPHA(cert_parameter[0]))) { + ISALPHA(cert_parameter[0])) { /* colon in the second column, followed by a backslash, and the first character is an alphabetic letter: @@ -559,7 +559,7 @@ static const struct sizeunit *getunit(char unit) We support P, T, G, M and K (case insensitive) suffixes. Unit test 1623 - */ + */ UNITTEST ParameterError GetSizeParameter(const char *arg, curl_off_t *out) { const char *unit = arg; @@ -1016,7 +1016,7 @@ static ParameterError set_rate(const char *nextarg) /m == per minute /h == per hour (default) /d == per day (24 hours) - */ + */ ParameterError err = PARAM_OK; const char *p = nextarg; curl_off_t denominator; @@ -1256,7 +1256,7 @@ static ParameterError parse_ech(struct OperationConfig *config, warnf("Could not read file \"%s\" " "specified for \"--ech ecl:\" option", nextarg); - return PARAM_BAD_USE; /* */ + return PARAM_BAD_USE; } err = file2string(&tmpcfg, file); if(file != stdin) @@ -2791,7 +2791,7 @@ static ParameterError opt_string(struct OperationConfig *config, /* use or <192.168.10.10> style addresses. Anything except this will make us try to get the "default" address. NOTE: this is a changed behavior since the released 4.1! - */ + */ err = getstr(&config->ftpport, nextarg, DENY_BLANK); break; case C_FTP_SSL_CCC_MODE: /* --ftp-ssl-ccc-mode */ @@ -2809,11 +2809,11 @@ static ParameterError opt_string(struct OperationConfig *config, err = add2list(&config->telnet_options, nextarg); break; case C_USER: /* --user */ - /* user:password */ + /* user:password */ err = getstr(&config->userpwd, nextarg, ALLOW_BLANK); break; case C_PROXY_USER: /* --proxy-user */ - /* Proxy user:password */ + /* Proxy user:password */ err = getstr(&config->proxyuserpwd, nextarg, ALLOW_BLANK); break; case C_WRITE_OUT: /* --write-out */ diff --git a/src/tool_parsecfg.c b/src/tool_parsecfg.c index d5421136c4..f5910f404e 100644 --- a/src/tool_parsecfg.c +++ b/src/tool_parsecfg.c @@ -209,7 +209,8 @@ ParameterError parseconfig(const char *filename, int max_recursive, } #ifdef DEBUG_CONFIG - curl_mfprintf(tool_stderr, "PARAM: \"%s\"\n",(param ? param : "(null)")); + curl_mfprintf(tool_stderr, "PARAM: \"%s\"\n", + (param ? param : "(null)")); #endif res = getparameter(option, param, &usedarg, config, max_recursive); config = global->last; diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c index f9389b48e5..cbd97c4e23 100644 --- a/src/tool_urlglob.c +++ b/src/tool_urlglob.c @@ -93,7 +93,7 @@ static CURLcode glob_set(struct URLGlob *glob, const char **patternp, { /* processes a set expression with the point behind the opening '{' ','-separated elements are collected until the next closing '}' - */ + */ struct URLPattern *pat; bool done = FALSE; const char *pattern = *patternp; @@ -217,7 +217,7 @@ static CURLcode glob_range(struct URLGlob *glob, const char **patternp, - num range: e.g. "0-9]", "17-2000]" - num range with leading zeros: e.g. "001-999]" expression is checked for well-formedness and collected until the next ']' - */ + */ struct URLPattern *pat; const char *pattern = *patternp; const char *c; @@ -460,7 +460,7 @@ static CURLcode glob_parse(struct URLGlob *glob, const char *pattern, curlx_dyn_reset(&glob->buf); } else { - if(!*pattern) /* done */ + if(!*pattern) /* done */ break; else if(*pattern == '{') { /* process set pattern */ diff --git a/src/tool_vms.c b/src/tool_vms.c index 71606f3d66..74eb210ab5 100644 --- a/src/tool_vms.c +++ b/src/tool_vms.c @@ -97,7 +97,7 @@ void vms_special_exit(int code, int vms_show) #endif if(code > CURL_LAST) { /* If CURL_LAST exceeded then */ - vms_code = CURL_LAST; /* curlmsg.h is out of sync. */ + vms_code = CURL_LAST; /* curlmsg.h is out of sync. */ } else { vms_code = vms_cond[code] | vms_show; diff --git a/tests/libtest/lib2405.c b/tests/libtest/lib2405.c index f0a3b9aded..f19a7ee4e1 100644 --- a/tests/libtest/lib2405.c +++ b/tests/libtest/lib2405.c @@ -322,7 +322,7 @@ static CURLcode empty_multi_test(void) multi_init(multi); - /* calling curl_multi_waitfds() on an empty multi handle. */ + /* calling curl_multi_waitfds() on an empty multi handle. */ mresult = curl_multi_waitfds(multi, ufds, 10, &fd_count); if(mresult != CURLM_OK) { diff --git a/tests/libtest/mk-lib1521.pl b/tests/libtest/mk-lib1521.pl index 72bfce4294..b8ff7ef06c 100755 --- a/tests/libtest/mk-lib1521.pl +++ b/tests/libtest/mk-lib1521.pl @@ -330,15 +330,15 @@ static bool bad_long(CURLcode res, int check) static bool bad_neg(int check) { switch(check) { - case CURLOPT_DNS_CACHE_TIMEOUT: - case CURLOPT_INFILESIZE: - case CURLOPT_INFILESIZE_LARGE: - case CURLOPT_MAXREDIRS: - case CURLOPT_POSTFIELDSIZE: - case CURLOPT_POSTFIELDSIZE_LARGE: - case CURLOPT_RESUME_FROM: - case CURLOPT_RESUME_FROM_LARGE: - return TRUE; + case CURLOPT_DNS_CACHE_TIMEOUT: + case CURLOPT_INFILESIZE: + case CURLOPT_INFILESIZE_LARGE: + case CURLOPT_MAXREDIRS: + case CURLOPT_POSTFIELDSIZE: + case CURLOPT_POSTFIELDSIZE_LARGE: + case CURLOPT_RESUME_FROM: + case CURLOPT_RESUME_FROM_LARGE: + return TRUE; } return FALSE; } diff --git a/tests/libtest/test613.pl b/tests/libtest/test613.pl index 3cccb6ed7f..813052cb70 100755 --- a/tests/libtest/test613.pl +++ b/tests/libtest/test613.pl @@ -146,7 +146,7 @@ elsif($ARGV[0] eq "postprocess") { } close(IN); - @canondir = sort {substr($a,57) cmp substr($b,57)} @canondir; + @canondir = sort {substr($a, 57) cmp substr($b, 57)} @canondir; my $newfile = $logfile . ".new"; open(OUT, ">$newfile") || die "$!"; print OUT join('', @canondir); diff --git a/tests/memanalyzer.pm b/tests/memanalyzer.pm index d33f56419a..e9a847c8cf 100644 --- a/tests/memanalyzer.pm +++ b/tests/memanalyzer.pm @@ -154,7 +154,6 @@ sub memanalyze { $sizeataddr{$addr}=-1; # set -1 to mark as freed $getmem{$addr}="$source:$linenum"; - } } elsif($function =~ /malloc\((\d*)\) = 0x([0-9a-f]*)/) { @@ -380,7 +379,6 @@ sub memanalyze { push @res, "FREEADDRINFO ($source:$linenum)\n"; } } - } else { push @res, "Not recognized prefix line: $line\n"; diff --git a/tests/runtests.pl b/tests/runtests.pl index e8612d2756..28eb0bd799 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -1447,7 +1447,6 @@ sub singletest_check { } $ok .= "p"; - } else { $ok .= "-"; # protocol not checked @@ -1609,7 +1608,6 @@ sub singletest_check { } $ok .= "P"; - } else { $ok .= "-"; # proxy not checked diff --git a/tests/server/socksd.c b/tests/server/socksd.c index f9bff8d5f3..8a4840ce69 100644 --- a/tests/server/socksd.c +++ b/tests/server/socksd.c @@ -519,7 +519,6 @@ static curl_socket_t sockit(curl_socket_t fd) rep = s_config.connectrep; } - /* */ response[SOCKS5_VERSION] = s_config.responseversion; /* diff --git a/tests/servers.pm b/tests/servers.pm index 0cc13874cc..f45afe9f30 100644 --- a/tests/servers.pm +++ b/tests/servers.pm @@ -311,7 +311,7 @@ sub serverfortest { push @lprotocols, "dns"; if(! grep /^\Q$server\E$/, @lprotocols) { - if(substr($server,0,5) ne "socks") { + if(substr($server, 0, 5) ne "socks") { if($tlsext) { return ("curl lacks $tlsext support", 4); } diff --git a/tests/test1139.pl b/tests/test1139.pl index 8b0cda8820..c1e4651420 100755 --- a/tests/test1139.pl +++ b/tests/test1139.pl @@ -279,7 +279,6 @@ while(<$r>) { push @toolhelp, $combo; $opts{$combo} |= 4; } - } } close($r); diff --git a/tests/unit/unit1664.c b/tests/unit/unit1664.c index b434462feb..4a94b6975e 100644 --- a/tests/unit/unit1664.c +++ b/tests/unit/unit1664.c @@ -315,7 +315,7 @@ static CURLcode test_unit1664(const char *arg) /* CURL_OFF_T is typically 9223372036854775807 */ static const char *nums[] = { "9223372036854775807", /* 2^63 -1 */ - "9223372036854775808", /* 2^63 */ + "9223372036854775808", /* 2^63 */ "18446744073709551615", /* 2^64 - 1 */ "18446744073709551616", /* 2^64 */ "18446744073709551617", /* 2^64 + 1 */ @@ -429,7 +429,7 @@ static CURLcode test_unit1664(const char *arg) /* CURL_OFF_T is typically 2^63-1 */ static const char *nums[] = { "777777777777777777777", /* 2^63 -1 */ - "1000000000000000000000", /* 2^63 */ + "1000000000000000000000", /* 2^63 */ "111111111111111111111", "222222222222222222222", "333333333333333333333", @@ -453,7 +453,7 @@ static CURLcode test_unit1664(const char *arg) /* CURL_OFF_T is typically 2^63-1 */ static const char *nums[] = { "7FFFFFFFFFFFFFFF", /* 2^63 -1 */ - "8000000000000000", /* 2^63 */ + "8000000000000000", /* 2^63 */ "1111111111111111", "2222222222222222", "3333333333333333", diff --git a/tests/unit/unit2600.c b/tests/unit/unit2600.c index a0e6eadf10..97d4caed96 100644 --- a/tests/unit/unit2600.c +++ b/tests/unit/unit2600.c @@ -360,17 +360,17 @@ static CURLcode test_unit2600(const char *arg) /* CNCT HE v4 v6 v4 v6 MIN MAX */ { 1, TURL, "test.com:123:192.0.2.1", CURL_IPRESOLVE_WHATEVER, CNCT_TMOT, 150, 250, 250, 1, 0, 200, TC_TMOT, R_FAIL, NULL }, - /* 1 ipv4, fails after ~200ms, reports COULDNT_CONNECT */ + /* 1 ipv4, fails after ~200ms, reports COULDNT_CONNECT */ { 2, TURL, "test.com:123:192.0.2.1,192.0.2.2", CURL_IPRESOLVE_WHATEVER, CNCT_TMOT, 150, 250, 250, 2, 0, 400, TC_TMOT, R_FAIL, NULL }, - /* 2 ipv4, fails after ~400ms, reports COULDNT_CONNECT */ + /* 2 ipv4, fails after ~400ms, reports COULDNT_CONNECT */ #ifdef USE_IPV6 { 3, TURL, "test.com:123:::1", CURL_IPRESOLVE_WHATEVER, CNCT_TMOT, 150, 250, 250, 0, 1, 200, TC_TMOT, R_FAIL, NULL }, - /* 1 ipv6, fails after ~200ms, reports COULDNT_CONNECT */ + /* 1 ipv6, fails after ~200ms, reports COULDNT_CONNECT */ { 4, TURL, "test.com:123:::1,::2", CURL_IPRESOLVE_WHATEVER, CNCT_TMOT, 150, 250, 250, 0, 2, 400, TC_TMOT, R_FAIL, NULL }, - /* 2 ipv6, fails after ~400ms, reports COULDNT_CONNECT */ + /* 2 ipv6, fails after ~400ms, reports COULDNT_CONNECT */ { 5, TURL, "test.com:123:192.0.2.1,::1", CURL_IPRESOLVE_WHATEVER, CNCT_TMOT, 150, 250, 250, 1, 1, 350, TC_TMOT, R_FAIL, "v6" }, /* mixed ip4+6, v6 always first, v4 kicks in on HE, fails after ~350ms */ From 65f9426170360478c70b465444e7783008d2625c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 19 Feb 2026 00:16:24 +0100 Subject: [PATCH 29/88] clang-tidy: enable more checks Refs: https://clang.llvm.org/extra/clang-tidy/checks/list.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/assert-side-effect.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/chained-comparison.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/dynamic-static-initializers.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/macro-repeated-side-effects.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/misplaced-operator-in-strlen-in-alloc.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/misplaced-pointer-arithmetic-in-alloc.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/not-null-terminated-result.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/posix-return.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/suspicious-enum-usage.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/suspicious-memset-usage.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/suspicious-missing-comma.html https://clang.llvm.org/extra/clang-tidy/checks/bugprone/suspicious-semicolon.html https://clang.llvm.org/extra/clang-tidy/checks/readability/redundant-declaration.html https://clang.llvm.org/extra/clang-tidy/checks/readability/redundant-function-ptr-dereference.html https://clang.llvm.org/extra/clang-tidy/checks/readability/redundant-parentheses.html Closes #20622 --- .clang-tidy.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.clang-tidy.yml b/.clang-tidy.yml index 17f7a93041..c13a0afe3a 100644 --- a/.clang-tidy.yml +++ b/.clang-tidy.yml @@ -11,10 +11,22 @@ Checks: - -clang-analyzer-security.insecureAPI.bzero # for FD_ZERO() (seen on macOS) - -clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling - -clang-diagnostic-nullability-extension + - bugprone-assert-side-effect + - bugprone-chained-comparison + - bugprone-dynamic-static-initializers - bugprone-macro-parentheses + - bugprone-macro-repeated-side-effects + - bugprone-misplaced-operator-in-strlen-in-alloc + - bugprone-misplaced-pointer-arithmetic-in-alloc + - bugprone-not-null-terminated-result + - bugprone-posix-return - bugprone-redundant-branch-condition - bugprone-signed-char-misuse + - bugprone-suspicious-enum-usage + - bugprone-suspicious-memset-usage + - bugprone-suspicious-missing-comma - bugprone-suspicious-realloc-usage + - bugprone-suspicious-semicolon - misc-const-correctness - misc-header-include-cycle - portability-* @@ -22,6 +34,9 @@ Checks: - readability-math-missing-parentheses - readability-named-parameter - readability-redundant-control-flow + - readability-redundant-declaration + - readability-redundant-function-ptr-dereference + - readability-redundant-parentheses - readability-redundant-preprocessor - readability-uppercase-literal-suffix From 3b9d8412c09ed8d38e94b8273af9d05fb163c47c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 25 Feb 2026 15:06:27 +0100 Subject: [PATCH 30/88] clang-tidy: add more missing parentheses in macro values Reported when running `HeaderFilterRegex: '.*'` in CI. Also replace an underscored symbol with a regular one in macro definition. Cherry-picked from #20720 Closes #20721 --- lib/vquic/vquic_int.h | 2 +- lib/vtls/vtls.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/vquic/vquic_int.h b/lib/vquic/vquic_int.h index d77b34d519..82bd5b0358 100644 --- a/lib/vquic/vquic_int.h +++ b/lib/vquic/vquic_int.h @@ -78,7 +78,7 @@ struct cf_quic_ctx { }; #define H3_STREAM_CTX(ctx, data) \ - (data ? Curl_uint32_hash_get(&(ctx)->streams, (data)->mid) : NULL) + ((data) ? Curl_uint32_hash_get(&(ctx)->streams, (data)->mid) : NULL) CURLcode vquic_ctx_init(struct Curl_easy *data, struct cf_quic_ctx *qctx); diff --git a/lib/vtls/vtls.h b/lib/vtls/vtls.h index 83e2a7ca54..d21df11b4a 100644 --- a/lib/vtls/vtls.h +++ b/lib/vtls/vtls.h @@ -50,8 +50,8 @@ struct dynbuf; #ifdef USE_ECH #include "curlx/base64.h" -#define ECH_ENABLED(__data__) \ - (__data__->set.tls_ech && !(__data__->set.tls_ech & CURLECH_DISABLE)) +#define ECH_ENABLED(data) \ + ((data)->set.tls_ech && !((data)->set.tls_ech & CURLECH_DISABLE)) #endif /* USE_ECH */ #define ALPN_ACCEPTED "ALPN: server accepted " From 39542f09935aba0b7130c20b6aae0be5cd6ff709 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 21 Feb 2026 02:44:42 +0100 Subject: [PATCH 31/88] cmake: add native clang-tidy support for tests, with concatenated sources Tests are build in "unity"-style, by including sources into an umbrella C files (similar to how CMake unity works). This does not play well with clang-tidy, which seems to unconditionally ignore C sources included like this. To fix it, curl's CMake implements a manual clang-tidy support for tests, which compiles sources one-by-one, while also making sure sources compile cleanly standalone (e.g. all sources need to include `first.h`). The manual clang-tidy implementation is fragile, and performance, in particular when targeting Windows, is abysmal. This patch introduces an alternate solution, enabled by the `_CURL_TESTS_CONCAT=ON` option. In this mode, umbrella sources include the actual sources instead of `#including` them. Allowing to use CMake's built-in clang-tidy support to compile them, with clang-tidy actually checking the sources. Making the manual clang-tidy support unnecessary. In the Windows CI job it results in a 4x performance improvement (4m -> 1m), making it practical to run clang-tidy on tests on Windows, in CI. The main downside is that clang-tidy doesn't understand the `#line` directive. Meaning issues found show the wrong filename and line number next to them. It's not impossible to locate errors this way, but also not convenient. Minor/potential downside is that the concatenated source needs to be reassembled each time an original source is updated. This may result in more copying on the disk when used in local development. The largest source is 1.4MB, so probably not a show-stopper on most machines. Another is the complexity of maintaining two methods in parallel, which may be necessary till clang-tidy understands `#line`: https://github.com/llvm/llvm-project/issues/62405 This solution may in theory also enable adding clang-tidy support for tests in autotools, though I haven't tried. Targeted for curl CI for now, and used in a GHA/windows job. 100% experimental, not recommended outside these. Closes #20667 --- .github/workflows/windows.yml | 4 +-- scripts/mk-unity.pl | 49 ++++++++++++++++++++++++++++++----- tests/libtest/CMakeLists.txt | 15 ++++++++--- tests/server/CMakeLists.txt | 15 ++++++++--- tests/tunit/CMakeLists.txt | 15 ++++++++--- tests/unit/CMakeLists.txt | 19 +++++++++----- 6 files changed, 91 insertions(+), 26 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index df9c27b0cf..f34f1f45b2 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -704,7 +704,7 @@ jobs: cmake -B bld -G Ninja \ -DCMAKE_SYSTEM_NAME=Windows \ -DCMAKE_C_COMPILER_TARGET="${TRIPLET}" \ - -DCMAKE_UNITY_BUILD=ON \ + -DCMAKE_UNITY_BUILD=ON -D_CURL_TESTS_CONCAT=ON \ -DCURL_WERROR=ON \ -DCURL_USE_SCHANNEL=ON -DUSE_WIN32_IDN=ON \ -DCURL_USE_LIBPSL=OFF \ @@ -741,7 +741,7 @@ jobs: find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -print0 | grep -z curl | xargs -0 stat -c '%10s bytes: %n' -- - name: 'build tests' - if: ${{ matrix.build == 'cmake' && matrix.compiler != 'clang-tidy' }} # Save time by skipping this for autotools and clang-tidy + if: ${{ matrix.build == 'cmake' }} # Save time by skipping this for autotools and clang-tidy run: | if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --target testdeps diff --git a/scripts/mk-unity.pl b/scripts/mk-unity.pl index e1bd39de6d..014cfe8ece 100755 --- a/scripts/mk-unity.pl +++ b/scripts/mk-unity.pl @@ -31,15 +31,23 @@ use strict; use warnings; if(!@ARGV) { - die "Usage: $0 [--test ] [--include ]\n"; + die "Usage: $0 [--concat [-I]] [--test ] [--include ]\n"; } my @src; my %include; my $in_include = 0; my $any_test = 0; +my $concat = 0; +my @incpath; foreach my $src (@ARGV) { - if($src eq "--test") { + if($src eq "--concat") { + $concat = 1; + } + elsif($src =~ "^-I") { + push @incpath, substr($src, 2); + } + elsif($src eq "--test") { $in_include = 0; } elsif($src eq "--include") { @@ -55,9 +63,35 @@ foreach my $src (@ARGV) { } } +sub include($@) { + my $filename = shift; + if($concat) { + if(! -f $filename) { + foreach my $path (@incpath) { + my $fullfn = $path . "/" . $filename; + if(-f $fullfn) { + $filename = $fullfn; + last; + } + } + } + open(my $fh, '<', $filename) or die "Cannot open '$filename': $!"; + my $content = do { local $/; <$fh> }; + close $fh; + print "#line 1 \"$filename\"\n$content\n"; + } + else { + print "#include \"$filename\"\n"; + } +} + print "/* !checksrc! disable COPYRIGHT all */\n\n"; if($any_test) { - print "#include \"first.h\"\n\n"; + if($concat) { + print "/* NOLINTBEGIN(readability-duplicate-include) */\n\n"; + } + include("first.h"); + print "\n"; } my $tlist = ""; @@ -65,7 +99,7 @@ my $tlist = ""; foreach my $src (@src) { if($src =~ /([a-z0-9_]+)\.c$/) { my $name = $1; - print "#include \"$src\"\n"; + include($src); if(not exists $include{$src}) { # register test entry function $tlist .= " {\"$name\", test_$name},\n"; } @@ -73,6 +107,9 @@ foreach my $src (@src) { } if($any_test) { - print "\nconst struct entry_s s_entries[] = {\n$tlist {NULL, NULL}\n};\n"; - print "\n#include \"first.c\"\n"; + print "\nconst struct entry_s s_entries[] = {\n$tlist {NULL, NULL}\n};\n\n"; + include("first.c"); + if($concat) { + print "/* NOLINTEND(readability-duplicate-include) */\n"; + } } diff --git a/tests/libtest/CMakeLists.txt b/tests/libtest/CMakeLists.txt index 6f27b42dfe..c0f7fe1093 100644 --- a/tests/libtest/CMakeLists.txt +++ b/tests/libtest/CMakeLists.txt @@ -39,12 +39,16 @@ add_custom_command(OUTPUT "lib1521.c" list(APPEND TESTS_C "lib1521.c") +if(_CURL_TESTS_CONCAT) + set(_mk_unity_extra "--concat" "-I${CMAKE_CURRENT_SOURCE_DIR}") +endif() + add_custom_command(OUTPUT "${BUNDLE}.c" - COMMAND ${PERL_EXECUTABLE} "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" + COMMAND ${PERL_EXECUTABLE} "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" ${_mk_unity_extra} --include ${UTILS_C} ${CURLX_C} ${TOOLX_C} --test ${TESTS_C} > "${BUNDLE}.c" DEPENDS "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" "${CMAKE_CURRENT_SOURCE_DIR}/Makefile.inc" - ${FIRST_C} ${UTILS_C} ${CURLX_C} ${TOOLX_C} ${TESTS_C} + ${FIRST_C} ${FIRST_H} ${UTILS_C} ${CURLX_C} ${TOOLX_C} ${TESTS_C} VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") @@ -57,6 +61,9 @@ target_include_directories(${BUNDLE} PRIVATE "${CMAKE_CURRENT_SOURCE_DIR}" # for the generated bundle source to find included test sources ) target_compile_definitions(${BUNDLE} PRIVATE ${CURL_DEBUG_MACROS}) -set_target_properties(${BUNDLE} PROPERTIES OUTPUT_NAME "${BUNDLE}" PROJECT_LABEL "Test ${BUNDLE}" UNITY_BUILD OFF C_CLANG_TIDY "") +set_target_properties(${BUNDLE} PROPERTIES OUTPUT_NAME "${BUNDLE}" PROJECT_LABEL "Test ${BUNDLE}" UNITY_BUILD OFF) -curl_add_clang_tidy_test_target("${BUNDLE}-clang-tidy" ${BUNDLE} ${FIRST_C} ${UTILS_C} ${TESTS_C}) +if(NOT _CURL_TESTS_CONCAT) + set_target_properties(${BUNDLE} PROPERTIES C_CLANG_TIDY "") + curl_add_clang_tidy_test_target("${BUNDLE}-clang-tidy" ${BUNDLE} ${FIRST_C} ${UTILS_C} ${TESTS_C}) +endif() diff --git a/tests/server/CMakeLists.txt b/tests/server/CMakeLists.txt index feb63ed96a..3c83d397d6 100644 --- a/tests/server/CMakeLists.txt +++ b/tests/server/CMakeLists.txt @@ -26,12 +26,16 @@ curl_transform_makefile_inc("Makefile.inc" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") +if(_CURL_TESTS_CONCAT) + set(_mk_unity_extra "--concat" "-I${CMAKE_CURRENT_SOURCE_DIR}") +endif() + add_custom_command(OUTPUT "${BUNDLE}.c" - COMMAND ${PERL_EXECUTABLE} "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" + COMMAND ${PERL_EXECUTABLE} "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" ${_mk_unity_extra} --include ${UTILS_C} ${CURLX_C} ${TOOLX_C} --test ${TESTS_C} > "${BUNDLE}.c" DEPENDS "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" "${CMAKE_CURRENT_SOURCE_DIR}/Makefile.inc" - ${FIRST_C} ${UTILS_C} ${CURLX_C} ${TOOLX_C} ${TESTS_C} + ${FIRST_C} ${FIRST_H} ${UTILS_C} ${CURLX_C} ${TOOLX_C} ${TESTS_C} VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") @@ -43,6 +47,9 @@ target_include_directories(${BUNDLE} PRIVATE "${PROJECT_SOURCE_DIR}/src" # for toolx "${CMAKE_CURRENT_SOURCE_DIR}" # for the generated bundle source to find included test sources ) -set_target_properties(${BUNDLE} PROPERTIES OUTPUT_NAME "${BUNDLE}" PROJECT_LABEL "Test ${BUNDLE}" UNITY_BUILD OFF C_CLANG_TIDY "") +set_target_properties(${BUNDLE} PROPERTIES OUTPUT_NAME "${BUNDLE}" PROJECT_LABEL "Test ${BUNDLE}" UNITY_BUILD OFF) -curl_add_clang_tidy_test_target("${BUNDLE}-clang-tidy" ${BUNDLE} ${FIRST_C} ${UTILS_C} ${TESTS_C}) +if(NOT _CURL_TESTS_CONCAT) + set_target_properties(${BUNDLE} PROPERTIES C_CLANG_TIDY "") + curl_add_clang_tidy_test_target("${BUNDLE}-clang-tidy" ${BUNDLE} ${FIRST_C} ${UTILS_C} ${TESTS_C}) +endif() diff --git a/tests/tunit/CMakeLists.txt b/tests/tunit/CMakeLists.txt index b12e9c205f..2ab4f274e6 100644 --- a/tests/tunit/CMakeLists.txt +++ b/tests/tunit/CMakeLists.txt @@ -26,12 +26,16 @@ curl_transform_makefile_inc("Makefile.inc" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") +if(_CURL_TESTS_CONCAT) + set(_mk_unity_extra "--concat" "-I${CMAKE_CURRENT_SOURCE_DIR}" "-I${PROJECT_SOURCE_DIR}/tests/libtest") +endif() + add_custom_command(OUTPUT "${BUNDLE}.c" - COMMAND ${PERL_EXECUTABLE} "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" + COMMAND ${PERL_EXECUTABLE} "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" ${_mk_unity_extra} --test ${TESTS_C} > "${BUNDLE}.c" DEPENDS "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" "${CMAKE_CURRENT_SOURCE_DIR}/Makefile.inc" - ${FIRST_C} ${TESTS_C} + ${FIRST_C} ${FIRST_H} ${TESTS_C} VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") @@ -45,6 +49,9 @@ target_include_directories(${BUNDLE} PRIVATE "${CMAKE_CURRENT_SOURCE_DIR}" # for the generated bundle source to find included test sources ) target_compile_definitions(${BUNDLE} PRIVATE ${CURL_DEBUG_MACROS}) -set_target_properties(${BUNDLE} PROPERTIES OUTPUT_NAME "${BUNDLE}" PROJECT_LABEL "Test ${BUNDLE}" UNITY_BUILD OFF C_CLANG_TIDY "") +set_target_properties(${BUNDLE} PROPERTIES OUTPUT_NAME "${BUNDLE}" PROJECT_LABEL "Test ${BUNDLE}" UNITY_BUILD OFF) -curl_add_clang_tidy_test_target("${BUNDLE}-clang-tidy" ${BUNDLE} ${FIRST_C} ${TESTS_C}) +if(NOT _CURL_TESTS_CONCAT) + set_target_properties(${BUNDLE} PROPERTIES C_CLANG_TIDY "") + curl_add_clang_tidy_test_target("${BUNDLE}-clang-tidy" ${BUNDLE} ${FIRST_C} ${TESTS_C}) +endif() diff --git a/tests/unit/CMakeLists.txt b/tests/unit/CMakeLists.txt index eb402257f3..2692db5ef5 100644 --- a/tests/unit/CMakeLists.txt +++ b/tests/unit/CMakeLists.txt @@ -26,12 +26,16 @@ curl_transform_makefile_inc("Makefile.inc" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.inc.cmake") +if(_CURL_TESTS_CONCAT) + set(_mk_unity_extra "--concat" "-I${CMAKE_CURRENT_SOURCE_DIR}" "-I${PROJECT_SOURCE_DIR}/tests/libtest") +endif() + add_custom_command(OUTPUT "${BUNDLE}.c" - COMMAND ${PERL_EXECUTABLE} "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" + COMMAND ${PERL_EXECUTABLE} "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" ${_mk_unity_extra} --test ${TESTS_C} > "${BUNDLE}.c" DEPENDS "${PROJECT_SOURCE_DIR}/scripts/mk-unity.pl" "${CMAKE_CURRENT_SOURCE_DIR}/Makefile.inc" - ${FIRST_C} ${TESTS_C} + ${FIRST_C} ${FIRST_H} ${TESTS_C} VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") @@ -46,9 +50,12 @@ target_include_directories(${BUNDLE} PRIVATE ) # unit tests are small pretend-libcurl-programs, pass BUILDING_LIBCURL to reflect that target_compile_definitions(${BUNDLE} PRIVATE ${CURL_DEBUG_MACROS} "BUILDING_LIBCURL") -set_target_properties(${BUNDLE} PROPERTIES OUTPUT_NAME "${BUNDLE}" PROJECT_LABEL "Test ${BUNDLE}" UNITY_BUILD OFF C_CLANG_TIDY "") +set_target_properties(${BUNDLE} PROPERTIES OUTPUT_NAME "${BUNDLE}" PROJECT_LABEL "Test ${BUNDLE}" UNITY_BUILD OFF) -curl_add_clang_tidy_test_target("${BUNDLE}-clang-tidy" ${BUNDLE} ${FIRST_C} ${TESTS_C}) -if(TARGET "${BUNDLE}-clang-tidy") - add_dependencies("${BUNDLE}-clang-tidy" curlu-unitprotos) +if(NOT _CURL_TESTS_CONCAT) + set_target_properties(${BUNDLE} PROPERTIES C_CLANG_TIDY "") + curl_add_clang_tidy_test_target("${BUNDLE}-clang-tidy" ${BUNDLE} ${FIRST_C} ${TESTS_C}) + if(TARGET "${BUNDLE}-clang-tidy") + add_dependencies("${BUNDLE}-clang-tidy" curlu-unitprotos) + endif() endif() From 725c5609aef19ba53373a49386cd979006b590d6 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 25 Feb 2026 18:32:14 +0100 Subject: [PATCH 32/88] clang-tidy: avoid/silence `bugprone-not-null-terminated-result` Prefer `sizeof()` over `strlen()`, static const variables over macros. Add a couple of `NOLINT`s to silence false positives. Also sync similar code patterns between libtests. Cherry-picked from #20720 Closes #20723 --- tests/libtest/lib1520.c | 2 +- tests/libtest/lib1525.c | 13 +++++++------ tests/libtest/lib1526.c | 13 +++++++------ tests/libtest/lib1527.c | 13 +++++++------ tests/libtest/lib1531.c | 8 ++++---- tests/libtest/lib1576.c | 13 +++++++------ tests/libtest/lib1662.c | 8 ++++---- tests/libtest/lib510.c | 2 +- tests/libtest/lib547.c | 10 +++++----- tests/libtest/lib555.c | 10 +++++----- tests/libtest/lib579.c | 2 +- tests/libtest/lib757.c | 12 ++++++------ tests/server/mqttd.c | 1 + tests/server/rtspd.c | 1 + 14 files changed, 57 insertions(+), 51 deletions(-) diff --git a/tests/libtest/lib1520.c b/tests/libtest/lib1520.c index c439666c9e..a76c64a5a9 100644 --- a/tests/libtest/lib1520.c +++ b/tests/libtest/lib1520.c @@ -54,7 +54,7 @@ static size_t t1520_read_cb(char *ptr, size_t size, size_t nmemb, void *userp) if(data) { size_t len = strlen(data); - memcpy(ptr, data, len); + memcpy(ptr, data, len); /* NOLINT(bugprone-not-null-terminated-result) */ upload_ctx->lines_read++; return len; diff --git a/tests/libtest/lib1525.c b/tests/libtest/lib1525.c index 3c558d7c26..29ce7a9a0b 100644 --- a/tests/libtest/lib1525.c +++ b/tests/libtest/lib1525.c @@ -30,17 +30,18 @@ #include "first.h" -static const char t1525_testdata[] = "Hello Cloud!\n"; +static const char t1525_data[] = "Hello Cloud!\n"; +static size_t const t1525_datalen = sizeof(t1525_data) - 1; static size_t t1525_read_cb(char *ptr, size_t size, size_t nmemb, void *stream) { size_t amount = nmemb * size; /* Total bytes curl wants */ - if(amount < strlen(t1525_testdata)) { - return strlen(t1525_testdata); + if(amount < t1525_datalen) { + return t1525_datalen; } (void)stream; - memcpy(ptr, t1525_testdata, strlen(t1525_testdata)); - return strlen(t1525_testdata); + memcpy(ptr, t1525_data, t1525_datalen); + return t1525_datalen; } static CURLcode test_lib1525(const char *URL) @@ -81,7 +82,7 @@ static CURLcode test_lib1525(const char *URL) test_setopt(curl, CURLOPT_WRITEFUNCTION, fwrite); test_setopt(curl, CURLOPT_READFUNCTION, t1525_read_cb); test_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L); - test_setopt(curl, CURLOPT_INFILESIZE, (long)strlen(t1525_testdata)); + test_setopt(curl, CURLOPT_INFILESIZE, (long)t1525_datalen); result = curl_easy_perform(curl); diff --git a/tests/libtest/lib1526.c b/tests/libtest/lib1526.c index eac11b60aa..30c4f55235 100644 --- a/tests/libtest/lib1526.c +++ b/tests/libtest/lib1526.c @@ -29,17 +29,18 @@ #include "first.h" -static const char t1526_testdata[] = "Hello Cloud!\n"; +static const char t1526_data[] = "Hello Cloud!\n"; +static size_t const t1526_datalen = sizeof(t1526_data) - 1; static size_t t1526_read_cb(char *ptr, size_t size, size_t nmemb, void *stream) { size_t amount = nmemb * size; /* Total bytes curl wants */ - if(amount < strlen(t1526_testdata)) { - return strlen(t1526_testdata); + if(amount < t1526_datalen) { + return t1526_datalen; } (void)stream; - memcpy(ptr, t1526_testdata, strlen(t1526_testdata)); - return strlen(t1526_testdata); + memcpy(ptr, t1526_data, t1526_datalen); + return t1526_datalen; } static CURLcode test_lib1526(const char *URL) @@ -85,7 +86,7 @@ static CURLcode test_lib1526(const char *URL) test_setopt(curl, CURLOPT_WRITEFUNCTION, fwrite); test_setopt(curl, CURLOPT_READFUNCTION, t1526_read_cb); test_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L); - test_setopt(curl, CURLOPT_INFILESIZE, (long)strlen(t1526_testdata)); + test_setopt(curl, CURLOPT_INFILESIZE, (long)t1526_datalen); result = curl_easy_perform(curl); diff --git a/tests/libtest/lib1527.c b/tests/libtest/lib1527.c index af9f9fc21f..efa39efb73 100644 --- a/tests/libtest/lib1527.c +++ b/tests/libtest/lib1527.c @@ -29,17 +29,18 @@ #include "first.h" -static const char t1527_testdata[] = "Hello Cloud!\n"; +static const char t1527_data[] = "Hello Cloud!\n"; +static size_t const t1527_datalen = sizeof(t1527_data) - 1; static size_t t1527_read_cb(char *ptr, size_t size, size_t nmemb, void *stream) { size_t amount = nmemb * size; /* Total bytes curl wants */ - if(amount < strlen(t1527_testdata)) { - return strlen(t1527_testdata); + if(amount < t1527_datalen) { + return t1527_datalen; } (void)stream; - memcpy(ptr, t1527_testdata, strlen(t1527_testdata)); - return strlen(t1527_testdata); + memcpy(ptr, t1527_data, t1527_datalen); + return t1527_datalen; } static CURLcode test_lib1527(const char *URL) @@ -82,7 +83,7 @@ static CURLcode test_lib1527(const char *URL) test_setopt(curl, CURLOPT_WRITEFUNCTION, fwrite); test_setopt(curl, CURLOPT_READFUNCTION, t1527_read_cb); test_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, 1L); - test_setopt(curl, CURLOPT_INFILESIZE, (long)strlen(t1527_testdata)); + test_setopt(curl, CURLOPT_INFILESIZE, (long)t1527_datalen); test_setopt(curl, CURLOPT_HEADEROPT, CURLHEADER_UNIFIED); result = curl_easy_perform(curl); diff --git a/tests/libtest/lib1531.c b/tests/libtest/lib1531.c index 86facffbb6..f8c9071e3b 100644 --- a/tests/libtest/lib1531.c +++ b/tests/libtest/lib1531.c @@ -25,8 +25,8 @@ static CURLcode test_lib1531(const char *URL) { - static char const testData[] = ".abc\0xyz"; - static curl_off_t const testDataSize = sizeof(testData) - 1; + static char const testdata[] = ".abc\0xyz"; + static curl_off_t const testdatalen = sizeof(testdata) - 1; CURL *curl; CURLM *multi; @@ -50,8 +50,8 @@ static CURLcode test_lib1531(const char *URL) /* set the options (I left out a few, you get the point anyway) */ curl_easy_setopt(curl, CURLOPT_URL, URL); - curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE, testDataSize); - curl_easy_setopt(curl, CURLOPT_POSTFIELDS, testData); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE_LARGE, testdatalen); + curl_easy_setopt(curl, CURLOPT_POSTFIELDS, testdata); /* we start some action by calling perform right away */ curl_multi_perform(multi, &still_running); diff --git a/tests/libtest/lib1576.c b/tests/libtest/lib1576.c index daa85a6652..5357f2ec13 100644 --- a/tests/libtest/lib1576.c +++ b/tests/libtest/lib1576.c @@ -23,17 +23,18 @@ ***************************************************************************/ #include "first.h" -static char t1576_testdata[] = "request indicates that the client, which made"; +static char t1576_data[] = "request indicates that the client, which made"; +static size_t const t1576_datalen = sizeof(t1576_data) - 1; static size_t t1576_read_cb(char *ptr, size_t size, size_t nmemb, void *stream) { size_t amount = nmemb * size; /* Total bytes curl wants */ - if(amount < strlen(t1576_testdata)) { - return strlen(t1576_testdata); + if(amount < t1576_datalen) { + return t1576_datalen; } (void)stream; - memcpy(ptr, t1576_testdata, strlen(t1576_testdata)); - return strlen(t1576_testdata); + memcpy(ptr, t1576_data, t1576_datalen); + return t1576_datalen; } static int t1576_seek_callback(void *ptr, curl_off_t offset, int origin) @@ -69,7 +70,7 @@ static CURLcode test_lib1576(const char *URL) test_setopt(curl, CURLOPT_UPLOAD, 1L); test_setopt(curl, CURLOPT_READFUNCTION, t1576_read_cb); test_setopt(curl, CURLOPT_SEEKFUNCTION, t1576_seek_callback); - test_setopt(curl, CURLOPT_INFILESIZE, (long)strlen(t1576_testdata)); + test_setopt(curl, CURLOPT_INFILESIZE, (long)t1576_datalen); test_setopt(curl, CURLOPT_CUSTOMREQUEST, "CURL"); if(testnum == 1578 || testnum == 1580) { diff --git a/tests/libtest/lib1662.c b/tests/libtest/lib1662.c index 630dcd2f90..0e4942e9ad 100644 --- a/tests/libtest/lib1662.c +++ b/tests/libtest/lib1662.c @@ -30,17 +30,17 @@ struct t1662_WriteThis { static size_t t1662_read_cb(char *ptr, size_t size, size_t nmemb, void *userp) { static const char testdata[] = "mooaaa"; + static size_t const testdatalen = sizeof(testdata) - 1; struct t1662_WriteThis *pooh = (struct t1662_WriteThis *)userp; - size_t len = strlen(testdata); - if(size * nmemb < len) + if(size * nmemb < testdatalen) return 0; if(pooh->sizeleft) { - memcpy(ptr, testdata, strlen(testdata)); + memcpy(ptr, testdata, testdatalen); pooh->sizeleft = 0; - return len; + return testdatalen; } return 0; /* no more data left to deliver */ diff --git a/tests/libtest/lib510.c b/tests/libtest/lib510.c index 268bc6349e..c325dc0bb7 100644 --- a/tests/libtest/lib510.c +++ b/tests/libtest/lib510.c @@ -51,7 +51,7 @@ static size_t t510_read_cb(char *ptr, size_t size, size_t nmemb, void *userp) curl_mfprintf(stderr, "read buffer is too small to run test\n"); return 0; } - memcpy(ptr, data, len); + memcpy(ptr, data, len); /* NOLINT(bugprone-not-null-terminated-result) */ pooh->counter++; /* advance pointer */ return len; } diff --git a/tests/libtest/lib547.c b/tests/libtest/lib547.c index 6611bdeaec..dd0f787ee6 100644 --- a/tests/libtest/lib547.c +++ b/tests/libtest/lib547.c @@ -29,7 +29,7 @@ #include "first.h" static const char t547_uploadthis[] = "this is the blurb we want to upload\n"; -#define T547_DATALEN (sizeof(t547_uploadthis) - 1) +static size_t const t547_datalen = sizeof(t547_uploadthis) - 1; static size_t t547_read_cb(char *ptr, size_t size, size_t nmemb, void *clientp) { @@ -42,10 +42,10 @@ static size_t t547_read_cb(char *ptr, size_t size, size_t nmemb, void *clientp) } (*counter)++; /* bump */ - if(size * nmemb >= T547_DATALEN) { + if(size * nmemb >= t547_datalen) { curl_mfprintf(stderr, "READ!\n"); - memcpy(ptr, t547_uploadthis, T547_DATALEN); - return T547_DATALEN; + memcpy(ptr, t547_uploadthis, t547_datalen); + return t547_datalen; } curl_mfprintf(stderr, "READ NOT FINE!\n"); return 0; @@ -96,7 +96,7 @@ static CURLcode test_lib547(const char *URL) test_setopt(curl, CURLOPT_READDATA, &counter); /* We CANNOT do the POST fine without setting the size (or choose chunked)! */ - test_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)T547_DATALEN); + test_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)t547_datalen); } test_setopt(curl, CURLOPT_POST, 1L); test_setopt(curl, CURLOPT_PROXY, libtest_arg2); diff --git a/tests/libtest/lib555.c b/tests/libtest/lib555.c index 883b73b5bb..9e11aae7d7 100644 --- a/tests/libtest/lib555.c +++ b/tests/libtest/lib555.c @@ -33,7 +33,7 @@ #include "first.h" static const char t555_uploadthis[] = "this is the blurb we want to upload\n"; -#define T555_DATALEN (sizeof(t555_uploadthis) - 1) +static size_t const t555_datalen = sizeof(t555_uploadthis) - 1; static size_t t555_read_cb(char *ptr, size_t size, size_t nmemb, void *clientp) { @@ -46,10 +46,10 @@ static size_t t555_read_cb(char *ptr, size_t size, size_t nmemb, void *clientp) } (*counter)++; /* bump */ - if(size * nmemb >= T555_DATALEN) { + if(size * nmemb >= t555_datalen) { curl_mfprintf(stderr, "READ!\n"); - memcpy(ptr, t555_uploadthis, T555_DATALEN); - return T555_DATALEN; + memcpy(ptr, t555_uploadthis, t555_datalen); + return t555_datalen; } curl_mfprintf(stderr, "READ NOT FINE!\n"); return 0; @@ -92,7 +92,7 @@ static CURLcode test_lib555(const char *URL) easy_setopt(curl, CURLOPT_READDATA, &counter); /* We CANNOT do the POST fine without setting the size (or choose chunked)! */ - easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)T555_DATALEN); + easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)t555_datalen); easy_setopt(curl, CURLOPT_POST, 1L); easy_setopt(curl, CURLOPT_PROXY, libtest_arg2); diff --git a/tests/libtest/lib579.c b/tests/libtest/lib579.c index 1d1cfc3901..35ccd84855 100644 --- a/tests/libtest/lib579.c +++ b/tests/libtest/lib579.c @@ -91,7 +91,7 @@ static size_t t579_read_cb(char *ptr, size_t size, size_t nmemb, void *userp) if(data) { size_t len = strlen(data); - memcpy(ptr, data, len); + memcpy(ptr, data, len); /* NOLINT(bugprone-not-null-terminated-result) */ pooh->counter++; /* advance pointer */ return len; } diff --git a/tests/libtest/lib757.c b/tests/libtest/lib757.c index b3237becf9..88f863746a 100644 --- a/tests/libtest/lib757.c +++ b/tests/libtest/lib757.c @@ -31,15 +31,15 @@ static size_t write_757(char *ptr, size_t size, size_t nmemb, void *userdata) return size * nmemb; } -#define DATA757 "fun-times" -#define DATALEN (sizeof(DATA757) - 1) +static const char t757_data[] = "fun-times"; +static size_t const t757_datalen = sizeof(t757_data) - 1; static size_t read_757(char *buffer, size_t size, size_t nitems, void *arg) { (void)arg; - if((size * nitems) >= DATALEN) { - memcpy(buffer, DATA757, DATALEN); - return DATALEN; + if((size * nitems) >= t757_datalen) { + memcpy(buffer, t757_data, t757_datalen); + return t757_datalen; } return 0; } @@ -83,7 +83,7 @@ static CURLcode test_lib757(const char *URL) /* Build the first mime structure. */ mime1 = curl_mime_init(curl); part = curl_mime_addpart(mime1); - curl_mime_data_cb(part, DATALEN, read_757, seek_757, NULL, NULL); + curl_mime_data_cb(part, t757_datalen, read_757, seek_757, NULL, NULL); curl_mime_type(part, "text/html"); curl_mime_name(part, "data"); diff --git a/tests/server/mqttd.c b/tests/server/mqttd.c index c2bff9b751..7b5c7c8043 100644 --- a/tests/server/mqttd.c +++ b/tests/server/mqttd.c @@ -351,6 +351,7 @@ static int publish(FILE *dump, packet[1 + encodedlen] = (unsigned char)(topiclen >> 8); packet[2 + encodedlen] = (unsigned char)(topiclen & 0xff); + /* NOLINTNEXTLINE(bugprone-not-null-terminated-result) */ memcpy(&packet[3 + encodedlen], topic, topiclen); payloadindex = 3 + topiclen + encodedlen; diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c index fcc97b2ca3..5e337650d5 100644 --- a/tests/server/rtspd.c +++ b/tests/server/rtspd.c @@ -317,6 +317,7 @@ static int rtspd_ProcessRequest(struct rtspd_httprequest *req) /* Fill it with junk data */ for(i = 0; i < rtp_size; i += RTP_DATA_SIZE) { + /* NOLINTNEXTLINE(bugprone-not-null-terminated-result) */ memcpy(rtp_scratch + 4 + i, RTP_DATA, RTP_DATA_SIZE); } From 3137f725cd3babf69ef4cad4721f32356db3a6ea Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 25 Feb 2026 18:18:02 +0100 Subject: [PATCH 33/88] cmake: fix passing system header directories to clang-tidy for tests Pass system directories with `-isystem` to avoid clang-tidy parsing 3rd-party and system headers with `HeaderFilterRegex: '.*' enabled. Also: - drop rule exception no longer necessary. - sync normal vs. system header path order with compiler invocation. - tidy up `set()` syntax. - clear a temporary variable. Bug: https://github.com/curl/curl/pull/20670#issuecomment-3940840176 Follow-up to e088e104549421914da9170eeead72a43d42c028 #17705 Cherry-picked from: #20720 Closes #20724 --- .clang-tidy.yml | 2 +- CMake/Macros.cmake | 36 +++++++++++++++++++++++------------- 2 files changed, 24 insertions(+), 14 deletions(-) diff --git a/.clang-tidy.yml b/.clang-tidy.yml index c13a0afe3a..94fb304f13 100644 --- a/.clang-tidy.yml +++ b/.clang-tidy.yml @@ -41,4 +41,4 @@ Checks: - readability-uppercase-literal-suffix CheckOptions: - misc-header-include-cycle.IgnoredFilesList: 'curl/curl.h;openssl/ssl.h' + misc-header-include-cycle.IgnoredFilesList: 'curl/curl.h' diff --git a/CMake/Macros.cmake b/CMake/Macros.cmake index 1eac193c32..8d3458c06e 100644 --- a/CMake/Macros.cmake +++ b/CMake/Macros.cmake @@ -107,14 +107,14 @@ macro(curl_collect_target_options _target) if(_val) list(APPEND _definitions ${_val}) endif() - get_target_property(_val ${_target} INTERFACE_INCLUDE_DIRECTORIES) - if(_val) - list(APPEND _includes ${_val}) - endif() get_target_property(_val ${_target} INCLUDE_DIRECTORIES) if(_val) list(APPEND _includes ${_val}) endif() + get_target_property(_val ${_target} INTERFACE_INCLUDE_DIRECTORIES) + if(_val) + list(APPEND _incsys ${_val}) + endif() get_target_property(_val ${_target} COMPILE_OPTIONS) if(_val) list(APPEND _options ${_val}) @@ -136,6 +136,7 @@ macro(curl_add_clang_tidy_test_target _target_clang_tidy _target) set(_definitions "") set(_includes "") + set(_incsys "") set(_options "") # Collect macro definitions and header directories applying to the directory @@ -161,16 +162,23 @@ macro(curl_add_clang_tidy_test_target _target_clang_tidy _target) list(REMOVE_DUPLICATES _definitions) list(SORT _definitions) # Sort like CMake does - set(_includes_tmp ${_includes}) - set(_includes) - foreach(_inc IN LISTS _includes_tmp) - # Avoid empty and '$' items. The latter also - # evaluates to an empty path in this context. - if(_inc AND NOT _inc MATCHES "INSTALL_INTERFACE:") - list(APPEND _includes "-I${_inc}") + list(REMOVE_ITEM _includes "") + string(REPLACE ";" ";-I" _includes ";${_includes}") + list(REMOVE_DUPLICATES _includes) + + set(_incsys_tmp ${_incsys}) + list(REMOVE_DUPLICATES _incsys_tmp) + set(_incsys "") + foreach(_inc IN LISTS _incsys_tmp) + # Avoid empty and '$' items. The latter + # evaluates to an empty path in this context. Also skip + # '$', as already present in '_includes'. + if(_inc AND + NOT _inc MATCHES "INSTALL_INTERFACE:" AND + NOT _inc MATCHES "BUILD_INTERFACE:") + list(APPEND _incsys "-isystem" "${_inc}") endif() endforeach() - list(REMOVE_DUPLICATES _includes) if(CMAKE_C_COMPILER_ID MATCHES "Clang") list(REMOVE_DUPLICATES _options) # Keep the first of duplicates to imitate CMake @@ -202,13 +210,15 @@ macro(curl_add_clang_tidy_test_target _target_clang_tidy _target) WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}" COMMAND ${CMAKE_C_CLANG_TIDY} "--checks=-clang-diagnostic-unused-function" - ${_sources} -- ${_cc} ${_definitions} ${_includes} ${_options} + ${_sources} -- ${_cc} ${_definitions} ${_includes} ${_incsys} ${_options} DEPENDS ${_sources}) add_dependencies(tests-clang-tidy ${_target_clang_tidy}) unset(_cc) unset(_definitions) unset(_includes) + unset(_incsys) + unset(_incsys_tmp) unset(_options) unset(_sources) endif() From aae361242f30eafacf46085ed731b1524bfd3be9 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Tue, 24 Feb 2026 01:35:02 +0100 Subject: [PATCH 34/88] cmake: replace internal option with a new `testbins` target To allow building test binaries without test certs, replacing `_CURL_SKIP_BUILD_CERTS` internal option with a build target that is similar to `testdeps`, but without building the test certificates. To make building test binaries a little bit faster, with less noisy output, and without having to reconfigure the build. Closes #20708 --- docs/INSTALL-CMAKE.md | 5 +++-- tests/CMakeLists.txt | 11 ++++++++--- tests/certs/CMakeLists.txt | 6 +----- tests/libtest/CMakeLists.txt | 2 +- tests/server/CMakeLists.txt | 2 +- tests/tunit/CMakeLists.txt | 2 +- tests/unit/CMakeLists.txt | 2 +- 7 files changed, 16 insertions(+), 14 deletions(-) diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 552a40bcfa..9ef9ba6aaa 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -552,9 +552,10 @@ Note: These variables are internal and subject to change. ## Useful build targets -- `testdeps`: Build test dependencies (servers, tools, test certificates). +- `testbins`: Build test binaries (servers, tools). Individual targets: `curlinfo`, `libtests`, `servers`, `tunits`, `units` - Test certificates: `build-certs`, `clean-certs` +- `testdeps`: Build test dependencies (test binaries, test certificates). + Test certificates: `build-certs` (clean with `clean-certs`) - `tests`: Run tests (`runtests.pl`). Customize via the `TFLAGS` environment variable, e.g. `TFLAGS=1621`. Other flavors: `test-am`, `test-ci`, `test-event`, `test-full`, `test-nonflaky`, `test-quiet`, `test-torture` - `curl-pytest`: Run tests (pytest). diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 1b79c57447..d806e8c4bb 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -29,14 +29,17 @@ mark_as_advanced(TEST_NGHTTPX) # Consumed variables: TEST_NGHTTPX configure_file("config.in" "${CMAKE_CURRENT_BINARY_DIR}/config" @ONLY) -add_custom_target(testdeps) +add_custom_target(testbins) if(BUILD_CURL_EXE) - add_dependencies(testdeps "curlinfo") + add_dependencies(testbins "curlinfo") endif() if(CURL_BUILD_EVERYTHING) - set_target_properties(testdeps PROPERTIES EXCLUDE_FROM_ALL FALSE) + set_target_properties(testbins PROPERTIES EXCLUDE_FROM_ALL FALSE) endif() +add_custom_target(testdeps) +add_dependencies(testdeps "testbins") + if(CURL_CLANG_TIDY) add_custom_target(tests-clang-tidy) add_dependencies(testdeps tests-clang-tidy) @@ -63,6 +66,7 @@ function(curl_add_runtests _targetname _test_flags) list(APPEND _depends "${EXE_NAME}") endif() list(APPEND _depends "testdeps") + list(APPEND _depends "build-certs") endif() set(_setenvs "") if(CMAKE_CONFIGURATION_TYPES) @@ -100,6 +104,7 @@ function(curl_add_pytests _targetname _test_flags) list(APPEND _depends "${EXE_NAME}" "curlinfo") endif() list(APPEND _depends "libtests") + list(APPEND _depends "build-certs") endif() string(REPLACE " " ";" _test_flags_list "${_test_flags}") add_custom_target(${_targetname} diff --git a/tests/certs/CMakeLists.txt b/tests/certs/CMakeLists.txt index d0e1f55b85..399483a738 100644 --- a/tests/certs/CMakeLists.txt +++ b/tests/certs/CMakeLists.txt @@ -31,11 +31,7 @@ add_custom_command(OUTPUT ${GENERATEDCERTS} VERBATIM ) add_custom_target(build-certs DEPENDS ${GENERATEDCERTS}) - -option(_CURL_SKIP_BUILD_CERTS "Skip building certs with testdeps" OFF) # Internal option to increase perf for build tests -if(NOT _CURL_SKIP_BUILD_CERTS) - add_dependencies(testdeps build-certs) -endif() +add_dependencies(testdeps build-certs) add_custom_target(clean-certs COMMAND ${CMAKE_COMMAND} -E remove ${GENERATEDCERTS} diff --git a/tests/libtest/CMakeLists.txt b/tests/libtest/CMakeLists.txt index c0f7fe1093..60c8676568 100644 --- a/tests/libtest/CMakeLists.txt +++ b/tests/libtest/CMakeLists.txt @@ -52,7 +52,7 @@ add_custom_command(OUTPUT "${BUNDLE}.c" VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") -add_dependencies(testdeps ${BUNDLE}) +add_dependencies(testbins ${BUNDLE}) target_link_libraries(${BUNDLE} ${LIB_SELECTED} ${CURL_LIBS}) target_include_directories(${BUNDLE} PRIVATE "${PROJECT_BINARY_DIR}/lib" # for "curl_config.h" diff --git a/tests/server/CMakeLists.txt b/tests/server/CMakeLists.txt index 3c83d397d6..716724ab05 100644 --- a/tests/server/CMakeLists.txt +++ b/tests/server/CMakeLists.txt @@ -39,7 +39,7 @@ add_custom_command(OUTPUT "${BUNDLE}.c" VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") -add_dependencies(testdeps ${BUNDLE}) +add_dependencies(testbins ${BUNDLE}) target_link_libraries(${BUNDLE} ${CURL_NETWORK_AND_TIME_LIBS}) target_include_directories(${BUNDLE} PRIVATE "${PROJECT_BINARY_DIR}/lib" # for "curl_config.h" diff --git a/tests/tunit/CMakeLists.txt b/tests/tunit/CMakeLists.txt index 2ab4f274e6..a10d240a08 100644 --- a/tests/tunit/CMakeLists.txt +++ b/tests/tunit/CMakeLists.txt @@ -39,7 +39,7 @@ add_custom_command(OUTPUT "${BUNDLE}.c" VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") -add_dependencies(testdeps ${BUNDLE}) +add_dependencies(testbins ${BUNDLE}) target_link_libraries(${BUNDLE} curltool ${LIB_SELECTED}) target_include_directories(${BUNDLE} PRIVATE "${PROJECT_BINARY_DIR}/lib" # for "curl_config.h" diff --git a/tests/unit/CMakeLists.txt b/tests/unit/CMakeLists.txt index 2692db5ef5..8d27fc0a5b 100644 --- a/tests/unit/CMakeLists.txt +++ b/tests/unit/CMakeLists.txt @@ -40,7 +40,7 @@ add_custom_command(OUTPUT "${BUNDLE}.c" add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") add_dependencies(${BUNDLE} curlu-unitprotos) -add_dependencies(testdeps ${BUNDLE}) +add_dependencies(testbins ${BUNDLE}) target_link_libraries(${BUNDLE} curlu) target_include_directories(${BUNDLE} PRIVATE "${PROJECT_BINARY_DIR}/lib" # for "curl_config.h", "unitprotos.h" From b56e103d4d223a722a00cd76846cbbff191f7d90 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 25 Feb 2026 20:55:03 +0100 Subject: [PATCH 35/88] build: do not include wolfSSL header in `curl_setup.h` To fix building tests/server with cmake and both wolfSSL and OpenSSL enabled (MultiSSL). tests/server do not have libcurl dependency header paths setup because it does not use libcurl. The code however includes `curl_setup.h`, which tried including `wolfssl/version.h` before this patch to verify if the wolfSSL coexist feature is available. Without a header path, it failed: ``` In file included from bld/tests/server/servers.c:3: In file included from tests/server/first.h:40: lib/curl_setup.h:737:12: fatal error: 'wolfssl/version.h' file not found 737 | # include | ^~~~~~~~~~~~~~~~~~~ 1 error generated. ``` Ref: https://github.com/curl/curl/actions/runs/22410066319/job/64880787424#step:46:76 Fix by moving the include and version check to `vtls/wolfssl.c`. Also: add an early version check to cmake. Follow-up to 16f073ef49f94412000218c9f6ad04e3fd7e4d01 #16973 Cherry-picked from #20720 Closes #20726 --- CMakeLists.txt | 4 ++++ lib/curl_setup.h | 11 +++-------- lib/vtls/wolfssl.c | 3 +++ 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b13ba6248c..2419de626c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -883,6 +883,10 @@ if(CURL_USE_WOLFSSL) endif() set(_curl_ca_bundle_supported TRUE) + if(USE_OPENSSL AND WOLFSSL_VERSION VERSION_LESS 5.7.6) + message(FATAL_ERROR "wolfSSL 5.7.6 or newer is required to coexist with OpenSSL.") + endif() + set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS "WOLFSSL_OPTIONS_IGNORE_SYS") endif() diff --git a/lib/curl_setup.h b/lib/curl_setup.h index 2a1f75d441..b7c030c006 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -734,14 +734,9 @@ #endif #if defined(USE_OPENSSL) && defined(USE_WOLFSSL) -# include -# if LIBWOLFSSL_VERSION_HEX >= 0x05007006 -# ifndef OPENSSL_COEXIST -# define OPENSSL_COEXIST -# endif -# else -# error "OpenSSL can only coexist with wolfSSL v5.7.6 or upper" -# endif +#ifndef OPENSSL_COEXIST +#define OPENSSL_COEXIST +#endif #endif #if defined(USE_WOLFSSL) && defined(USE_GNUTLS) diff --git a/lib/vtls/wolfssl.c b/lib/vtls/wolfssl.c index 89310adfae..c2d134f7b8 100644 --- a/lib/vtls/wolfssl.c +++ b/lib/vtls/wolfssl.c @@ -36,6 +36,9 @@ #if LIBWOLFSSL_VERSION_HEX < 0x03004006 /* wolfSSL 3.4.6 (2015) */ #error "wolfSSL version should be at least 3.4.6" #endif +#if defined(OPENSSL_COEXIST) && LIBWOLFSSL_VERSION_HEX < 0x05007006 +#error "wolfSSL 5.7.6 or newer is required to coexist with OpenSSL" +#endif /* To determine what functions are available we rely on one or both of: - the user's options.h generated by wolfSSL From 2239879b746c2c1c8dd087cffbef974ec2c780f8 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 02:11:36 +0100 Subject: [PATCH 36/88] cmake: minor fixes to test targets after prev - run tests-clang-tidy when building testbins. - drop redundant build-certs dependency for test targets. Already present via testdeps. Follow-up to aae361242f30eafacf46085ed731b1524bfd3be9 #20708 Closes #20727 --- tests/CMakeLists.txt | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index d806e8c4bb..7edfaa7ed8 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -37,14 +37,14 @@ if(CURL_BUILD_EVERYTHING) set_target_properties(testbins PROPERTIES EXCLUDE_FROM_ALL FALSE) endif() -add_custom_target(testdeps) -add_dependencies(testdeps "testbins") - if(CURL_CLANG_TIDY) add_custom_target(tests-clang-tidy) - add_dependencies(testdeps tests-clang-tidy) + add_dependencies(testbins tests-clang-tidy) endif() +add_custom_target(testdeps) +add_dependencies(testdeps "testbins") + add_subdirectory(http) add_subdirectory(server) add_subdirectory(libtest) @@ -66,7 +66,6 @@ function(curl_add_runtests _targetname _test_flags) list(APPEND _depends "${EXE_NAME}") endif() list(APPEND _depends "testdeps") - list(APPEND _depends "build-certs") endif() set(_setenvs "") if(CMAKE_CONFIGURATION_TYPES) From d110504e84016d3031a3ad1fa3421f22e2d0aaec Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 02:45:52 +0100 Subject: [PATCH 37/88] build: add missing `GENERATEDCERTS` files Also alpha sort lists, while here. Follow-up to 2cf19c245eff8ff84e53d6edc27d36bf25439d1b #17493 Closes #20728 --- tests/certs/Makefile.inc | 60 ++++++++++++++++++++++------------------ 1 file changed, 33 insertions(+), 27 deletions(-) diff --git a/tests/certs/Makefile.inc b/tests/certs/Makefile.inc index 2131172f4c..06516a09d5 100644 --- a/tests/certs/Makefile.inc +++ b/tests/certs/Makefile.inc @@ -28,36 +28,30 @@ CERTCONFIG_CA = \ test-ca.prm CERTCONFIGS = \ + test-client-cert.prm \ + test-client-eku-only.prm \ test-localhost.prm \ test-localhost.nn.prm \ test-localhost0h.prm \ test-localhost-san-first.prm \ - test-localhost-san-last.prm \ - test-client-cert.prm \ - test-client-eku-only.prm + test-localhost-san-last.prm GENERATEDCERTS = \ test-ca.cacert \ test-ca.crt \ test-ca.key \ - test-localhost.crl \ - test-localhost.crt \ - test-localhost.key \ - test-localhost.pem \ - test-localhost.pub.der \ - test-localhost.pub.pem \ - test-localhost.nn.crl \ - test-localhost.nn.crt \ - test-localhost.nn.key \ - test-localhost.nn.pem \ - test-localhost.nn.pub.der \ - test-localhost.nn.pub.pem \ - test-localhost0h.crl \ - test-localhost0h.crt \ - test-localhost0h.key \ - test-localhost0h.pem \ - test-localhost0h.pub.der \ - test-localhost0h.pub.pem \ + test-client-cert.crl \ + test-client-cert.crt \ + test-client-cert.key \ + test-client-cert.pem \ + test-client-cert.pub.der \ + test-client-cert.pub.pem \ + test-client-eku-only.crl \ + test-client-eku-only.crt \ + test-client-eku-only.key \ + test-client-eku-only.pem \ + test-client-eku-only.pub.der \ + test-client-eku-only.pub.pem \ test-localhost-san-first.crl \ test-localhost-san-first.crt \ test-localhost-san-first.key \ @@ -70,12 +64,24 @@ GENERATEDCERTS = \ test-localhost-san-last.pem \ test-localhost-san-last.pub.der \ test-localhost-san-last.pub.pem \ - test-client-cert.crl \ - test-client-cert.crt \ - test-client-cert.key \ - test-client-cert.pem \ - test-client-cert.pub.der \ - test-client-cert.pub.pem + test-localhost.crl \ + test-localhost.crt \ + test-localhost.key \ + test-localhost.nn.crl \ + test-localhost.nn.crt \ + test-localhost.nn.key \ + test-localhost.nn.pem \ + test-localhost.nn.pub.der \ + test-localhost.nn.pub.pem \ + test-localhost.pem \ + test-localhost.pub.der \ + test-localhost.pub.pem \ + test-localhost0h.crl \ + test-localhost0h.crt \ + test-localhost0h.key \ + test-localhost0h.pem \ + test-localhost0h.pub.der \ + test-localhost0h.pub.pem SRPFILES = \ srp-verifier-conf \ From d38bf7949d3acf5b484187fd3e81e0bd33b56715 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 03:28:17 +0100 Subject: [PATCH 38/88] tests/server: fix to clear the complete `srvr_sockaddr_union_t` variable Reported by clang-tidy (seen on Linux with v18, v19, v20, not on macOS): ``` tests/server/dnsd.c:552:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] tests/server/dnsd.c:556:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] tests/server/rtspd.c:1183:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] tests/server/rtspd.c:1187:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] tests/server/sws.c:2235:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] tests/server/sws.c:2239:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] tests/server/tftpd.c:1188:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] tests/server/tftpd.c:1192:14: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] tests/server/util.c:860:21: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] tests/server/util.c:864:21: error: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] ``` Ref: https://github.com/curl/curl/actions/runs/22424827575/job/64930560425?pr=20725 Cherry-picked from #20725 Closes #20730 --- tests/server/dnsd.c | 2 +- tests/server/rtspd.c | 2 +- tests/server/sws.c | 2 +- tests/server/tftpd.c | 2 +- tests/server/util.c | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/server/dnsd.c b/tests/server/dnsd.c index 98353303ee..42191c40d3 100644 --- a/tests/server/dnsd.c +++ b/tests/server/dnsd.c @@ -531,6 +531,7 @@ static int test_dnsd(int argc, const char **argv) port we actually got and update the listener port value with it. */ curl_socklen_t la_size; srvr_sockaddr_union_t localaddr; + memset(&localaddr, 0, sizeof(localaddr)); #ifdef USE_IPV6 if(!use_ipv6) #endif @@ -539,7 +540,6 @@ static int test_dnsd(int argc, const char **argv) else la_size = sizeof(localaddr.sa6); #endif - memset(&localaddr.sa, 0, (size_t)la_size); if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", diff --git a/tests/server/rtspd.c b/tests/server/rtspd.c index 5e337650d5..d66f25badd 100644 --- a/tests/server/rtspd.c +++ b/tests/server/rtspd.c @@ -1162,6 +1162,7 @@ static int test_rtspd(int argc, const char *argv[]) port we actually got and update the listener port value with it. */ curl_socklen_t la_size; srvr_sockaddr_union_t localaddr; + memset(&localaddr, 0, sizeof(localaddr)); #ifdef USE_IPV6 if(!use_ipv6) #endif @@ -1170,7 +1171,6 @@ static int test_rtspd(int argc, const char *argv[]) else la_size = sizeof(localaddr.sa6); #endif - memset(&localaddr.sa, 0, (size_t)la_size); if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", diff --git a/tests/server/sws.c b/tests/server/sws.c index e0072506fd..5de572d1c6 100644 --- a/tests/server/sws.c +++ b/tests/server/sws.c @@ -2214,6 +2214,7 @@ static int test_sws(int argc, const char *argv[]) port we actually got and update the listener port value with it. */ curl_socklen_t la_size; srvr_sockaddr_union_t localaddr; + memset(&localaddr, 0, sizeof(localaddr)); #ifdef USE_IPV6 if(socket_domain != AF_INET6) #endif @@ -2222,7 +2223,6 @@ static int test_sws(int argc, const char *argv[]) else la_size = sizeof(localaddr.sa6); #endif - memset(&localaddr.sa, 0, (size_t)la_size); if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c index c99fc05a96..aff8e3a1d6 100644 --- a/tests/server/tftpd.c +++ b/tests/server/tftpd.c @@ -1167,6 +1167,7 @@ static int test_tftpd(int argc, const char **argv) port we actually got and update the listener port value with it. */ curl_socklen_t la_size; srvr_sockaddr_union_t localaddr; + memset(&localaddr, 0, sizeof(localaddr)); #ifdef USE_IPV6 if(!use_ipv6) #endif @@ -1175,7 +1176,6 @@ static int test_tftpd(int argc, const char **argv) else la_size = sizeof(localaddr.sa6); #endif - memset(&localaddr.sa, 0, (size_t)la_size); if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", diff --git a/tests/server/util.c b/tests/server/util.c index 8107ca9122..ecaa2a448e 100644 --- a/tests/server/util.c +++ b/tests/server/util.c @@ -841,13 +841,13 @@ curl_socket_t sockdaemon(curl_socket_t sock, port we actually got and update the listener port value with it. */ curl_socklen_t la_size; srvr_sockaddr_union_t localaddr; + memset(&localaddr, 0, sizeof(localaddr)); #ifdef USE_IPV6 if(socket_domain == AF_INET6) la_size = sizeof(localaddr.sa6); else #endif la_size = sizeof(localaddr.sa4); - memset(&localaddr.sa, 0, (size_t)la_size); if(getsockname(sock, &localaddr.sa, &la_size) < 0) { error = SOCKERRNO; logmsg("getsockname() failed with error (%d) %s", From b1f853a3849d0e8116ae4e2aedfb9ca65f92282d Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 03:56:36 +0100 Subject: [PATCH 39/88] unit3205: suppress two clang-tidy false positives Silencing: ``` tests/unit/unit3205.c:565:32: error: the result from calling 'memcpy' is not null-terminated [bugprone-not-null-terminated-result] 565 | expect = (const char *)memcpy(alt, "DHE-", 4); | ^~~~~~ ~~~ | strcpy tests/unit/unit3205.c:569:32: error: the result from calling 'memcpy' is not null-terminated [bugprone-not-null-terminated-result] 569 | expect = (const char *)memcpy(alt + 4, "DHE-", 4) - 4; | ^~~~~~ ~~~ | strcpy ``` Ref: https://github.com/curl/curl/actions/runs/22425366818/job/64932197466?pr=20725 Cherry-picked from #20725 Closes #20731 --- tests/unit/unit3205.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/unit/unit3205.c b/tests/unit/unit3205.c index aa2d6b94a3..5a74f5d50b 100644 --- a/tests/unit/unit3205.c +++ b/tests/unit/unit3205.c @@ -562,10 +562,12 @@ static CURLcode test_unit3205(const char *arg) if(test->id >= 0x0011 && test->id < 0x0017) { if(expect && memcmp(expect, "EDH-", 4) == 0) { curlx_strcopy(alt, sizeof(alt), expect, strlen(expect)); + /* NOLINTNEXTLINE(bugprone-not-null-terminated-result) */ expect = (const char *)memcpy(alt, "DHE-", 4); } if(expect && memcmp(expect + 4, "EDH-", 4) == 0) { curlx_strcopy(alt, sizeof(alt), expect, strlen(expect)); + /* NOLINTNEXTLINE(bugprone-not-null-terminated-result) */ expect = (const char *)memcpy(alt + 4, "DHE-", 4) - 4; } } From 137e87ca721e0aec387273964cb8a9872c85f22a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 25 Feb 2026 15:01:47 +0100 Subject: [PATCH 40/88] clang-tidy: enable scanning headers By setting `HeaderFilterRegex: '.*'`. Closes #20720 --- .clang-tidy.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.clang-tidy.yml b/.clang-tidy.yml index 94fb304f13..c82a8f29ba 100644 --- a/.clang-tidy.yml +++ b/.clang-tidy.yml @@ -42,3 +42,5 @@ Checks: CheckOptions: misc-header-include-cycle.IgnoredFilesList: 'curl/curl.h' + +HeaderFilterRegex: '.*' From 26eddf002f0d9e957ff21865bddfbdf25b4521f5 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 25 Feb 2026 15:51:59 +0100 Subject: [PATCH 41/88] GHA/linux: switch clang-tidy job to cmake for 2x speed, bump to v20, enable for tests Checking lib and src under 3m15s versus 7m15s. Downside: autotools clang-tidy support is no longer CI-tested. The reason for the slowness is invoking a single clang-tidy command with all source files, and clang-tidy checking them in a single thread, sequentially. clang-tidy offers a `run-clang-tidy` Python script for parallel processing, which may help with this. However at this point it's more practical to use cmake, which also supports verifying the whole codebase, not only lib and src. Also: - bump clang-tidy to the latest available, v20 (from v18). - enable running clang-tidy on tests. Takes under 2 minutes. Also tried `_CURL_TESTS_CONCAT=ON`, it brings down the build tests step from 1m47s to 54s, saving 1 minute. Skipped using it for now. Closes #20725 --- .github/workflows/linux.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index d3cbc8038f..32f9382cb9 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -276,18 +276,18 @@ jobs: -DCURL_DISABLE_LDAP=ON -DUSE_LIBIDN2=OFF -DCURL_USE_LIBSSH2=OFF - name: 'clang-tidy' - install_packages: clang-19 clang-tidy-19 libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev - install_steps: skipall mbedtls-latest-intel rustls wolfssl-opensslextra-intel + install_packages: clang-20 clang-tidy-20 libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev + install_steps: skiprun mbedtls-latest-intel rustls wolfssl-opensslextra-intel install_steps_brew: gsasl make-custom-target: tidy - LDFLAGS: -Wl,-rpath,/home/runner/wolfssl-opensslextra/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/gsasl/lib - PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/gsasl/lib/pkgconfig - CC: clang-19 - configure: >- - CLANG_TIDY=clang-tidy-19 - --with-wolfssl=/home/runner/wolfssl-opensslextra --with-openssl --with-rustls --with-mbedtls=/home/runner/mbedtls --with-gnutls --with-libgsasl - --with-librtmp --with-libssh2 --with-libidn2 - --enable-ech --with-gssapi --enable-ssls-export --disable-typecheck + CC: clang-20 + LDFLAGS: -Wl,-rpath,/home/runner/wolfssl-opensslextra/lib -Wl,-rpath,/home/runner/mbedtls/lib -Wl,-rpath,/home/runner/rustls/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/gsasl/lib + PKG_CONFIG_PATH: /home/runner/wolfssl-opensslextra/lib/pkgconfig:/home/runner/mbedtls/lib/pkgconfig:/home/runner/rustls/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/gsasl/lib/pkgconfig + generate: >- + -DCURL_USE_OPENSSL=ON -DCURL_USE_WOLFSSL=ON -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON + -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON + -DUSE_ECH=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON + -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/usr/bin/clang-tidy-20 - name: 'scan-build' install_packages: clang-tools clang libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libgss-dev librtmp-dev libgnutls28-dev From 3cf86508fdc3f54bb2a3f42c8c0bd464ea39883d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 23 Feb 2026 11:31:18 +0100 Subject: [PATCH 42/88] VULN-DISCLOSURE-POLICY.md: use hackerone - bug_report.yml: use hackerone Closes #20683 --- .github/ISSUE_TEMPLATE/bug_report.yml | 2 +- docs/VULN-DISCLOSURE-POLICY.md | 24 +++--------------------- 2 files changed, 4 insertions(+), 22 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index 0bcfd2dab4..c2b79901af 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -13,7 +13,7 @@ body: Only file bugs here! Ask questions on the mailing lists https://curl.se/mail/ - **SECURITY RELATED?** Submit here: https://github.com/curl/curl/security/advisories + **SECURITY RELATED?** Submit here: https://hackerone.com/curl - type: textarea id: reproducer diff --git a/docs/VULN-DISCLOSURE-POLICY.md b/docs/VULN-DISCLOSURE-POLICY.md index f9555320d7..e6562bc1a2 100644 --- a/docs/VULN-DISCLOSURE-POLICY.md +++ b/docs/VULN-DISCLOSURE-POLICY.md @@ -29,10 +29,9 @@ mailing lists. Messages associated with any commits should not make any reference to the security nature of the commit if done prior to the public announcement. -- The person discovering the issue, the reporter, reports the vulnerability to - the curl project. Do this [on - GitHub](https://github.com/curl/curl/security/advisories). Such submissions - reach a handful of selected and trusted people. +- The person discovering the issue, the reporter, reports the vulnerability on + [HackerOne](https://hackerone.com/curl). Issues filed there reach a handful + of selected and trusted people. - Messages that do not relate to the reporting or managing of an undisclosed security vulnerability in curl or libcurl are ignored and no further action @@ -99,23 +98,6 @@ announcement. - The security webpage on the website should get the new vulnerability mentioned. -## GitHub Advisories - -We receive *advisories* submitted on GitHub but we consider them to be -*reports*. Since we want to keep the original report as-is and preserved, we -cannot use this system to author nor publish the actual final advisory for a -confirmed vulnerability. - -The security reports submitted on GitHub are not published, instead they are -always closed weather confirmed or not. - -Confirmed security reports are instead published as security advisories on the -curl website in sync with the curl release in which the fix is published for -the vulnerability. - -Unfortunately, GitHub does not allow us to disclose the reports. They can only -be published as "advisories" - and they are not. - ## security (at curl dot se) This is a private mailing list for discussions on and about curl security From 4a43eba3b1d979785a2b79eddcfc21d6eac133e5 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 12:31:55 +0100 Subject: [PATCH 43/88] cmake: silence potential unused var warnings in C++ test snippet Follow-up to 6ad50dc2859e9ea764aafe51b34d430a663fb1d3 #20687 Closes #20736 --- tests/cmake/test.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/cmake/test.cpp b/tests/cmake/test.cpp index 71747949a0..f5fd4ecc2a 100644 --- a/tests/cmake/test.cpp +++ b/tests/cmake/test.cpp @@ -27,6 +27,9 @@ class CurlClass { public: void curl_multi_setopt(void *a, int b, long c) { + (void)a; + (void)b; + (void)c; std::cout << curl_version() << std::endl; } }; From dc4aef735234c9c9c1a8baefcce7720098b5055c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 15:18:13 +0100 Subject: [PATCH 44/88] GHA/macos: update comment about macOS targets vs. features Closes #20741 --- .github/workflows/macos.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 8dafc96937..67297c54b2 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -31,12 +31,15 @@ concurrency: permissions: {} -# Deprecated Apple APIs and the macos-version-min value required to avoid -# deprecation warnings with llvm/clang: -# -# - 10.7 Lion (2011) - GSS -# - 10.9 Mavericks (2013) - LDAP +# Apple APIs and the macos-version-min value required to avoid deprecation +# warnings with llvm/clang, and/or the feature getting enabled at build-time +# or runtime: # +# - 10.7 Lion (2011) - GSS (build-time, deprecated MIT Kerberos shim) +# - 10.9 Mavericks (2013) - LDAP (build-time, deprecated), OCSP (runtime) +# - 10.11 El Capitan (2015) - connectx() (runtime) +# - 10.12 Sierra (2016) - clock_gettime() (build-time, runtime) +# - 10.14 Mojave (2018) - SecTrustEvaluateWithError() (runtime) env: CURL_CI: github From 9b52d516bb8990107f20c9786e09dbb6961c30b2 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 04:53:30 +0100 Subject: [PATCH 45/88] GHA/linux: bump sanitizer jobs to clang v20 (from v18) To use the newest version offered by the runner's Ubuntu 24.04. Ref: https://packages.ubuntu.com/search?suite=noble-updates&keywords=clang Closes #20732 --- .github/workflows/linux.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 32f9382cb9..ced21772a2 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -290,7 +290,7 @@ jobs: -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/usr/bin/clang-tidy-20 - name: 'scan-build' - install_packages: clang-tools clang libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libgss-dev librtmp-dev libgnutls28-dev + install_packages: clang clang-tools libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libgss-dev librtmp-dev libgnutls28-dev install_steps: skipall mbedtls-latest-intel rustls wolfssl-opensslextra-intel install_steps_brew: gsasl CC: clang @@ -305,7 +305,7 @@ jobs: -DCMAKE_UNITY_BUILD=OFF -DCURL_DISABLE_TYPECHECK=ON - name: 'scan-build H3 c-ares !examples' - install_packages: clang-tools clang libidn2-dev libssh-dev libnghttp2-dev + install_packages: clang clang-tools libidn2-dev libssh-dev libnghttp2-dev install_steps: skipall install_steps_brew: openssl libngtcp2 libnghttp3 c-ares CC: clang @@ -320,38 +320,38 @@ jobs: -DCURL_DISABLE_VERBOSE_STRINGS=ON - name: 'address-sanitizer' - install_packages: clang libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2 + install_packages: clang-20 libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2 install_steps: pytest randcurl CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan - CC: clang + CC: clang-20 generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH=ON - name: 'address-sanitizer H3 c-ares' - install_packages: clang libubsan1 libasan8 libtsan2 + install_packages: clang-20 libubsan1 libasan8 libtsan2 install_steps: pytest install_steps_brew: openssl libssh2 libngtcp2 libnghttp3 c-ares CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/libssh2/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/libngtcp2/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/libnghttp3/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/c-ares/lib/pkgconfig - CC: clang + CC: clang-20 generate: -DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/home/linuxbrew/.linuxbrew/opt/openssl -DUSE_NGTCP2=ON -DUSE_SSLS_EXPORT=ON -DENABLE_ARES=ON - name: 'thread-sanitizer' - install_packages: clang libtsan2 + install_packages: clang-20 libtsan2 install_steps: pytest openssl-tsan CFLAGS: -fsanitize=thread -g LDFLAGS: -fsanitize=thread - CC: clang + CC: clang-20 generate: -DOPENSSL_ROOT_DIR=/home/runner/openssl -DENABLE_DEBUG=ON - name: 'memory-sanitizer' - install_packages: clang + install_packages: clang-20 install_steps: randcurl CFLAGS: -fsanitize=memory -Wformat -Werror=format-security -Werror=array-bounds -g LDFLAGS: -fsanitize=memory LIBS: -ldl - configure: CC=clang --without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug + configure: CC=clang-20 --without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug tflags: '--min=1480' - name: 'event-based' From 6789eb0ff9f8a771417000b3fe985dd0c7409fd6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 26 Feb 2026 16:58:15 +0100 Subject: [PATCH 46/88] multi: avoid a theoretical 32-bit wrap If Curl_uint32_tbl_count() at some future point actually can return UINT_MAX, this fixes the math to not wrap. Closes #20742 --- lib/multi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/multi.c b/lib/multi.c index cdfe925cb8..5642978842 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -3725,7 +3725,7 @@ CURL **curl_multi_get_handles(CURLM *m) { struct Curl_multi *multi = m; void *entry; - unsigned int count = Curl_uint32_tbl_count(&multi->xfers); + size_t count = Curl_uint32_tbl_count(&multi->xfers); CURL **a = curlx_malloc(sizeof(struct Curl_easy *) * (count + 1)); if(a) { unsigned int i = 0; From e86642909f00d79f30b5ca2aebf557d52819c023 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 26 Feb 2026 12:40:43 +0000 Subject: [PATCH 47/88] GHA: update ngtcp2/ngtcp2 to v1.21.0 Closes #20738 --- .github/workflows/http3-linux.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index da7a3e4dbd..22792f7e95 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -52,7 +52,7 @@ env: # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com NGHTTP3_VERSION: 1.15.0 # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com - NGTCP2_VERSION: 1.20.0 + NGTCP2_VERSION: 1.21.0 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com NGHTTP2_VERSION: 1.68.0 # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com From 05d991a8c5c9f2944e5e4559616b437a1b7d5c3f Mon Sep 17 00:00:00 2001 From: hamza Date: Thu, 26 Feb 2026 16:36:24 +0000 Subject: [PATCH 48/88] rtsp: fix assertion failure on zero-length RTP payload Fixes #20735 Reported-by: David Korczynski Closes #20744 --- lib/rtsp.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/lib/rtsp.c b/lib/rtsp.c index 58bebc90e2..aa783ef06d 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -774,6 +774,18 @@ static CURLcode rtsp_filter_rtp(struct Curl_easy *data, break; rtp_buf = curlx_dyn_ptr(&rtspc->buf); rtspc->rtp_len = RTP_PKT_LENGTH(rtp_buf) + 4; + if(rtspc->rtp_len == 4) { + /* zero-length payload, the 4-byte header is the complete RTP + message. Dispatch immediately without entering RTP_PARSE_DATA. */ + DEBUGF(infof(data, "RTP write channel %d rtp_len %zu (no payload)", + rtspc->rtp_channel, rtspc->rtp_len)); + result = rtp_client_write(data, rtp_buf, rtspc->rtp_len); + curlx_dyn_free(&rtspc->buf); + rtspc->state = RTP_PARSE_SKIP; + if(result) + goto out; + break; + } rtspc->state = RTP_PARSE_DATA; break; } From 9871f46069c4d7fbade5112cc3202b008e3a0ed3 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 19:12:14 +0100 Subject: [PATCH 49/88] GHA/macos: drop unused `install_step` values [ci skip] --- .github/workflows/macos.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 67297c54b2..1c155e7fc6 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -272,7 +272,7 @@ jobs: - name: 'MultiSSL AppleIDN clang-tidy +examples' compiler: clang install: llvm gnutls nettle libressl krb5 mbedtls gsasl rustls-ffi rtmpdump libssh fish - install_steps: clang-tidy skiprun + install_steps: skiprun chkprefill: _chkprefill generate: >- -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/libressl -DCURL_DEFAULT_SSL_BACKEND=openssl @@ -286,7 +286,7 @@ jobs: - name: 'HTTP/3 clang-tidy' compiler: clang install: llvm libnghttp3 libngtcp2 openldap krb5 - install_steps: clang-tidy skipall + install_steps: skipall generate: >- -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DUSE_NGTCP2=ON -DLDAP_INCLUDE_DIR=/opt/homebrew/opt/openldap/include -DLDAP_LIBRARY=/opt/homebrew/opt/openldap/lib/libldap.dylib -DLDAP_LBER_LIBRARY=/opt/homebrew/opt/openldap/lib/liblber.dylib From ad72af474328f48125902c97fd0b1217bf4e3b36 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 17:17:19 +0100 Subject: [PATCH 50/88] GHA/linux: enable clang-tidy for docs/examples Also: - imap-append: silence false positive (seen on Linux only). Follow-up to b1f853a3849d0e8116ae4e2aedfb9ca65f92282d #20731 Follow-up to 725c5609aef19ba53373a49386cd979006b590d6 #20723 Closes #20743 --- .github/workflows/linux.yml | 2 +- docs/examples/imap-append.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index ced21772a2..e1fc33eb8a 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -934,7 +934,7 @@ jobs: ../.github/scripts/randcurl.pl 60 ../bld/src/curl - name: 'build examples' - if: ${{ !contains(matrix.build.install_packages, 'valgrind') && matrix.build.make-custom-target != 'tidy' && !contains(matrix.build.name, '!examples') }} + if: ${{ !contains(matrix.build.install_packages, 'valgrind') && !contains(matrix.build.name, '!examples') }} run: | if [ "${MATRIX_BUILD}" = 'cmake' ]; then ${MATRIX_MAKE_PREFIX} cmake --build bld --verbose --target curl-examples-build diff --git a/docs/examples/imap-append.c b/docs/examples/imap-append.c index 8d7663a611..544473841c 100644 --- a/docs/examples/imap-append.c +++ b/docs/examples/imap-append.c @@ -74,7 +74,7 @@ static size_t read_cb(char *ptr, size_t size, size_t nmemb, void *userp) size_t len = strlen(data); if(room < len) len = room; - memcpy(ptr, data, len); + memcpy(ptr, data, len); /* NOLINT(bugprone-not-null-terminated-result) */ upload_ctx->bytes_read += len; return len; From b3f1f69261ed13f217d98a223d42e8ca4e1a41bd Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 18:28:30 +0100 Subject: [PATCH 51/88] GHA/macos: bump runner to macos-26 in clang-tidy jobs Tiny difference in practice: Apple clang 17.0.0.17000013 -> 17.0.0.17000603 To use the most recent tools for static analyses. Closes #20745 --- .github/workflows/macos.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 1c155e7fc6..987d3567ce 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -201,7 +201,7 @@ jobs: macos: name: "${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.compiler }} ${{ matrix.build.name }}" - runs-on: macos-15 + runs-on: ${{ matrix.build.image || 'macos-15' }} timeout-minutes: 15 env: DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer" @@ -270,6 +270,7 @@ jobs: install: libnghttp3 libngtcp2 gsasl rtmpdump generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON -DCURL_DISABLE_VERBOSE_STRINGS=ON -DUSE_APPLE_SECTRUST=ON - name: 'MultiSSL AppleIDN clang-tidy +examples' + image: macos-26 compiler: clang install: llvm gnutls nettle libressl krb5 mbedtls gsasl rustls-ffi rtmpdump libssh fish install_steps: skiprun @@ -284,6 +285,7 @@ jobs: -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON - name: 'HTTP/3 clang-tidy' + image: macos-26 compiler: clang install: llvm libnghttp3 libngtcp2 openldap krb5 install_steps: skipall From c11127536623281548c915d64a566ede0528026a Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 19:26:37 +0100 Subject: [PATCH 52/88] GHA/linux: delete unused autotools clang-tidy logic Follow-up to 26eddf002f0d9e957ff21865bddfbdf25b4521f5 #20725 Closes #20747 --- .github/workflows/linux.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index e1fc33eb8a..cc44d7768d 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -279,7 +279,6 @@ jobs: install_packages: clang-20 clang-tidy-20 libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev install_steps: skiprun mbedtls-latest-intel rustls wolfssl-opensslextra-intel install_steps_brew: gsasl - make-custom-target: tidy CC: clang-20 LDFLAGS: -Wl,-rpath,/home/runner/wolfssl-opensslextra/lib -Wl,-rpath,/home/runner/mbedtls/lib -Wl,-rpath,/home/runner/rustls/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/gsasl/lib PKG_CONFIG_PATH: /home/runner/wolfssl-opensslextra/lib/pkgconfig:/home/runner/mbedtls/lib/pkgconfig:/home/runner/rustls/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/gsasl/lib/pkgconfig @@ -828,13 +827,11 @@ jobs: run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true - name: 'build' - env: - MATRIX_MAKE_CUSTOM_TARGET: '${{ matrix.build.make-custom-target }}' run: | if [ "${MATRIX_BUILD}" = 'cmake' ]; then ${MATRIX_MAKE_PREFIX} cmake --build bld --verbose else - ${MATRIX_MAKE_PREFIX} make -C bld V=1 ${MATRIX_MAKE_CUSTOM_TARGET} + ${MATRIX_MAKE_PREFIX} make -C bld V=1 fi - name: 'single-use function check' @@ -849,7 +846,6 @@ jobs: ./scripts/singleuse.pl --unit "${libcurla}" - name: 'curl -V' - if: ${{ matrix.build.make-custom-target != 'tidy' }} run: | find . -type f \( -name curl -o -name '*.so.*' -o -name '*.a' \) -print0 | xargs -0 file -- find . -type f \( -name curl -o -name '*.so.*' -o -name '*.a' \) -print0 | xargs -0 stat -c '%10s bytes: %n' -- From fb58b2325657b61ddae2d5373800076b468638f9 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 12:35:51 +0100 Subject: [PATCH 53/88] cmake: fix confusing error when a dependency is undetected in `curl-config.cmake` Fixing: ``` CMake Error at /path/to/CURL/CURLConfig.cmake:190 (get_target_property): get_target_property() called with non-existent target "CURL::libssh2". ``` and replacing it with the clearer message: ``` CMake Error at /path/to/CURL/CURLTargets.cmake:61 (set_target_properties): The link interface of target "CURL::libcurl_static" contains: CURL::libssh2 but the target was not found. Possible reasons include: [...] ``` Reported-by: Val S. Ref: #20729 Follow-up to 16f073ef49f94412000218c9f6ad04e3fd7e4d01 #16973 Closes #20737 --- CMake/curl-config.in.cmake | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/CMake/curl-config.in.cmake b/CMake/curl-config.in.cmake index f4e17d29b3..62134cbcd8 100644 --- a/CMake/curl-config.in.cmake +++ b/CMake/curl-config.in.cmake @@ -176,9 +176,11 @@ if(TARGET @PROJECT_NAME@::@LIB_STATIC@) if(NOT _has_CMP0099 AND CMAKE_VERSION VERSION_GREATER_EQUAL 3.13 AND _curl_libs) set(_curl_libdirs "") foreach(_curl_lib IN LISTS _curl_libs) - get_target_property(_curl_libdir "${_curl_lib}" INTERFACE_LINK_DIRECTORIES) - if(_curl_libdir) - list(APPEND _curl_libdirs "${_curl_libdir}") + if(TARGET "${_curl_lib}") + get_target_property(_curl_libdir "${_curl_lib}" INTERFACE_LINK_DIRECTORIES) + if(_curl_libdir) + list(APPEND _curl_libdirs "${_curl_libdir}") + endif() endif() endforeach() if(_curl_libdirs) From 8d28ac612bd9e513bb53466c2cb1de7f716b2744 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 26 Feb 2026 20:01:02 +0100 Subject: [PATCH 54/88] mailmap: Hamza Bensliman --- .mailmap | 1 + 1 file changed, 1 insertion(+) diff --git a/.mailmap b/.mailmap index d04408efa2..d4e547b9ed 100644 --- a/.mailmap +++ b/.mailmap @@ -120,3 +120,4 @@ Sinkevich Artem Andrew Kirillov Stephen Farrell Calvin Ruocco +Hamza Bensliman From f76a54f890d41f7cfa97bb268a90919958b931a7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 26 Feb 2026 21:36:59 +0100 Subject: [PATCH 55/88] clang-tidy: add missing and delete redundant parentheses Reported by clang-tidy v22.1.0. Ref: https://releases.llvm.org/22.1.0/tools/clang/tools/extra/docs/ReleaseNotes.html Closes #20749 --- lib/memdebug.c | 8 ++++---- lib/mime.c | 2 +- lib/mprintf.c | 3 ++- lib/parsedate.c | 4 ++-- lib/tftp.c | 2 +- lib/transfer.c | 4 ++-- 6 files changed, 12 insertions(+), 11 deletions(-) diff --git a/lib/memdebug.c b/lib/memdebug.c index c4772d3686..af4fc9d6c1 100644 --- a/lib/memdebug.c +++ b/lib/memdebug.c @@ -219,7 +219,7 @@ void *curl_dbg_malloc(size_t wantedsize, int line, const char *source) /* alloc at least 64 bytes */ size = sizeof(struct memdebug) + wantedsize; - mem = (Curl_cmalloc)(size); + mem = Curl_cmalloc(size); if(mem) { mem->size = wantedsize; } @@ -249,7 +249,7 @@ void *curl_dbg_calloc(size_t wanted_elements, size_t wanted_size, user_size = wanted_size * wanted_elements; size = sizeof(struct memdebug) + user_size; - mem = (Curl_ccalloc)(1, size); + mem = Curl_ccalloc(1, size); if(mem) mem->size = user_size; @@ -344,7 +344,7 @@ void *curl_dbg_realloc(void *ptr, size_t wantedsize, # pragma warning(pop) #endif - mem = (Curl_crealloc)(mem, size); + mem = Curl_crealloc(mem, size); if(source) curl_dbg_log_locked("MEM %s:%d realloc(%p, %zu) = %p\n", source, line, (void *)ptr, wantedsize, @@ -380,7 +380,7 @@ void curl_dbg_free(void *ptr, int line, const char *source) #endif /* free for real */ - (Curl_cfree)(mem); + Curl_cfree(mem); } } diff --git a/lib/mime.c b/lib/mime.c index 51c0fcf28a..bf4916f51b 100644 --- a/lib/mime.c +++ b/lib/mime.c @@ -423,7 +423,7 @@ static curl_off_t encoder_base64_size(curl_mimepart *part) return size; /* Unknown size or no data. */ /* Compute base64 character count. */ - size = 4 * (1 + (size - 1) / 3); + size = 4 * (1 + ((size - 1) / 3)); /* Effective character count must include CRLFs. */ return size + (2 * ((size - 1) / MAX_ENCODED_LINE_LENGTH)); diff --git a/lib/mprintf.c b/lib/mprintf.c index d874efe81a..10cede837c 100644 --- a/lib/mprintf.c +++ b/lib/mprintf.c @@ -676,9 +676,10 @@ static bool out_double(void *userp, #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wformat-nonliteral" #endif + /* !checksrc! disable BANNEDFUNC 1 */ /* !checksrc! disable LONGLINE */ /* NOLINTNEXTLINE(clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling) */ - (snprintf)(work, BUFFSIZE, formatbuf, dnum); + snprintf(work, BUFFSIZE, formatbuf, dnum); #if defined(__GNUC__) || defined(__clang__) #pragma GCC diagnostic pop #endif diff --git a/lib/parsedate.c b/lib/parsedate.c index 1eec38a048..db450f10f7 100644 --- a/lib/parsedate.c +++ b/lib/parsedate.c @@ -422,7 +422,7 @@ static int parsedate(const char *date, time_t *output) (num_digits == 4) && (val <= 1400) && (indate < date) && - ((date[-1] == '+' || date[-1] == '-'))) { + (date[-1] == '+' || date[-1] == '-')) { /* four digits and a value less than or equal to 1400 (to take into account all sorts of funny time zone diffs) and it is preceded with a plus or minus. This is a time zone indication. 1400 is @@ -432,7 +432,7 @@ static int parsedate(const char *date, time_t *output) anyone has a more authoritative source for the exact maximum time zone offsets, please speak up! */ found = TRUE; - tzoff = (val / 100 * 60 + val % 100) * 60; + tzoff = ((val / 100 * 60) + (val % 100)) * 60; /* the + and - prefix indicates the local time compared to GMT, this we need their reversed math to get what we want */ diff --git a/lib/tftp.c b/lib/tftp.c index d6dbc4afa4..1e1bf41577 100644 --- a/lib/tftp.c +++ b/lib/tftp.c @@ -486,7 +486,7 @@ static CURLcode tftp_tx(struct tftp_conn *state, tftp_event_t event) break; default: - failf(data, "tftp_tx: internal error, event: %i", (int)(event)); + failf(data, "tftp_tx: internal error, event: %i", (int)event); break; } diff --git a/lib/transfer.c b/lib/transfer.c index 71914e13cf..8153e0622f 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -870,8 +870,8 @@ CURLcode Curl_xfer_send_close(struct Curl_easy *data) bool Curl_xfer_is_blocked(struct Curl_easy *data) { - bool want_send = ((data)->req.keepon & KEEP_SEND); - bool want_recv = ((data)->req.keepon & KEEP_RECV); + bool want_send = (data->req.keepon & KEEP_SEND); + bool want_recv = (data->req.keepon & KEEP_RECV); if(!want_send) return want_recv && Curl_xfer_recv_is_paused(data); else if(!want_recv) From b2076d3c2f5386068d9b0199f25a81147784d8ac Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 27 Feb 2026 01:33:08 +0100 Subject: [PATCH 56/88] vquic: fix unused variable warning reported by clang-tidy Silencing (seen in new GHA/Linux H3 v20 job): ``` lib/vquic/vquic.c:398:37: error: variable 'calls' set but not used [clang-diagnostic-unused-but-set-variable] 398 | size_t total_nread = 0, pkts = 0, calls = 0; | ^ ``` Cherry-picked from #20751 Closes #20752 --- lib/vquic/vquic.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/vquic/vquic.c b/lib/vquic/vquic.c index 10cf6cd3cd..1d0446aeee 100644 --- a/lib/vquic/vquic.c +++ b/lib/vquic/vquic.c @@ -395,7 +395,10 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, struct mmsghdr mmsg[MMSG_NUM]; uint8_t msg_ctrl[MMSG_NUM * CMSG_SPACE(sizeof(int))]; struct sockaddr_storage remote_addr[MMSG_NUM]; - size_t total_nread = 0, pkts = 0, calls = 0; + size_t total_nread = 0, pkts = 0; +#ifdef CURLVERBOSE + size_t calls = 0; +#endif int mcount, i, n; char errstr[STRERROR_LEN]; CURLcode result = CURLE_OK; @@ -448,7 +451,7 @@ static CURLcode recvmmsg_packets(struct Curl_cfilter *cf, goto out; } - ++calls; + VERBOSE(++calls); for(i = 0; i < mcount; ++i) { /* A zero-length UDP packet is no QUIC packet. Ignore. */ if(!mmsg[i].msg_len) From b48d02179acc7b274f9751420ca2e36a8329d0b0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 27 Feb 2026 07:54:58 +0100 Subject: [PATCH 57/88] ftp: remove two redundant assignments Follow-up to 29bca12978f3ad Pointed out by CodeSonar Closes #20755 --- lib/ftp.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index c234f35bac..4c98d86f23 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -933,7 +933,6 @@ static CURLcode ftp_port_parse_string(struct Curl_easy *data, #ifdef USE_IPV6 if(curlx_inet_pton(AF_INET6, string_ftpport, &sa6->sin6_addr) == 1) { /* ipv6 */ - port_min = port_max = 0; addrlen = strlen(string_ftpport); ip_end = NULL; /* this got no port ! */ } @@ -959,8 +958,6 @@ static CURLcode ftp_port_parse_string(struct Curl_easy *data, else port_max = port_min; } - else - port_max = port_min; } } From 61bcd1105a6ab7c089242c40e2660ffd9a3aa257 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 27 Feb 2026 07:59:10 +0100 Subject: [PATCH 58/88] cfilter: move a debug-only check into ifdef DEBUGBUILD Pointed out by CodeSonar Closes #20756 --- lib/cfilters.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/cfilters.c b/lib/cfilters.c index 4905418fa3..27b0306180 100644 --- a/lib/cfilters.c +++ b/lib/cfilters.c @@ -1089,13 +1089,14 @@ CURLcode Curl_conn_send(struct Curl_easy *data, int sockindex, const char *p = getenv("CURL_SMALLSENDS"); if(p) { curl_off_t altsize; - if(!curlx_str_number(&p, &altsize, write_len)) + if(!curlx_str_number(&p, &altsize, write_len)) { write_len = (size_t)altsize; + if(write_len != len) + eos = FALSE; + } } } #endif - if(write_len != len) - eos = FALSE; if(data && data->conn && data->conn->send[sockindex]) return data->conn->send[sockindex](data, sockindex, buf, write_len, eos, pnwritten); From a67ee591e05c025641ca547e7398b2e0ebcbba6a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 27 Feb 2026 09:37:29 +0100 Subject: [PATCH 59/88] RELEASE-NOTES: synced --- RELEASE-NOTES | 66 +++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 53 insertions(+), 13 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 81314483b1..fe6ba29c95 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -4,7 +4,7 @@ curl and libcurl 8.19.0 Command line options: 273 curl_easy_setopt() options: 308 Public functions in libcurl: 100 - Contributors: 3607 + Contributors: 3609 This release includes the following changes: @@ -21,10 +21,12 @@ This release includes the following bugfixes: o altsvc: only accept 17 byte dates from files [22] o asyn-ares: abort with OOM error when Curl_dnscache_mk_entry fails [107] + o build: add missing `GENERATEDCERTS` files [210] o build: adjust minimum version for some clang picky warnings [211] o build: check `MSG_NOSIGNAL` directly, drop detection and interim macro [26] o build: constify `memchr()`/`strchr()`/etc result variables (cont.) [85] o build: detect and include `inttypes.h` again [13] + o build: do not include wolfSSL header in `curl_setup.h` [215] o build: drop duplicate C includes [54] o build: drop global suppression of `-Wformat-nonliteral`, fix fallouts [19] o build: fix `-Wunused-macros` warnings, and related tidy-ups [176] @@ -40,17 +42,29 @@ This release includes the following bugfixes: o checksrc-all.pl: skip non-repository files [144] o checksrc: do not apply `BANNEDFUNC` to struct member functions [35] o checksrc: warn for leading spaces before the preprocessor hash [72] + o clang-tidy: add missing and delete redundant parentheses [155] + o clang-tidy: add more missing parentheses in macro values [224] + o clang-tidy: avoid/silence `bugprone-not-null-terminated-result` [222] o clang-tidy: check `bugprone-macro-parentheses`, fix fallouts [212] o clang-tidy: drop redundant conditions reported by `misc-redundant-expression` [217] + o clang-tidy: enable `bugprone-signed-char-misuse`, fix fallouts [227] + o clang-tidy: enable more checks [225] + o clang-tidy: enable scanning headers [205] o cmake/FindMbedTLS: add workaround for missing static MSVC `mbedcrypto.lib` 4.0.0 [174] o cmake: add `CURL_DROP_UNUSED` option to reduce binary sizes [105] + o cmake: add native clang-tidy support for tests, with concatenated sources [223] o cmake: always build curlu and curltool test libs in unity mode [190] o cmake: always define `CURL::win32_winsock` on Windows in `curl-config.cmake` [104] o cmake: enable binutils ld workaround for all toolchains at build-time [57] + o cmake: fix confusing error when a dependency is undetected in `curl-config.cmake` [169] o cmake: fix logic for openssl/zlib binutils ld workaround [71] + o cmake: fix passing system header directories to clang-tidy for tests [221] + o cmake: minor fixes to test targets after prev [214] o cmake: normalize uppercase hex winver (for display) [191] o cmake: omit `curl.rc` from curltool lib [209] o cmake: reference OpenSSL and ZLIB imported targets only when enabled [41] + o cmake: replace internal option with a new `testbins` target [220] + o cmake: silence potential unused var warnings in C++ test snippet [201] o cmake: silence silly Apple clang warnings in C89 mode, test in CI [14] o cmake: silence useless compiler warnings triggered by the FASTBuild generator [43] o cmake: skip binutils ld hack if zlib/openssl target is not `IMPORTED` [90] @@ -140,6 +154,7 @@ This release includes the following bugfixes: o mqtt: verify Remaining Length for CONNACK and PUBACK [153] o msvc: drop exception, make `BIT()` a bitfield with Visual Studio [2] o msvc: VS2026: unlock picky warning in cmake, test in CI [198] + o multi: avoid a theoretical 32-bit wrap [186] o multi: probe for IPv6 functionality in multi_init() [114] o multi: split multi_runsingle into sub functions [197] o multi: update timer unconditionally in multi_remove_handle [158] @@ -156,6 +171,7 @@ This release includes the following bugfixes: o ratelimit: download finetune [16] o request.h: rename parameter 'buf' to 'req' in Curl_req_send [219] o REUSE: drop broken reference to `MAIL-ETIQUETTE` [59] + o rtsp: fix assertion failure on zero-length RTP payload [180] o rtspd: fix to check `realloc()` result [173] o runtests: pass config filename to stunnel in native format (Windows) [94] o schannel: refactor: reduce variable scopes, fix comment, fix indent [196] @@ -172,6 +188,7 @@ This release includes the following bugfixes: o ssh: dedupe state change function [99] o sws: prevent "connection monitor" to say disconnect twice o tests/server/sockfilt: avoid possible endless loop on Windows [101] + o tests/server: fix to clear the complete `srvr_sockaddr_union_t` variable [207] o tests/server: tidy-up error messages (Windows) [102] o tests: avoid assignment in `if` conditions in `first.h` [126] o tests: convert base64 data to %b64[] [87] @@ -193,6 +210,7 @@ This release includes the following bugfixes: o tool_getparam: avoid `-Wcomma` with Apple clang in C89 mode [38] o tool_operate: remove 'else' for VMS [3] o typos: silence false positives found in C code [164] + o unit3205: suppress two clang-tidy false positives [206] o URL-SYNTAX.md: fix port number mistakes for IMAP and LDAP [200] o url.c: code/comment cleanup around conn creation [132] o url.h: fix `-Wdocumentation` [61] @@ -202,10 +220,12 @@ This release includes the following bugfixes: o urldata: convert 'long' fields to fixed variable types [47] o urldata: switch to uint* types [1] o verbose.md: explain the { and } prefixes [96] + o vquic: fix unused variable warning reported by clang-tidy [152] o vquic: handle SOCKEMSGSIZE correctly [129] o vtls: dedupe common on-session-reuse logic [98] o vtls: use ALPN http/1.0 & http/1.1 for HTTP/1.0 requests [123] o VULN-DISCLOSURE-POLICY.md: push reports to the web form [154] + o VULN-DISCLOSURE-POLICY.md: use hackerone [202] o winapi: use FormatMessageA instead of FormatMessageW [115] o windows: `USE_WINSOCK` to guard winsock2 code (where missing) [133] o windows: tidy up `wincrypt.h` / BoringSSL/AWS-LC coexist workaround [203] @@ -236,18 +256,18 @@ advice from friends like these: Arnav-Purushotam-CUBoulder, Augment code, Billy O'Neal, calm329, Christian Schmitz, Christian Schmitza, cooldadpresident on github, Dag Haavi Finstad, dahmono on github, Dan Fandrich, Daniel Gustafsson, - Daniel Lublin, Daniel Stenberg, Daniil Gentili, dEajL3kA, dependabot[bot], - Diogo Correia, Frank Buss, gudyuu on hackerone, Hamza Bensliman, - Itay Bookstein, Jacek Migacz, James Fuller, Jan Macku, jhauga, - Joshua Vandaële, Juan Belon, Kai Pastor, Maksim Ściepanienka, Marcel Raad, - Megamouse on github, Michał Antoniak, Natris on github, nono303 on github, - Nuno Goncalves, Patrick Monnerat, Paul Howarth, programmerlexi on github, - Randall S. Becker, Ray Satiro, renovate[bot], Rudi Heitbaum, - sammydono on github, Samuel Henrique, Sascha Frinken, Spenser Black, - Stefan Eissing, tawmoto on github, Tenant HellTower, Thibault de Villèle, - Tim Friedrich Brüggemann, Tomáš Malý, tommy, Viktor Szakats, Wyuer on github, - z2_, Zhicheng Chen, Йоте - (62 contributors) + Daniel Lublin, Daniel Stenberg, Daniil Gentili, David Korczynski, dEajL3kA, + dependabot[bot], Diogo Correia, Frank Buss, gudyuu on hackerone, + Hamza Bensliman, Itay Bookstein, Jacek Migacz, James Fuller, Jan Macku, + jhauga, Joshua Vandaële, Juan Belon, Kai Pastor, Maksim Ściepanienka, + Marcel Raad, Megamouse on github, Michał Antoniak, Natris on github, + nono303 on github, Nuno Goncalves, Patrick Monnerat, Paul Howarth, + programmerlexi on github, Randall S. Becker, Ray Satiro, renovate[bot], + Rudi Heitbaum, sammydono on github, Samuel Henrique, Sascha Frinken, + Spenser Black, Stefan Eissing, tawmoto on github, Tenant HellTower, + Thibault de Villèle, Tim Friedrich Brüggemann, Tomáš Malý, tommy, Val S., + Viktor Szakats, Wyuer on github, z2_, Zhicheng Chen, Йоте + (64 contributors) References to bug reports and discussions on issues: @@ -400,8 +420,10 @@ References to bug reports and discussions on issues: [148] = https://curl.se/bug/?i=20642 [149] = https://curl.se/bug/?i=20585 [150] = https://curl.se/bug/?i=20636 + [152] = https://curl.se/bug/?i=20752 [153] = https://curl.se/bug/?i=20513 [154] = https://curl.se/bug/?i=20515 + [155] = https://curl.se/bug/?i=20749 [156] = https://curl.se/bug/?i=20508 [157] = https://curl.se/bug/?i=20510 [158] = https://curl.se/bug/?i=20498 @@ -415,6 +437,7 @@ References to bug reports and discussions on issues: [166] = https://curl.se/bug/?i=20689 [167] = https://curl.se/bug/?i=20705 [168] = https://curl.se/bug/?i=20700 + [169] = https://curl.se/bug/?i=20737 [172] = https://curl.se/bug/?i=20685 [173] = https://curl.se/bug/?i=20621 [174] = https://curl.se/bug/?i=20616 @@ -422,10 +445,12 @@ References to bug reports and discussions on issues: [177] = https://curl.se/bug/?i=20620 [178] = https://curl.se/bug/?i=20611 [179] = https://curl.se/bug/?i=20608 + [180] = https://curl.se/bug/?i=20735 [181] = https://curl.se/bug/?i=20607 [182] = https://curl.se/bug/?i=20597 [183] = https://curl.se/bug/?i=20584 [185] = https://curl.se/bug/?i=20601 + [186] = https://curl.se/bug/?i=20742 [188] = https://curl.se/bug/?i=20595 [189] = https://curl.se/bug/?i=20587 [190] = https://curl.se/bug/?i=20677 @@ -438,13 +463,28 @@ References to bug reports and discussions on issues: [197] = https://curl.se/bug/?i=20573 [198] = https://curl.se/bug/?i=20577 [200] = https://curl.se/bug/?i=20679 + [201] = https://curl.se/bug/?i=20736 + [202] = https://curl.se/bug/?i=20683 [203] = https://curl.se/bug/?i=20567 + [205] = https://curl.se/bug/?i=20720 + [206] = https://curl.se/bug/?i=20731 + [207] = https://curl.se/bug/?i=20730 [208] = https://curl.se/bug/?i=20598 [209] = https://curl.se/bug/?i=20671 + [210] = https://curl.se/bug/?i=20728 [211] = https://curl.se/bug/?i=20665 [212] = https://curl.se/bug/?i=20647 [213] = https://curl.se/bug/?i=20664 + [214] = https://curl.se/bug/?i=20727 + [215] = https://curl.se/bug/?i=20726 [216] = https://curl.se/bug/?i=20654 [217] = https://curl.se/bug/?i=20644 [218] = https://curl.se/bug/?i=20641 [219] = https://curl.se/bug/?i=20660 + [220] = https://curl.se/bug/?i=20708 + [221] = https://curl.se/bug/?i=20670 + [222] = https://curl.se/bug/?i=20723 + [223] = https://curl.se/bug/?i=20667 + [224] = https://curl.se/bug/?i=20721 + [225] = https://curl.se/bug/?i=20622 + [227] = https://curl.se/bug/?i=20654 From d9386a2f8ec3c4bd5ababc4eeb96ecd3e522b77c Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 27 Feb 2026 04:08:06 +0100 Subject: [PATCH 60/88] cmake: fix system include directory position for clang-tidy in tests To avoid a system include masking a custom directory, and e.g. picking up system OpenSSL headers from `/usr/include` on Linux, instead of the correct ones from a custom header directory, move system include directories to the back of the header path list. Also to match what CMake seems to be doing for the C compiler command-lines it generates. CMake seems to use `-I`, while for these invocations we stick with `-isystem` just in case. This area remains fragile and likely not the final issue. Fixing (seen in GHA/linux H3 c-ares): ``` Error while processing bld/tests/libtest/lib1521.c. /usr/include/openssl/macros.h:147:4: error: "OPENSSL_API_COMPAT expresses an impossible API compatibility level" [clang-diagnostic-error] Found compiler error(s). 147 | # error "OPENSSL_API_COMPAT expresses an impossible API compatibility level" | ^ FAILED: [code=1] tests/libtest/CMakeFiles/libtests-clang-tidy ``` Ref: https://github.com/curl/curl/actions/runs/22468472670/job/65079885471?pr=20751 Bug: https://github.com/curl/curl/pull/20751#issuecomment-3970180687 Cherry-picked from #20751 Closes #20759 --- CMake/Macros.cmake | 21 +++++++++++++++++++++ scripts/cmakelint.sh | 4 ++-- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/CMake/Macros.cmake b/CMake/Macros.cmake index 8d3458c06e..bf0ca1297f 100644 --- a/CMake/Macros.cmake +++ b/CMake/Macros.cmake @@ -139,6 +139,18 @@ macro(curl_add_clang_tidy_test_target _target_clang_tidy _target) set(_incsys "") set(_options "") + # Make a list of known system include directories + set(_sys_incdirs "${CMAKE_C_IMPLICIT_INCLUDE_DIRECTORIES}") + foreach(_inc IN LISTS CMAKE_SYSTEM_PREFIX_PATH) + if(NOT _inc MATCHES "/$") + string(APPEND _inc "/") + endif() + string(APPEND _inc "include") + if(NOT _inc IN_LIST _sys_incdirs AND IS_DIRECTORY "${_inc}") + list(APPEND _sys_incdirs "${_inc}") + endif() + endforeach() + # Collect macro definitions and header directories applying to the directory get_directory_property(_val COMPILE_DEFINITIONS) if(_val) @@ -169,7 +181,12 @@ macro(curl_add_clang_tidy_test_target _target_clang_tidy _target) set(_incsys_tmp ${_incsys}) list(REMOVE_DUPLICATES _incsys_tmp) set(_incsys "") + set(_incsystop "") foreach(_inc IN LISTS _incsys_tmp) + if(_inc IN_LIST _sys_incdirs) + list(APPEND _incsystop "${_inc}") # Save system prefixes to re-add them later to the end of list + continue() + endif() # Avoid empty and '$' items. The latter # evaluates to an empty path in this context. Also skip # '$', as already present in '_includes'. @@ -179,6 +196,9 @@ macro(curl_add_clang_tidy_test_target _target_clang_tidy _target) list(APPEND _incsys "-isystem" "${_inc}") endif() endforeach() + foreach(_inc IN LISTS _incsystop) + list(APPEND _incsys "-isystem" "${_inc}") + endforeach() if(CMAKE_C_COMPILER_ID MATCHES "Clang") list(REMOVE_DUPLICATES _options) # Keep the first of duplicates to imitate CMake @@ -214,6 +234,7 @@ macro(curl_add_clang_tidy_test_target _target_clang_tidy _target) DEPENDS ${_sources}) add_dependencies(tests-clang-tidy ${_target_clang_tidy}) + unset(_sys_incdirs) unset(_cc) unset(_definitions) unset(_includes) diff --git a/scripts/cmakelint.sh b/scripts/cmakelint.sh index adf128556d..0927603375 100755 --- a/scripts/cmakelint.sh +++ b/scripts/cmakelint.sh @@ -72,8 +72,8 @@ cd "$(dirname "$0")"/.. --min-statement-spacing 1 \ --max-statement-spacing 2 \ --max-returns 6 \ - --max-branches 12 \ + --max-branches 15 \ --max-arguments 5 \ --max-localvars 15 \ - --max-statements 65 \ + --max-statements 85 \ -- From ce4db9c2efca0bd89e556e231d940c988d84a606 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 27 Feb 2026 01:09:14 +0100 Subject: [PATCH 61/88] GHA/linux: replace scan-build with clang-tidy `scan-build` is a (Perl) wrapper around clang's built-in `--analyze` option. Which look similar or identical to clang-tidy checkers under the `clang-analyzer-*` namespace: https://clang.llvm.org/docs/ClangStaticAnalyzer.html Unless somebody has other information, it appears redundant to run scan-build in parallel with clang-tidy in CI, now that the latter is working reliably and with good performance for all curl components. Another scan-build issue is the lack of a markup to suppress false positives. It ignores `NOLINT`, yet finds the same false positives as clang-tidy. This happens with scan-build v20+. v18 is silent, but it's a blocker to upgrade to a newer version. scan-build may still be a useful when combined with autotools, where clang-tidy support is incomplete, slow (no parallelism), and uses a distinct make target, which does not build binaries in the same pass. But, scan-build also lacks extra checkers that are now enabled for clang-tidy. The clang-tidy job is also 30-40s faster than the one it replaced. Also: - drop scan-build job configured the same way as a clang-tidy one. CI time saved: 6m30s - bump to clang-20 (from 18) in the replacement job. - build tests in the replacement job. To verify a cmake command-line reconstruction issue only hit in this job in CI. CI time cost: 1m40s - replacement job caught a minor, new, issue. Ref: b2076d3c2f5386068d9b0199f25a81147784d8ac #20752 - drop unused scan-build logic. Bug: https://github.com/curl/curl/pull/20732#issuecomment-3963873838 Ref: https://github.com/curl/curl/pull/20732#issuecomment-3967479228 Closes #20751 --- .github/workflows/linux.yml | 39 +++++++++---------------------------- 1 file changed, 9 insertions(+), 30 deletions(-) diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index cc44d7768d..3acd80f261 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -66,7 +66,6 @@ jobs: MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} MATRIX_INSTALL_PACKAGES: '${{ matrix.build.install_packages }}' MATRIX_INSTALL_STEPS: '${{ matrix.build.install_steps }}' - MATRIX_MAKE_PREFIX: '${{ matrix.build.make-prefix }}' strategy: fail-fast: false matrix: @@ -288,35 +287,18 @@ jobs: -DUSE_ECH=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/usr/bin/clang-tidy-20 - - name: 'scan-build' - install_packages: clang clang-tools libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libgss-dev librtmp-dev libgnutls28-dev - install_steps: skipall mbedtls-latest-intel rustls wolfssl-opensslextra-intel - install_steps_brew: gsasl - CC: clang - configure-prefix: scan-build - make-prefix: scan-build --status-bugs - LDFLAGS: -Wl,-rpath,/home/runner/wolfssl-opensslextra/lib -Wl,-rpath,/home/runner/mbedtls/lib -Wl,-rpath,/home/runner/rustls/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/gsasl/lib - PKG_CONFIG_PATH: /home/runner/wolfssl-opensslextra/lib/pkgconfig:/home/runner/mbedtls/lib/pkgconfig:/home/runner/rustls/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/gsasl/lib/pkgconfig - generate: >- - -DCURL_USE_OPENSSL=ON -DCURL_USE_WOLFSSL=ON -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON - -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON - -DUSE_ECH=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON - -DCMAKE_UNITY_BUILD=OFF -DCURL_DISABLE_TYPECHECK=ON - - - name: 'scan-build H3 c-ares !examples' - install_packages: clang clang-tools libidn2-dev libssh-dev libnghttp2-dev - install_steps: skipall + - name: 'clang-tidy H3 c-ares !examples' + install_packages: clang-20 clang-tidy-20 libidn2-dev libssh-dev libnghttp2-dev + install_steps: skiprun install_steps_brew: openssl libngtcp2 libnghttp3 c-ares - CC: clang - configure-prefix: scan-build - make-prefix: scan-build --status-bugs + CC: clang-20 LDFLAGS: -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/openssl/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/libngtcp2/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/libnghttp3/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/libngtcp2/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/libnghttp3/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/c-ares/lib/pkgconfig generate: >- -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/home/linuxbrew/.linuxbrew/opt/openssl -DUSE_NGTCP2=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON -DUSE_HTTPSRR=ON -DENABLE_ARES=ON - -DCMAKE_UNITY_BUILD=OFF -DCURL_DISABLE_TYPECHECK=ON -DCURL_DISABLE_VERBOSE_STRINGS=ON + -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/usr/bin/clang-tidy-20 - name: 'address-sanitizer' install_packages: clang-20 libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2 @@ -793,14 +775,12 @@ jobs: LDFLAGS: '${{ matrix.build.LDFLAGS }}' LIBS: '${{ matrix.build.LIBS }}' MATRIX_CONFIGURE: '${{ matrix.build.configure }}' - MATRIX_CONFIGURE_PREFIX: '${{ matrix.build.configure-prefix }}' MATRIX_GENERATE: '${{ matrix.build.generate }}' MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}' run: | [[ "${MATRIX_INSTALL_STEPS}" = *'awslc'* ]] && sudo apt-get -o Dpkg::Use-Pty=0 purge libssl-dev [ -n "${MATRIX_PKG_CONFIG_PATH}" ] && export PKG_CONFIG_PATH="${MATRIX_PKG_CONFIG_PATH}" if [ "${MATRIX_BUILD}" = 'cmake' ]; then - ${MATRIX_CONFIGURE_PREFIX} \ cmake -B bld -G Ninja \ -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \ -DCMAKE_C_COMPILER_TARGET="$(uname -m)-pc-linux-gnu" -DBUILD_STATIC_LIBS=ON \ @@ -808,7 +788,6 @@ jobs: ${MATRIX_GENERATE} else mkdir bld && cd bld && \ - ${MATRIX_CONFIGURE_PREFIX} \ ../configure --prefix="$HOME"/curl-install --enable-unity --enable-warnings --enable-werror --disable-static \ --disable-dependency-tracking --enable-option-checking=fatal \ ${MATRIX_CONFIGURE} @@ -829,9 +808,9 @@ jobs: - name: 'build' run: | if [ "${MATRIX_BUILD}" = 'cmake' ]; then - ${MATRIX_MAKE_PREFIX} cmake --build bld --verbose + cmake --build bld --verbose else - ${MATRIX_MAKE_PREFIX} make -C bld V=1 + make -C bld V=1 fi - name: 'single-use function check' @@ -933,7 +912,7 @@ jobs: if: ${{ !contains(matrix.build.install_packages, 'valgrind') && !contains(matrix.build.name, '!examples') }} run: | if [ "${MATRIX_BUILD}" = 'cmake' ]; then - ${MATRIX_MAKE_PREFIX} cmake --build bld --verbose --target curl-examples-build + cmake --build bld --verbose --target curl-examples-build else - ${MATRIX_MAKE_PREFIX} make -C bld V=1 examples + make -C bld V=1 examples fi From 9d727e4e55e1872452b32604e4a3d25277597ac6 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 27 Feb 2026 12:03:32 +0100 Subject: [PATCH 62/88] cmake: replace `list(FIND)` with `if(var IN_LIST list)` Available since CMake v3.3. Ref: https://cmake.org/cmake/help/latest/command/if.html#in-list Closes #20758 --- CMakeLists.txt | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 2419de626c..43fb01a48a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2204,8 +2204,7 @@ if(NOT CURL_DISABLE_INSTALL) if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20) cmake_path(SET _libdir NORMALIZE "${_libdir}") endif() - list(FIND _sys_libdirs "${_libdir}" _libdir_index) - if(_libdir_index LESS 0) + if(NOT _libdir IN_LIST _sys_libdirs) list(APPEND _ldflags "-L${_libdir}") endif() string(REGEX REPLACE "^lib" "" _libname "${_libname}") @@ -2233,8 +2232,7 @@ if(NOT CURL_DISABLE_INSTALL) if(CMAKE_VERSION VERSION_GREATER_EQUAL 3.20) cmake_path(SET _libdir NORMALIZE "${_libdir}") endif() - list(FIND _sys_libdirs "${_libdir}" _libdir_index) - if(_libdir_index LESS 0) + if(NOT _libdir IN_LIST _sys_libdirs) list(APPEND _ldflags "-L${_libdir}") endif() endforeach() From 00b215b894cac0e21f620a88c299408a57ee2f75 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 27 Feb 2026 13:43:51 +0100 Subject: [PATCH 63/88] cmake: convert `curl_add_clang_tidy_test_target()` macro to function I thought a macro is necessary to have `get_directory_property()` and `CMAKE_CURRENT_SOURCE_DIR` work on the correct directory, but it turns out they do work the same when used in a function. Closes #20760 --- CMake/Macros.cmake | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/CMake/Macros.cmake b/CMake/Macros.cmake index bf0ca1297f..0ae126333a 100644 --- a/CMake/Macros.cmake +++ b/CMake/Macros.cmake @@ -131,7 +131,7 @@ macro(curl_collect_target_options _target) endmacro() # Create a clang-tidy target for test targets -macro(curl_add_clang_tidy_test_target _target_clang_tidy _target) +function(curl_add_clang_tidy_test_target _target_clang_tidy _target) if(CURL_CLANG_TIDY) set(_definitions "") @@ -233,14 +233,5 @@ macro(curl_add_clang_tidy_test_target _target_clang_tidy _target) ${_sources} -- ${_cc} ${_definitions} ${_includes} ${_incsys} ${_options} DEPENDS ${_sources}) add_dependencies(tests-clang-tidy ${_target_clang_tidy}) - - unset(_sys_incdirs) - unset(_cc) - unset(_definitions) - unset(_includes) - unset(_incsys) - unset(_incsys_tmp) - unset(_options) - unset(_sources) endif() -endmacro() +endfunction() From fa8bd1cc09125b368d4295c19331bf33e2d0c602 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 27 Feb 2026 00:38:07 +0100 Subject: [PATCH 64/88] mprintf: use `_snprintf()` when compiled with VS2013 and older To support floats and doubles when using these old compilers. Before this patch, these tests most likely failed with them: ``` FAIL 557: 'curl_mprintf() testing' printf, unittest FAIL 566: 'HTTP GET with CURLINFO_CONTENT_LENGTH_DOWNLOAD and 0 bytes transfer' HTTP, HTTP GET FAIL 599: 'HTTP GET with progress callback and redirects changing content sizes' HTTP, HTTP POST, chunked Transfer-Encoding FAIL 1148: 'progress-bar' HTTP, progressbar ``` Also: - mention `_snprintf()` in the `_CRT_SECURE_NO_WARNINGS` comment. Follow-up to 7de35515d90d364e851cdde712062b942d6bf36a #20218 Closes #20761 --- lib/curl_setup.h | 2 +- lib/mprintf.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/curl_setup.h b/lib/curl_setup.h index b7c030c006..4629f79fb9 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -90,7 +90,7 @@ /* Disable Visual Studio warnings: 4127 "conditional expression is constant" */ #pragma warning(disable:4127) #ifndef _CRT_SECURE_NO_WARNINGS -#define _CRT_SECURE_NO_WARNINGS /* for getenv(), tests: sscanf() */ +#define _CRT_SECURE_NO_WARNINGS /* for _snprintf(), getenv(), sscanf() */ #endif #endif /* _MSC_VER */ diff --git a/lib/mprintf.c b/lib/mprintf.c index 10cede837c..b00f16e34b 100644 --- a/lib/mprintf.c +++ b/lib/mprintf.c @@ -688,6 +688,9 @@ static bool out_double(void *userp, buffer if it reaches the max size so we do that here. */ work[BUFFSIZE - 1] = 0; #endif +#elif defined(_MSC_VER) && (_MSC_VER < 1900) + _snprintf(work, BUFFSIZE, formatbuf, dnum); + work[BUFFSIZE - 1] = 0; #else /* float and double outputs do not work without snprintf support */ work[0] = 0; From 7a08c5d820fcf237688562a237a05000214db789 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 27 Feb 2026 15:03:28 +0100 Subject: [PATCH 65/88] ldap: silence clang-tidy v22 warning Closes #20762 --- lib/ldap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ldap.c b/lib/ldap.c index aaf2d5885b..e223078b03 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -955,7 +955,7 @@ void Curl_ldap_version(char *buf, size_t bufsz) unsigned int patch = (unsigned int)(api.ldapai_vendor_version % 100); unsigned int major = (unsigned int)(api.ldapai_vendor_version / 10000); unsigned int minor = - (((unsigned int)api.ldapai_vendor_version - major * 10000) + (((unsigned int)api.ldapai_vendor_version - (major * 10000)) - patch) / 100; #ifdef __OS400__ curl_msnprintf(buf, bufsz, "IBMLDAP/%u.%u.%u", major, minor, patch); From 92f66f023485738080bc7d0a72ef613940544521 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 27 Feb 2026 00:03:18 +0100 Subject: [PATCH 66/88] appveyor: minor improvements [ci skip] - make per-job cmake options override default ones (as in GHA) - also upload `.lib` artifacts (in commented code) Cherry-picked from #20750 --- appveyor.sh | 2 +- appveyor.yml | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/appveyor.sh b/appveyor.sh index 0b9793ce37..284a90f222 100644 --- a/appveyor.sh +++ b/appveyor.sh @@ -88,8 +88,8 @@ if [ -n "${CMAKE_GENERATOR:-}" ]; then -DCURL_STATIC_CRT=ON \ -DCURL_DROP_UNUSED=ON \ -DCURL_USE_SCHANNEL=ON -DCURL_USE_LIBPSL=OFF \ - ${CMAKE_GENERATE:-} \ ${options} \ + ${CMAKE_GENERATE:-} \ || { cat "${root}"/_bld/CMakeFiles/CMake* 2>/dev/null; false; } [ "${APPVEYOR_BUILD_WORKER_IMAGE}" = 'Visual Studio 2013' ] && cd .. done diff --git a/appveyor.yml b/appveyor.yml index a7dca25e60..d3444d9491 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -142,3 +142,5 @@ skip_commits: # name: curl # - path: '**/*.dll' # name: libcurl dll +# - path: '**/*.lib' +# name: libcurl lib From aea5552a640b8db9c6d1465cacfa3d5f5a9bed26 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 27 Feb 2026 22:29:09 +0100 Subject: [PATCH 67/88] INSTALL.md: fix typo Reported-by: Nathan-M-code on github Fixes #20766 Closes #20767 --- docs/INSTALL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 2db659f397..7e0329c8e7 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -426,7 +426,7 @@ another SSL backend such as OpenSSL. # Android -When building curl for Android you can you CMake or curl's `configure` script. +When building curl for Android you can either use CMake or `configure`. Before you can build curl for Android, you need to install the Android NDK first. This can be done using the SDK Manager that is part of Android Studio. From 006f561f6ee62a486b71bc21ff8cacb840dcda91 Mon Sep 17 00:00:00 2001 From: Florian Imdahl Date: Thu, 26 Feb 2026 19:48:57 +0100 Subject: [PATCH 68/88] docs: some nitpicks - replaced double spaces with single space where applicable - replaced "favourite" with "favorite" - added language identifiers to code blocks in markdown files - added extra line after code blocks and after headings in markdown files Cloes #20748 --- .github/scripts/badwords.txt | 1 + docs/BINDINGS.md | 2 +- docs/CIPHERS.md | 9 +++++++++ docs/ECH.md | 4 ++-- docs/INSTALL.md | 4 ++-- docs/IPFS.md | 5 +++-- docs/internals/BUFQ.md | 19 ++++++++++--------- docs/internals/CLIENT-READERS.md | 6 +++--- docs/internals/CLIENT-WRITERS.md | 8 ++++---- docs/internals/CONNECTION-FILTERS.md | 9 +++++---- docs/internals/SCORECARD.md | 8 ++++---- docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md | 2 +- .../opts/CURLOPT_OPENSOCKETFUNCTION.md | 2 +- docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md | 2 +- docs/tests/HTTP.md | 12 ++++++------ lib/http.c | 2 +- 16 files changed, 54 insertions(+), 41 deletions(-) diff --git a/.github/scripts/badwords.txt b/.github/scripts/badwords.txt index a3eeb9c444..bc26bb02d7 100644 --- a/.github/scripts/badwords.txt +++ b/.github/scripts/badwords.txt @@ -91,3 +91,4 @@ file names\b:filenames ---Curl Corporation \bmanpages[^./;=&{:-]:man pages \bmanpage[^si./;=&{:-]:man page +favour:favor diff --git a/docs/BINDINGS.md b/docs/BINDINGS.md index 9ee5f688a4..9a53f81f29 100644 --- a/docs/BINDINGS.md +++ b/docs/BINDINGS.md @@ -9,7 +9,7 @@ libcurl bindings Creative people have written bindings or interfaces for various environments and programming languages. Using one of these allows you to take advantage of -curl powers from within your favourite language or system. +curl powers from within your favorite language or system. This is a list of all known interfaces as of this writing. diff --git a/docs/CIPHERS.md b/docs/CIPHERS.md index 7d9a1edf47..767b26b726 100644 --- a/docs/CIPHERS.md +++ b/docs/CIPHERS.md @@ -78,6 +78,7 @@ OpenSSL (1.1.1+, curl 7.61.0+), LibreSSL (3.4.1+, curl 8.3.0+), wolfSSL (curl 8.10.0+) and mbedTLS (3.6.0+, curl 8.10.0+). The list of cipher suites that can be used for the `--tls13-ciphers` option: + ``` TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 @@ -118,6 +119,7 @@ A shortened list (based on [recommendations by Mozilla](https://wiki.mozilla.org/Security/Server_Side_TLS)) of cipher suites, which are (mostly) supported by all SSL backends, that can be used for the `--ciphers` option: + ``` ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 @@ -180,6 +182,7 @@ curl \ ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305 \ https://example.com/ ``` + Restrict ciphers to `aes128-gcm` and `chacha20`. Works with OpenSSL, LibreSSL, mbedTLS and wolfSSL. @@ -189,6 +192,7 @@ curl \ --tls13-ciphers TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 \ https://example.com/ ``` + Restrict to only TLS 1.3 with `aes128-gcm` and `chacha20` ciphers. Works with OpenSSL, LibreSSL, mbedTLS, wolfSSL and Schannel. @@ -198,6 +202,7 @@ curl \ ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305 \ https://example.com/ ``` + Restrict TLS 1.2 ciphers to `aes128-gcm` and `chacha20`, use default TLS 1.3 ciphers (if TLS 1.3 is available). Works with OpenSSL, LibreSSL, BoringSSL, mbedTLS and wolfSSL. @@ -244,6 +249,7 @@ curl \ --ciphers '-CIPHER_ALL:+AES-128-GCM:+CHACHA20-POLY1305' \ https://example.com/ ``` + Restrict ciphers to `aes128-gcm` and `chacha20` in GnuTLS. ```sh @@ -251,6 +257,7 @@ curl \ --ciphers 'NORMAL:-VERS-ALL:+TLS1.3:-AES-256-GCM' \ https://example.com/ ``` + Restrict to only TLS 1.3 without the `aes256-gcm` cipher. ```sh @@ -258,9 +265,11 @@ curl \ --ciphers 'NORMAL:-VERS-ALL:+TLS1.2:-CIPHER_ALL:+CAMELLIA-128-GCM' \ https://example.com/ ``` + Restrict to only TLS 1.2 with the `CAMELLIA-128-GCM` cipher. ## Further reading + - [OpenSSL cipher suite names documentation](https://docs.openssl.org/master/man1/openssl-ciphers/#cipher-suite-names) - [wolfSSL cipher support documentation](https://www.wolfssl.com/documentation/manuals/wolfssl/chapter04.html#cipher-support) - [mbedTLS cipher suites reference](https://mbed-tls.readthedocs.io/projects/api/en/development/api/file/ssl__ciphersuites_8h/) diff --git a/docs/ECH.md b/docs/ECH.md index 042719245c..129378ad75 100644 --- a/docs/ECH.md +++ b/docs/ECH.md @@ -370,7 +370,7 @@ make There are some known issues with the ECH implementation in wolfSSL: - The main issue is that the client currently handles HelloRetryRequest - incorrectly. [HRR issue](https://github.com/wolfSSL/wolfssl/issues/6802).) + incorrectly. [HRR issue](https://github.com/wolfSSL/wolfssl/issues/6802).) The HRR issue means that the client does not work for [this ECH test web site](https://tls-ech.dev/) and any other similarly configured sites. @@ -461,7 +461,7 @@ In another window: ```sh cd $HOME/code/curl/ -./src/curl -vvv --insecure --connect-to foo.example.com:8443:localhost:8443 --ech ecl:AD7+DQA6uwAgACBix2B78sX+EQhEbxMspDOc8Z3xVS5aQpYP0Cxpc2AWPAAEAAEAAQALZXhhbXBsZS5jb20AAA== +./src/curl -vvv --insecure --connect-to foo.example.com:8443:localhost:8443 --ech ecl:AD7+DQA6uwAgACBix2B78sX+EQhEbxMspDOc8Z3xVS5aQpYP0Cxpc2AWPAAEAAEAAQALZXhhbXBsZS5jb20AAA== ``` ### Automated use of ``retry_configs`` not supported so far... diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 7e0329c8e7..8563f4af0f 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -603,11 +603,11 @@ disabling support for some features (run `./configure --help` to see them all): - `--disable-libcurl-option` (--libcurl C code generation support) - `--disable-manual` (--manual built-in documentation) - `--disable-mime` (MIME API) -- `--disable-netrc` (.netrc file) +- `--disable-netrc` (.netrc file) - `--disable-progress-meter` (graphical progress meter in library) - `--disable-proxy` (HTTP and SOCKS proxies) - `--disable-socketpair` (socketpair for asynchronous name resolving) -- `--disable-threaded-resolver` (threaded name resolver) +- `--disable-threaded-resolver` (threaded name resolver) - `--disable-tls-srp` (Secure Remote Password authentication for TLS) - `--disable-unix-sockets` (Unix sockets) - `--disable-verbose` (eliminates debugging strings and error code strings) diff --git a/docs/IPFS.md b/docs/IPFS.md index c39f802dd9..64e0c53b50 100644 --- a/docs/IPFS.md +++ b/docs/IPFS.md @@ -5,6 +5,7 @@ SPDX-License-Identifier: curl --> # IPFS + For an overview about IPFS, visit the [IPFS project site](https://ipfs.tech/). In IPFS there are two protocols. IPFS and IPNS (their workings are explained @@ -64,12 +65,12 @@ in this link: The IPFS integration in curl hides this gateway logic for you. Instead of providing a full URL to a file on IPFS like this: -``` +```sh curl http://127.0.0.1:8080/ipfs/bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi ``` You can provide it with the IPFS protocol instead: -``` +```sh curl ipfs://bafybeigagd5nmnn2iys2f3doro7ydrevyr2mzarwidgadawmamiteydbzi ``` diff --git a/docs/internals/BUFQ.md b/docs/internals/BUFQ.md index 8136d588f6..9874e5d2e1 100644 --- a/docs/internals/BUFQ.md +++ b/docs/internals/BUFQ.md @@ -14,7 +14,7 @@ to and read from. It manages read and write positions and has a maximum size. Its basic read/write functions have a similar signature and return code handling as many internal curl read and write ones. -``` +```c ssize_t Curl_bufq_write(struct bufq *q, const unsigned char *buf, size_t len, CURLcode *err); - returns the length written into `q` or -1 on error. @@ -29,7 +29,7 @@ ssize_t Curl_bufq_read(struct bufq *q, unsigned char *buf, size_t len, CURLcode To pass data into a `bufq` without an extra copy, read callbacks can be used. -``` +```c typedef ssize_t Curl_bufq_reader(void *reader_ctx, unsigned char *buf, size_t len, CURLcode *err); @@ -45,7 +45,7 @@ once or only read in a maximum amount of bytes. The analog mechanism for write out buffer data is: -``` +```c typedef ssize_t Curl_bufq_writer(void *writer_ctx, const unsigned char *buf, size_t len, CURLcode *err); @@ -60,7 +60,7 @@ remove the amount that `writer` reports. It is possible to get access to the memory of data stored in a `bufq` with: -``` +```c bool Curl_bufq_peek(const struct bufq *q, const unsigned char **pbuf, size_t *plen); ``` @@ -69,7 +69,7 @@ may read. This is only valid until another operation on `bufq` is performed. Instead of reading `bufq` data, one may simply skip it: -``` +```c void Curl_bufq_skip(struct bufq *q, size_t amount); ``` @@ -80,7 +80,7 @@ This removes `amount` number of bytes from the `bufq`. `bufq` is initialized and freed similar to the `dynbuf` module. Code using `bufq` holds a `struct bufq` somewhere. Before it uses it, it invokes: -``` +```c void Curl_bufq_init(struct bufq *q, size_t chunk_size, size_t max_chunks); ``` @@ -91,12 +91,13 @@ about memory management. The user of the `bufq` has the responsibility to call: -``` +```c void Curl_bufq_free(struct bufq *q); ``` + to free all resources held by `q`. It is possible to reset a `bufq` to empty via: -``` +```c void Curl_bufq_reset(struct bufq *q); ``` @@ -154,7 +155,7 @@ the `bufq` from growing ever larger and larger. A `struct bufc_pool` may be used to create chunks for a `bufq` and keep spare ones around. It is initialized and used via: -``` +```c void Curl_bufcp_init(struct bufc_pool *pool, size_t chunk_size, size_t spare_max); void Curl_bufq_initp(struct bufq *q, struct bufc_pool *pool, size_t max_chunks, int opts); diff --git a/docs/internals/CLIENT-READERS.md b/docs/internals/CLIENT-READERS.md index bb94bba95f..9955147b54 100644 --- a/docs/internals/CLIENT-READERS.md +++ b/docs/internals/CLIENT-READERS.md @@ -28,7 +28,7 @@ The transfer loop that sends and receives, is using `Curl_client_read()` to get more data to send for a transfer. If no specific reader has been installed yet, the default one that uses `CURLOPT_READFUNCTION` is added. The prototype is -``` +```c CURLcode Curl_client_read(struct Curl_easy *data, char *buf, size_t blen, size_t *nread, bool *eos); ``` @@ -44,7 +44,7 @@ The chain of readers allows processing of the data to send. The definition of a reader is: -``` +```c struct Curl_crtype { const char *name; /* writer name. */ CURLcode (*do_init)(struct Curl_easy *data, struct Curl_creader *writer); @@ -78,7 +78,7 @@ the order in which they are called is relevant for the outcome. When a reader is created, it gets the `phase` property in which it operates. Reader phases are defined like: -``` +```c typedef enum { CURL_CR_NET, /* data send to the network (connection filters) */ CURL_CR_TRANSFER_ENCODE, /* add transfer-encodings */ diff --git a/docs/internals/CLIENT-WRITERS.md b/docs/internals/CLIENT-WRITERS.md index 0e9bc843a7..0f2ff9ffdb 100644 --- a/docs/internals/CLIENT-WRITERS.md +++ b/docs/internals/CLIENT-WRITERS.md @@ -29,13 +29,13 @@ All code in `libcurl` that handles response data is ultimately expected to forward this data via `Curl_client_write()` to the application. The exact prototype of this function is: -``` +```c CURLcode Curl_client_write(struct Curl_easy *data, int type, const char *buf, size_t blen); ``` The `type` argument specifies what the bytes in `buf` actually are. The following bits are defined: -``` +```c #define CLIENTWRITE_BODY (1 << 0) /* non-meta information, BODY */ #define CLIENTWRITE_INFO (1 << 1) /* meta information, not a HEADER */ #define CLIENTWRITE_HEADER (1 << 2) /* meta information, HEADER */ @@ -56,7 +56,7 @@ application callbacks. This is similar to the design of connection filters: client writers can be chained to process the bytes written through them. The definition is: -``` +```c struct Curl_cwtype { const char *name; CURLcode (*do_init)(struct Curl_easy *data, @@ -87,7 +87,7 @@ in which the are called is relevant for the outcome. When a writer is created, one property it gets is the `phase` in which it operates. Writer phases are defined like: -``` +```c typedef enum { CURL_CW_RAW, /* raw data written, before any decoding */ CURL_CW_TRANSFER_DECODE, /* remove transfer-encodings */ diff --git a/docs/internals/CONNECTION-FILTERS.md b/docs/internals/CONNECTION-FILTERS.md index a1987f4956..93bfa334a9 100644 --- a/docs/internals/CONNECTION-FILTERS.md +++ b/docs/internals/CONNECTION-FILTERS.md @@ -76,7 +76,7 @@ etc. Each filter does in principle the following: -``` +```c static CURLcode myfilter_cf_connect(struct Curl_cfilter *cf, struct Curl_easy *data, bool *done) @@ -109,7 +109,7 @@ transfers. The memory footprint of a filter is relatively small: -``` +```c struct Curl_cfilter { const struct Curl_cftype *cft; /* the type providing implementation */ struct Curl_cfilter *next; /* next filter in chain */ @@ -138,13 +138,14 @@ zero cost *if the filter does not transform the data*. An http proxy or socks filter, once it is connected, just passes the calls through. Those filters implementations look like this: -``` +```c ssize_t Curl_cf_def_send(struct Curl_cfilter *cf, struct Curl_easy *data, const void *buf, size_t len, CURLcode *err) { return cf->next->cft->do_send(cf->next, data, buf, len, err); } ``` + The `recv` implementation is equivalent. ## Filter Types @@ -231,7 +232,7 @@ Users of `curl` may activate them by adding the name of the filter type to the `--trace-config` argument. For example, in order to get more detailed tracing of an HTTP/2 request, invoke curl with: -``` +```sh > curl -v --trace-config ids,time,http/2 https://curl.se/ ``` diff --git a/docs/internals/SCORECARD.md b/docs/internals/SCORECARD.md index 145267f8c3..019ddc5963 100644 --- a/docs/internals/SCORECARD.md +++ b/docs/internals/SCORECARD.md @@ -25,7 +25,7 @@ locally build `src/curl` (by default). A typical invocation for measuring performance of HTTP/2 downloads would be: -``` +```sh curl> python3 tests/http/scorecard.py -d h2 ``` @@ -35,7 +35,7 @@ JSON instead of text. Help for all command line options are available via: -``` +```sh curl> python3 tests/http/scorecard.py -h ``` @@ -48,7 +48,7 @@ specify these in some way if you are just interested in a particular case. For example, to run downloads of a 1 MB resource only, 100 times with at max 6 parallel transfers, use: -``` +```sh curl> python3 tests/http/scorecard.py -d --download-sizes=1mb --download-count=100 --download-parallel=6 h2 ``` @@ -69,7 +69,7 @@ interactive SVG. Either clone the `Flamegraph` repository next to your `curl` project or set the environment variable `FLAMEGRAPH` to the location of your clone. Then run scorecard with the `--flame` option, like -``` +```sh curl> FLAMEGRAPH=/Users/sei/projects/FlameGraph python3 tests/http/scorecard.py \ -r --request-count=50000 --request-parallels=100 --samples=1 --flame h2 ``` diff --git a/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md b/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md index d2dda82dd8..939161bee0 100644 --- a/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_IOCTLFUNCTION.md @@ -28,7 +28,7 @@ typedef enum { CURLIOE_LAST /* never use */ } curlioerr; -typedef enum { +typedef enum { CURLIOCMD_NOP, /* no operation */ CURLIOCMD_RESTARTREAD, /* restart the read stream from start */ CURLIOCMD_LAST /* never use */ diff --git a/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.md b/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.md index 3591516358..e08f53b8a7 100644 --- a/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_OPENSOCKETFUNCTION.md @@ -22,7 +22,7 @@ CURLOPT_OPENSOCKETFUNCTION - callback for opening socket ~~~c #include -typedef enum { +typedef enum { CURLSOCKTYPE_IPCXN, /* socket created for a specific IP connection */ } curlsocktype; diff --git a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md index c73bdcadf9..2080aa9483 100644 --- a/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md +++ b/docs/libcurl/opts/CURLOPT_SOCKOPTFUNCTION.md @@ -22,7 +22,7 @@ CURLOPT_SOCKOPTFUNCTION - callback for setting socket options ~~~c #include -typedef enum { +typedef enum { CURLSOCKTYPE_IPCXN, /* socket created for a specific IP connection */ CURLSOCKTYPE_ACCEPT, /* socket created by accept() call */ CURLSOCKTYPE_LAST /* never use */ diff --git a/docs/tests/HTTP.md b/docs/tests/HTTP.md index 658abac255..87ec815425 100644 --- a/docs/tests/HTTP.md +++ b/docs/tests/HTTP.md @@ -16,7 +16,7 @@ The test cases and necessary files are in `tests/http`. You can invoke `pytest` from there or from the top level curl checkout and it finds all tests. -``` +```sh curl> pytest test/http platform darwin -- Python 3.9.15, pytest-6.2.0, py-1.10.0, pluggy-0.13.1 rootdir: /Users/sei/projects/curl @@ -30,7 +30,7 @@ times. `-k ` can be used to run only matching test cases. The `expr` can be something resembling a python test or just a string that needs to match test cases in their names. -``` +```sh curl/tests/http> pytest -vv -k test_01_02 ``` @@ -76,21 +76,21 @@ Several test cases are parameterized, for example with the HTTP version to use. If you want to run a test with a particular protocol only, use a command line like: -``` +```sh curl/tests/http> pytest -k "test_02_06 and h2" ``` Test cases can be repeated, with the `pytest-repeat` module (`pip install pytest-repeat`). Like in: -``` +```sh curl/tests/http> pytest -k "test_02_06 and h2" --count=100 ``` which then runs this test case a hundred times. In case of flaky tests, you can make pytest stop on the first one with: -``` +```sh curl/tests/http> pytest -k "test_02_06 and h2" --count=100 --maxfail=1 ``` @@ -99,7 +99,7 @@ of log files, the verbosity of pytest is also used to collect curl trace output. If you specify `-v` three times, the `curl` command is started with `--trace`: -``` +```sh curl/tests/http> pytest -vvv -k "test_02_06 and h2" --count=100 --maxfail=1 ``` diff --git a/lib/http.c b/lib/http.c index 50b128c531..61d426d9f5 100644 --- a/lib/http.c +++ b/lib/http.c @@ -328,7 +328,7 @@ fail: #endif -/* pickoneauth() selects the most favourable authentication method from the +/* pickoneauth() selects the most favorable authentication method from the * ones available and the ones we want. * * return TRUE if one was picked From bcc8144b896a49738cd60cbbe8e4f8e6f70461ef Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 28 Feb 2026 11:29:16 +0100 Subject: [PATCH 69/88] clang-tidy: silence more minor issues found by v22 Also one found manually in lib/curl_sha512_256.c. Follow-up to 7a08c5d820fcf237688562a237a05000214db789 #20762 Closes #20770 --- lib/curl_sha512_256.c | 8 ++++---- lib/openldap.c | 2 +- lib/vssh/libssh.c | 9 +++++---- lib/vssh/libssh2.c | 10 +++++----- lib/vtls/rustls.c | 2 +- 5 files changed, 16 insertions(+), 15 deletions(-) diff --git a/lib/curl_sha512_256.c b/lib/curl_sha512_256.c index fa568b6b04..2f51d2a4cd 100644 --- a/lib/curl_sha512_256.c +++ b/lib/curl_sha512_256.c @@ -727,10 +727,10 @@ static CURLcode Curl_sha512_256_finish(unsigned char *digest, void *context) /* Put in BE mode the leftmost part of the hash as the final digest. See FIPS PUB 180-4 section 6.7. */ - CURL_PUT_64BIT_BE(digest + 0 * SHA512_256_BYTES_IN_WORD, ctx->H[0]); - CURL_PUT_64BIT_BE(digest + 1 * SHA512_256_BYTES_IN_WORD, ctx->H[1]); - CURL_PUT_64BIT_BE(digest + 2 * SHA512_256_BYTES_IN_WORD, ctx->H[2]); - CURL_PUT_64BIT_BE(digest + 3 * SHA512_256_BYTES_IN_WORD, ctx->H[3]); + CURL_PUT_64BIT_BE(digest + (0 * SHA512_256_BYTES_IN_WORD), ctx->H[0]); + CURL_PUT_64BIT_BE(digest + (1 * SHA512_256_BYTES_IN_WORD), ctx->H[1]); + CURL_PUT_64BIT_BE(digest + (2 * SHA512_256_BYTES_IN_WORD), ctx->H[2]); + CURL_PUT_64BIT_BE(digest + (3 * SHA512_256_BYTES_IN_WORD), ctx->H[3]); /* Erase potentially sensitive data. */ memset(ctx, 0, sizeof(struct Curl_sha512_256ctx)); diff --git a/lib/openldap.c b/lib/openldap.c index 8dd984132c..95f7681caa 100644 --- a/lib/openldap.c +++ b/lib/openldap.c @@ -1247,7 +1247,7 @@ void Curl_ldap_version(char *buf, size_t bufsz) unsigned int patch = (unsigned int)(api.ldapai_vendor_version % 100); unsigned int major = (unsigned int)(api.ldapai_vendor_version / 10000); unsigned int minor = - (((unsigned int)api.ldapai_vendor_version - major * 10000) + (((unsigned int)api.ldapai_vendor_version - (major * 10000)) - patch) / 100; curl_msnprintf(buf, bufsz, "%s/%u.%u.%u", api.ldapai_vendor_name, major, minor, patch); diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c index 53617773b5..7bd2101e52 100644 --- a/lib/vssh/libssh.c +++ b/lib/vssh/libssh.c @@ -1000,10 +1000,11 @@ static int myssh_in_UPLOAD_INIT(struct Curl_easy *data, if(!sshc->sftp_file) { int err = sftp_get_error(sshc->sftp_session); - if(((err == SSH_FX_NO_SUCH_FILE || err == SSH_FX_FAILURE || - err == SSH_FX_NO_SUCH_PATH)) && - (data->set.ftp_create_missing_dirs && - (strlen(sshp->path) > 1))) { + if((err == SSH_FX_NO_SUCH_FILE || + err == SSH_FX_FAILURE || + err == SSH_FX_NO_SUCH_PATH) && + data->set.ftp_create_missing_dirs && + (strlen(sshp->path) > 1)) { /* try to create the path remotely */ rc = 0; sshc->secondCreateDirs = 1; diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index db52d1e703..2d40e04fe4 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -967,11 +967,11 @@ static CURLcode sftp_upload_init(struct Curl_easy *data, sftp_libssh2_strerror(sftperr)); return sftp_libssh2_error_to_CURLE(sftperr); } - if(((sftperr == LIBSSH2_FX_NO_SUCH_FILE) || - (sftperr == LIBSSH2_FX_FAILURE) || - (sftperr == LIBSSH2_FX_NO_SUCH_PATH)) && - (data->set.ftp_create_missing_dirs && - (strlen(sshp->path) > 1))) { + if((sftperr == LIBSSH2_FX_NO_SUCH_FILE || + sftperr == LIBSSH2_FX_FAILURE || + sftperr == LIBSSH2_FX_NO_SUCH_PATH) && + data->set.ftp_create_missing_dirs && + (strlen(sshp->path) > 1)) { /* try to create the path remotely */ sshc->secondCreateDirs = 1; myssh_to(data, sshc, SSH_SFTP_CREATE_DIRS_INIT); diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c index 63ee0349a1..061b444bce 100644 --- a/lib/vtls/rustls.c +++ b/lib/vtls/rustls.c @@ -577,7 +577,7 @@ init_config_builder(struct Curl_easy *data, } #endif /* USE_ECH */ - cipher_suites = curlx_malloc(sizeof(*cipher_suites) * (cipher_suites_len)); + cipher_suites = curlx_malloc(sizeof(*cipher_suites) * cipher_suites_len); if(!cipher_suites) { result = CURLE_OUT_OF_MEMORY; goto cleanup; From 35bbb2e830aeb8181bd4bf6b0ef68929217d97f0 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 28 Feb 2026 22:41:23 +0100 Subject: [PATCH 70/88] clang-tidy: fix issues found with build-fuzzing - curl_sha512_256: add missing, drop redundant, parentheses. - doh: drop redundant returns. - url: add missing parentheses. - vtls: fix unused const variables. - tests/unit: fix missing header with clang-tidy and !threaded-resolver. Follow-up to 57ff2d6c918d0bb444e5a8a53405217aec116b1b #20106 Closes #20774 --- lib/curl_sha512_256.c | 24 ++++++++++++------------ lib/doh.c | 2 -- lib/url.c | 8 ++++---- lib/vtls/vtls.c | 2 -- tests/unit/unit1607.c | 1 + tests/unit/unit1609.c | 1 + tests/unit/unit2600.c | 1 + 7 files changed, 19 insertions(+), 20 deletions(-) diff --git a/lib/curl_sha512_256.c b/lib/curl_sha512_256.c index 2f51d2a4cd..00f4d1071f 100644 --- a/lib/curl_sha512_256.c +++ b/lib/curl_sha512_256.c @@ -452,14 +452,14 @@ static void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS], /* Four 'Sigma' macro functions. See FIPS PUB 180-4 formulae 4.10, 4.11, 4.12, 4.13. */ -#define SIG0(x) \ - (Curl_rotr64((x), 28) ^ Curl_rotr64((x), 34) ^ Curl_rotr64((x), 39)) -#define SIG1(x) \ - (Curl_rotr64((x), 14) ^ Curl_rotr64((x), 18) ^ Curl_rotr64((x), 41)) -#define sig0(x) \ - (Curl_rotr64((x), 1) ^ Curl_rotr64((x), 8) ^ ((x) >> 7)) -#define sig1(x) \ - (Curl_rotr64((x), 19) ^ Curl_rotr64((x), 61) ^ ((x) >> 6)) +#define SIG0(x) \ + (Curl_rotr64(x, 28) ^ Curl_rotr64(x, 34) ^ Curl_rotr64(x, 39)) +#define SIG1(x) \ + (Curl_rotr64(x, 14) ^ Curl_rotr64(x, 18) ^ Curl_rotr64(x, 41)) +#define sig0(x) \ + (Curl_rotr64(x, 1) ^ Curl_rotr64(x, 8) ^ ((x) >> 7)) +#define sig1(x) \ + (Curl_rotr64(x, 19) ^ Curl_rotr64(x, 61) ^ ((x) >> 6)) if(1) { unsigned int t; @@ -520,8 +520,8 @@ static void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS], used. */ #define SHA2STEP64(vA, vB, vC, vD, vE, vF, vG, vH, kt, wt) \ do { \ - (vD) += ((vH) += SIG1((vE)) + Sha512_Ch((vE), (vF), (vG)) + (kt) + (wt)); \ - (vH) += SIG0((vA)) + Sha512_Maj((vA), (vB), (vC)); \ + (vD) += ((vH) += SIG1(vE) + Sha512_Ch(vE, vF, vG) + (kt) + (wt)); \ + (vH) += SIG0(vA) + Sha512_Maj(vA, vB, vC); \ } while(0) /* One step of SHA-512/256 computation with working variables rotation, @@ -530,7 +530,7 @@ static void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS], #define SHA2STEP64RV(vA, vB, vC, vD, vE, vF, vG, vH, kt, wt) \ do { \ uint64_t tmp_h_ = (vH); \ - SHA2STEP64((vA), (vB), (vC), (vD), (vE), (vF), (vG), tmp_h_, (kt), (wt)); \ + SHA2STEP64(vA, vB, vC, vD, vE, vF, vG, tmp_h_, kt, wt); \ (vH) = (vG); \ (vG) = (vF); \ (vF) = (vE); \ @@ -546,7 +546,7 @@ static void Curl_sha512_256_transform(uint64_t H[SHA512_256_HASH_SIZE_WORDS], Input data must be read in big-endian bytes order, see FIPS PUB 180-4 section 3.1.2. */ #define SHA512_GET_W_FROM_DATA(buf, t) \ - CURL_GET_64BIT_BE(((const uint8_t *)(buf)) + (t) * SHA512_256_BYTES_IN_WORD) + CURL_GET_64BIT_BE((const uint8_t *)(buf) + ((t) * SHA512_256_BYTES_IN_WORD)) /* During first 16 steps, before making any calculation on each step, the W element is read from the input data buffer as a big-endian value and diff --git a/lib/doh.c b/lib/doh.c index 283746cab3..7fe4a06058 100644 --- a/lib/doh.c +++ b/lib/doh.c @@ -201,7 +201,6 @@ static void doh_print_buf(struct Curl_easy *data, infof(data, "%s: len=%d, val=%s", prefix, (int)len, hexstr); else infof(data, "%s: len=%d (truncated)val=%s", prefix, (int)len, hexstr); - return; } #endif @@ -1191,7 +1190,6 @@ UNITTEST void doh_print_httpsrr(struct Curl_easy *data, } else infof(data, "HTTPS RR: no ipv6hints"); - return; } # endif #endif diff --git a/lib/url.c b/lib/url.c index 0e594681ea..495de2297c 100644 --- a/lib/url.c +++ b/lib/url.c @@ -953,7 +953,7 @@ static bool url_match_proxy_use(struct connectdata *conn, return TRUE; } #else -#define url_match_proxy_use(c, m) ((void)c, (void)m, TRUE) +#define url_match_proxy_use(c, m) ((void)(c), (void)(m), TRUE) #endif #ifndef CURL_DISABLE_HTTP @@ -1009,8 +1009,8 @@ static bool url_match_http_version(struct connectdata *conn, return TRUE; } #else -#define url_match_http_multiplex(c, m) ((void)c, (void)m, TRUE) -#define url_match_http_version(c, m) ((void)c, (void)m, TRUE) +#define url_match_http_multiplex(c, m) ((void)(c), (void)(m), TRUE) +#define url_match_http_version(c, m) ((void)(c), (void)(m), TRUE) #endif static bool url_match_proto_config(struct connectdata *conn, @@ -1178,7 +1178,7 @@ static bool url_match_auth_ntlm(struct connectdata *conn, return TRUE; } #else -#define url_match_auth_ntlm(c, m) ((void)c, (void)m, TRUE) +#define url_match_auth_ntlm(c, m) ((void)(c), (void)(m), TRUE) #endif #ifdef USE_SPNEGO diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index df9bc33a7b..f7201d18d6 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -136,7 +136,6 @@ static const struct alpn_spec ALPN_SPEC_H11 = { static const struct alpn_spec ALPN_SPEC_H10_H11 = { { ALPN_HTTP_1_0, ALPN_HTTP_1_1 }, 2 }; -#endif /* !CURL_DISABLE_HTTP || !CURL_DISABLE_PROXY */ #ifdef USE_HTTP2 static const struct alpn_spec ALPN_SPEC_H2 = { { ALPN_H2 }, 1 @@ -149,7 +148,6 @@ static const struct alpn_spec ALPN_SPEC_H11_H2 = { }; #endif /* USE_HTTP2 */ -#if !defined(CURL_DISABLE_HTTP) || !defined(CURL_DISABLE_PROXY) static const struct alpn_spec *alpn_get_spec(http_majors wanted, http_majors preferred, bool only_http_10, diff --git a/tests/unit/unit1607.c b/tests/unit/unit1607.c index 3072130cce..3265df484a 100644 --- a/tests/unit/unit1607.c +++ b/tests/unit/unit1607.c @@ -25,6 +25,7 @@ #include "urldata.h" #include "connect.h" +#include "curl_addrinfo.h" static CURLcode t1607_setup(void) { diff --git a/tests/unit/unit1609.c b/tests/unit/unit1609.c index 366b117abe..a862154176 100644 --- a/tests/unit/unit1609.c +++ b/tests/unit/unit1609.c @@ -25,6 +25,7 @@ #include "urldata.h" #include "connect.h" +#include "curl_addrinfo.h" static CURLcode t1609_setup(void) { diff --git a/tests/unit/unit2600.c b/tests/unit/unit2600.c index 97d4caed96..4bd12313e6 100644 --- a/tests/unit/unit2600.c +++ b/tests/unit/unit2600.c @@ -46,6 +46,7 @@ #include "cf-ip-happy.h" #include "multiif.h" #include "select.h" +#include "curl_addrinfo.h" #include "curl_trc.h" static CURLcode t2600_setup(CURL **easy) From 7a80082471e5983857c92900dc4858427994e236 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 28 Feb 2026 23:53:08 +0100 Subject: [PATCH 71/88] GHA/windows: bump clang-tidy job to clang v20 (from v18) Adds 50 seconds to the 5m long build step. Also more prerequisites to install, with no apparent effect on step time. Follow-up to 9b52d516bb8990107f20c9786e09dbb6961c30b2 #20732 Closes #20775 --- .github/workflows/windows.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index f34f1f45b2..cc95548cad 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -677,10 +677,12 @@ jobs: include: - { build: 'autotools', compiler: 'gcc' } - { build: 'cmake' , compiler: 'gcc' } - - { build: 'cmake' , compiler: 'clang-tidy' } + - { build: 'cmake' , compiler: 'clang-tidy', install_packages: 'clang-20 clang-tidy-20' } steps: - name: 'install packages' - run: sudo apt-get -o Dpkg::Use-Pty=0 install gcc-mingw-w64-x86-64-win32 + env: + MATRIX_INSTALL_PACKAGES: '${{ matrix.install_packages }}' + run: sudo apt-get -o Dpkg::Use-Pty=0 install gcc-mingw-w64-x86-64-win32 ${MATRIX_INSTALL_PACKAGES} - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: @@ -694,10 +696,10 @@ jobs: run: | if [ "${MATRIX_BUILD}" = 'cmake' ]; then if [ "${MATRIX_COMPILER}" = 'clang-tidy' ]; then - options+=' -DCURL_CLANG_TIDY=ON' + options+=' -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/usr/bin/clang-tidy-20' options+=' -DENABLE_UNICODE=ON -DUSE_SSLS_EXPORT=ON' - options+=' -DCMAKE_C_COMPILER=clang' - options+=" -DCMAKE_RC_COMPILER=llvm-windres-$(clang -dumpversion | cut -d '.' -f 1)" + options+=' -DCMAKE_C_COMPILER=clang-20' + options+=" -DCMAKE_RC_COMPILER=llvm-windres-$(clang-20 -dumpversion | cut -d '.' -f 1)" else options+=" -DCMAKE_C_COMPILER=${TRIPLET}-gcc" fi From 1b35c9e1e3bb84336082a8fde12eeeafe6bfa3b2 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 28 Feb 2026 01:33:05 +0100 Subject: [PATCH 72/88] cmake: rename `testbins` target to `tt`, restore internal option To make it easy to type. The internal option is used in CI. Follow-up to aae361242f30eafacf46085ed731b1524bfd3be9 #20708 Closes #20768 --- RELEASE-NOTES | 2 +- docs/INSTALL-CMAKE.md | 4 ++-- tests/CMakeLists.txt | 10 +++++----- tests/certs/CMakeLists.txt | 6 +++++- tests/libtest/CMakeLists.txt | 2 +- tests/server/CMakeLists.txt | 2 +- tests/tunit/CMakeLists.txt | 2 +- tests/unit/CMakeLists.txt | 2 +- 8 files changed, 17 insertions(+), 13 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index fe6ba29c95..838c105b57 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -63,7 +63,7 @@ This release includes the following bugfixes: o cmake: normalize uppercase hex winver (for display) [191] o cmake: omit `curl.rc` from curltool lib [209] o cmake: reference OpenSSL and ZLIB imported targets only when enabled [41] - o cmake: replace internal option with a new `testbins` target [220] + o cmake: replace internal option with a new `tt` (test tools) target [220] o cmake: silence potential unused var warnings in C++ test snippet [201] o cmake: silence silly Apple clang warnings in C89 mode, test in CI [14] o cmake: silence useless compiler warnings triggered by the FASTBuild generator [43] diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 9ef9ba6aaa..9c92e4b4ca 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -552,12 +552,12 @@ Note: These variables are internal and subject to change. ## Useful build targets -- `testbins`: Build test binaries (servers, tools). - Individual targets: `curlinfo`, `libtests`, `servers`, `tunits`, `units` - `testdeps`: Build test dependencies (test binaries, test certificates). Test certificates: `build-certs` (clean with `clean-certs`) - `tests`: Run tests (`runtests.pl`). Customize via the `TFLAGS` environment variable, e.g. `TFLAGS=1621`. Other flavors: `test-am`, `test-ci`, `test-event`, `test-full`, `test-nonflaky`, `test-quiet`, `test-torture` +- `tt`: Build test binaries (servers, tools). + Individual targets: `curlinfo`, `libtests`, `servers`, `tunits`, `units` - `curl-pytest`: Run tests (pytest). Other flavor: `curl-test-ci` - `curl-examples`: Build examples diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 7edfaa7ed8..d751a69f2c 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -29,21 +29,21 @@ mark_as_advanced(TEST_NGHTTPX) # Consumed variables: TEST_NGHTTPX configure_file("config.in" "${CMAKE_CURRENT_BINARY_DIR}/config" @ONLY) -add_custom_target(testbins) +add_custom_target(tt) if(BUILD_CURL_EXE) - add_dependencies(testbins "curlinfo") + add_dependencies(tt "curlinfo") endif() if(CURL_BUILD_EVERYTHING) - set_target_properties(testbins PROPERTIES EXCLUDE_FROM_ALL FALSE) + set_target_properties(tt PROPERTIES EXCLUDE_FROM_ALL FALSE) endif() if(CURL_CLANG_TIDY) add_custom_target(tests-clang-tidy) - add_dependencies(testbins tests-clang-tidy) + add_dependencies(tt tests-clang-tidy) endif() add_custom_target(testdeps) -add_dependencies(testdeps "testbins") +add_dependencies(testdeps "tt") add_subdirectory(http) add_subdirectory(server) diff --git a/tests/certs/CMakeLists.txt b/tests/certs/CMakeLists.txt index 399483a738..d0e1f55b85 100644 --- a/tests/certs/CMakeLists.txt +++ b/tests/certs/CMakeLists.txt @@ -31,7 +31,11 @@ add_custom_command(OUTPUT ${GENERATEDCERTS} VERBATIM ) add_custom_target(build-certs DEPENDS ${GENERATEDCERTS}) -add_dependencies(testdeps build-certs) + +option(_CURL_SKIP_BUILD_CERTS "Skip building certs with testdeps" OFF) # Internal option to increase perf for build tests +if(NOT _CURL_SKIP_BUILD_CERTS) + add_dependencies(testdeps build-certs) +endif() add_custom_target(clean-certs COMMAND ${CMAKE_COMMAND} -E remove ${GENERATEDCERTS} diff --git a/tests/libtest/CMakeLists.txt b/tests/libtest/CMakeLists.txt index 60c8676568..7991a11486 100644 --- a/tests/libtest/CMakeLists.txt +++ b/tests/libtest/CMakeLists.txt @@ -52,7 +52,7 @@ add_custom_command(OUTPUT "${BUNDLE}.c" VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") -add_dependencies(testbins ${BUNDLE}) +add_dependencies(tt ${BUNDLE}) target_link_libraries(${BUNDLE} ${LIB_SELECTED} ${CURL_LIBS}) target_include_directories(${BUNDLE} PRIVATE "${PROJECT_BINARY_DIR}/lib" # for "curl_config.h" diff --git a/tests/server/CMakeLists.txt b/tests/server/CMakeLists.txt index 716724ab05..bf1431c7fc 100644 --- a/tests/server/CMakeLists.txt +++ b/tests/server/CMakeLists.txt @@ -39,7 +39,7 @@ add_custom_command(OUTPUT "${BUNDLE}.c" VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") -add_dependencies(testbins ${BUNDLE}) +add_dependencies(tt ${BUNDLE}) target_link_libraries(${BUNDLE} ${CURL_NETWORK_AND_TIME_LIBS}) target_include_directories(${BUNDLE} PRIVATE "${PROJECT_BINARY_DIR}/lib" # for "curl_config.h" diff --git a/tests/tunit/CMakeLists.txt b/tests/tunit/CMakeLists.txt index a10d240a08..c6ac279a66 100644 --- a/tests/tunit/CMakeLists.txt +++ b/tests/tunit/CMakeLists.txt @@ -39,7 +39,7 @@ add_custom_command(OUTPUT "${BUNDLE}.c" VERBATIM) add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") -add_dependencies(testbins ${BUNDLE}) +add_dependencies(tt ${BUNDLE}) target_link_libraries(${BUNDLE} curltool ${LIB_SELECTED}) target_include_directories(${BUNDLE} PRIVATE "${PROJECT_BINARY_DIR}/lib" # for "curl_config.h" diff --git a/tests/unit/CMakeLists.txt b/tests/unit/CMakeLists.txt index 8d27fc0a5b..46710ce1ea 100644 --- a/tests/unit/CMakeLists.txt +++ b/tests/unit/CMakeLists.txt @@ -40,7 +40,7 @@ add_custom_command(OUTPUT "${BUNDLE}.c" add_executable(${BUNDLE} EXCLUDE_FROM_ALL "${BUNDLE}.c") add_dependencies(${BUNDLE} curlu-unitprotos) -add_dependencies(testbins ${BUNDLE}) +add_dependencies(tt ${BUNDLE}) target_link_libraries(${BUNDLE} curlu) target_include_directories(${BUNDLE} PRIVATE "${PROJECT_BINARY_DIR}/lib" # for "curl_config.h", "unitprotos.h" From 4427e6152aa898121806001111be8c8d5c664a50 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Mar 2026 14:58:16 +0000 Subject: [PATCH 73/88] GHA: bump actions and pip dependencies - update action `actions/cache` from 5.0.1 to 5.0.3 - update action `github/codeql-action` from 4.31.9 to 4.32.4 - update pip `filelock` from 3.20.3 to 3.24.3 - update pip `ruff` from 0.14.14 to 0.15.2 Closes #20782 Closes #20783 --- .github/scripts/requirements.txt | 2 +- .github/workflows/codeql.yml | 8 +++--- .github/workflows/http3-linux.yml | 46 +++++++++++++++---------------- .github/workflows/linux.yml | 28 +++++++++---------- .github/workflows/macos.yml | 2 +- .github/workflows/non-native.yml | 2 +- .github/workflows/windows.yml | 12 ++++---- tests/http/requirements.txt | 2 +- 8 files changed, 51 insertions(+), 51 deletions(-) diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index 5f5330af1d..653c9b5a94 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -6,4 +6,4 @@ cmakelang==0.6.13 codespell==2.4.1 pytype==2024.10.11 reuse==6.2.0 -ruff==0.14.14 +ruff==0.15.2 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index caaa51c58c..815ad772b7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,13 +46,13 @@ jobs: persist-credentials: false - name: 'initialize' - uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 with: languages: actions, python queries: security-extended - name: 'perform analysis' - uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 c: if: ${{ github.repository_owner == 'curl' || github.event_name != 'schedule' }} @@ -87,7 +87,7 @@ jobs: - name: 'initialize' # https://github.com/github/codeql-action/blob/main/init/action.yml - uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 with: languages: cpp build-mode: manual @@ -132,4 +132,4 @@ jobs: - name: 'perform analysis' # https://github.com/github/codeql-action/blob/main/analyze/action.yml - uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index 22792f7e95..f63dc04217 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -65,7 +65,7 @@ jobs: steps: - name: 'cache openssl' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-openssl-http3-no-deprecated env: cache-name: cache-openssl-http3-no-deprecated @@ -74,7 +74,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} - name: 'cache libressl' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-libressl env: cache-name: cache-libressl @@ -83,7 +83,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }} - name: 'cache awslc' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-awslc env: cache-name: cache-awslc @@ -92,7 +92,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }} - name: 'cache boringssl' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-boringssl env: cache-name: cache-boringssl @@ -101,7 +101,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }} - name: 'cache nettle' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-nettle env: cache-name: cache-nettle @@ -110,7 +110,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NETTLE_VERSION }} - name: 'cache gnutls' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-gnutls env: cache-name: cache-gnutls @@ -119,7 +119,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}-${{ env.NETTLE_VERSION }} - name: 'cache wolfssl' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-wolfssl env: cache-name: cache-wolfssl @@ -128,7 +128,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }} - name: 'cache nghttp3' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-nghttp3 env: cache-name: cache-nghttp3 @@ -137,7 +137,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }} - name: 'cache ngtcp2' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-ngtcp2 env: cache-name: cache-ngtcp2 @@ -146,7 +146,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.NETTLE_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }} - name: 'cache ngtcp2 boringssl' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-ngtcp2-boringssl env: cache-name: cache-ngtcp2-boringssl @@ -155,7 +155,7 @@ jobs: key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.BORINGSSL_VERSION }} - name: 'cache nghttp2' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-nghttp2 env: cache-name: cache-nghttp2 @@ -480,7 +480,7 @@ jobs: echo 'CXX=g++-12' >> "$GITHUB_ENV" - name: 'cache openssl' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-openssl-http3-no-deprecated env: cache-name: cache-openssl-http3-no-deprecated @@ -490,7 +490,7 @@ jobs: fail-on-cache-miss: true - name: 'cache libressl' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-libressl env: cache-name: cache-libressl @@ -500,7 +500,7 @@ jobs: fail-on-cache-miss: true - name: 'cache awslc' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-awslc env: cache-name: cache-awslc @@ -510,7 +510,7 @@ jobs: fail-on-cache-miss: true - name: 'cache boringssl' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-boringssl env: cache-name: cache-boringssl @@ -521,7 +521,7 @@ jobs: - name: 'cache nettle' if: ${{ matrix.build.name == 'gnutls' }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-nettle env: cache-name: cache-nettle @@ -532,7 +532,7 @@ jobs: - name: 'cache gnutls' if: ${{ matrix.build.name == 'gnutls' }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-gnutls env: cache-name: cache-gnutls @@ -543,7 +543,7 @@ jobs: - name: 'cache wolfssl' if: ${{ matrix.build.name == 'wolfssl' }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-wolfssl env: cache-name: cache-wolfssl @@ -553,7 +553,7 @@ jobs: fail-on-cache-miss: true - name: 'cache nghttp3' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-nghttp3 env: cache-name: cache-nghttp3 @@ -563,7 +563,7 @@ jobs: fail-on-cache-miss: true - name: 'cache ngtcp2' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-ngtcp2 env: cache-name: cache-ngtcp2 @@ -573,7 +573,7 @@ jobs: fail-on-cache-miss: true - name: 'cache ngtcp2 boringssl' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-ngtcp2-boringssl env: cache-name: cache-ngtcp2-boringssl @@ -583,7 +583,7 @@ jobs: fail-on-cache-miss: true - name: 'cache nghttp2' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-nghttp2 env: cache-name: cache-nghttp2 @@ -594,7 +594,7 @@ jobs: - name: 'cache quiche' if: ${{ matrix.build.name == 'quiche' }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-quiche env: cache-name: cache-quiche diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 3acd80f261..57dec5a0dd 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -442,7 +442,7 @@ jobs: - name: 'cache libressl (c-arm)' if: ${{ contains(matrix.build.install_steps, 'libressl-c-arm') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-libressl-c-arm env: cache-name: cache-libressl-c-arm @@ -463,7 +463,7 @@ jobs: - name: 'cache libressl (filc)' if: ${{ contains(matrix.build.install_steps, 'libressl-filc') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-libressl-filc env: cache-name: cache-libressl-filc @@ -485,7 +485,7 @@ jobs: - name: 'cache nghttp2 (filc)' if: ${{ contains(matrix.build.install_steps, 'nghttp2-filc') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-nghttp2-filc env: cache-name: cache-nghttp2-filc @@ -508,7 +508,7 @@ jobs: - name: 'cache wolfssl (all-arm)' if: ${{ contains(matrix.build.install_steps, 'wolfssl-all-arm') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-wolfssl-all-arm env: cache-name: cache-wolfssl-all-arm @@ -530,7 +530,7 @@ jobs: - name: 'cache wolfssl (opensslextra-intel)' # does support `OPENSSL_COEXIST` if: ${{ contains(matrix.build.install_steps, 'wolfssl-opensslextra-intel') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-wolfssl-opensslextra-intel env: cache-name: cache-wolfssl-opensslextra-intel @@ -552,7 +552,7 @@ jobs: - name: 'cache wolfssl (opensslextra-arm)' # does support `OPENSSL_COEXIST` if: ${{ contains(matrix.build.install_steps, 'wolfssl-opensslextra-arm') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-wolfssl-opensslextra-arm env: cache-name: cache-wolfssl-opensslextra-arm @@ -574,7 +574,7 @@ jobs: - name: 'cache mbedtls (latest-intel)' if: ${{ contains(matrix.build.install_steps, 'mbedtls-latest-intel') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-mbedtls-latest-intel env: cache-name: cache-mbedtls-latest-intel @@ -598,7 +598,7 @@ jobs: - name: 'cache mbedtls (latest-arm)' if: ${{ contains(matrix.build.install_steps, 'mbedtls-latest-arm') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-mbedtls-latest-arm env: cache-name: cache-mbedtls-latest-arm @@ -622,7 +622,7 @@ jobs: - name: 'cache mbedtls (prev)' if: ${{ contains(matrix.build.install_steps, 'mbedtls-prev') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-mbedtls-prev env: cache-name: cache-mbedtls-prev @@ -646,7 +646,7 @@ jobs: - name: 'cache openldap (static)' if: ${{ contains(matrix.build.install_steps, 'openldap-static') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-openldap-static env: cache-name: cache-openldap-static @@ -666,7 +666,7 @@ jobs: - name: 'cache openssl (thread sanitizer)' if: ${{ contains(matrix.build.install_steps, 'openssl-tsan') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-openssl-tsan env: cache-name: cache-openssl-tsan @@ -685,7 +685,7 @@ jobs: - name: 'cache awslc' if: ${{ contains(matrix.build.install_steps, 'awslc') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-awslc env: cache-name: cache-awslc @@ -706,7 +706,7 @@ jobs: - name: 'cache boringssl' if: ${{ contains(matrix.build.install_steps, 'boringssl') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-boringssl env: cache-name: cache-boringssl @@ -728,7 +728,7 @@ jobs: - name: 'cache rustls' if: ${{ contains(matrix.build.install_steps, 'rustls') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-rustls env: cache-name: cache-rustls diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 987d3567ce..d8f827e72a 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -103,7 +103,7 @@ jobs: - name: 'cache libressl' if: ${{ contains(matrix.build.install_steps, 'libressl') }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-libressl env: cache-name: cache-libressl diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index 9dc3efbdb4..efc7134247 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -349,7 +349,7 @@ jobs: run: sudo apt-get -o Dpkg::Use-Pty=0 install libfl2 - name: 'cache compiler (djgpp)' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-compiler with: path: ~/djgpp diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index cc95548cad..2e990832fc 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -46,7 +46,7 @@ jobs: image: [windows-11-arm, windows-2022] # Cannot share cache between arm and intel: https://github.com/actions/cache/issues/1622 steps: - name: 'cache test prereqs (stunnel)' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-stunnel with: path: C:\my-stunnel @@ -181,7 +181,7 @@ jobs: - name: 'cache test prereqs (stunnel)' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-stunnel with: path: C:\my-stunnel @@ -403,7 +403,7 @@ jobs: - name: 'cache test prereqs (stunnel)' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-stunnel with: path: C:\my-stunnel @@ -539,7 +539,7 @@ jobs: ${{ matrix.install }} - name: 'cache compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})' - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-compiler with: path: D:\my-cache @@ -623,7 +623,7 @@ jobs: - name: 'cache test prereqs (stunnel)' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-stunnel with: path: C:\my-stunnel @@ -1004,7 +1004,7 @@ jobs: - name: 'cache test prereqs (stunnel)' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: cache-stunnel with: path: C:\my-stunnel diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt index e2222b32b6..5512a26be0 100644 --- a/tests/http/requirements.txt +++ b/tests/http/requirements.txt @@ -3,7 +3,7 @@ # SPDX-License-Identifier: curl cryptography==46.0.5 -filelock==3.20.3 +filelock==3.24.3 psutil==7.2.2 pytest==9.0.2 pytest-xdist==3.8.0 From 99bd5ed97b455995a81420cb94f444cdb7b27e3a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 1 Mar 2026 13:40:06 +0100 Subject: [PATCH 74/88] HISTORY: mention that Rafael passed away much too early Closes #20781 --- docs/HISTORY.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/HISTORY.md b/docs/HISTORY.md index c0528d33d9..1816697500 100644 --- a/docs/HISTORY.md +++ b/docs/HISTORY.md @@ -318,6 +318,8 @@ December: Public Suffix List January: the curl tool defaults to HTTP/2 for HTTPS URLs +June 26: Rafael Sagula, author of the original httpget tool in 1996 died. + December: curl 7.52.0 introduced support for HTTPS-proxy First TLS 1.3 support From d6807890696019308bc885871575f3c2dac875d4 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 1 Mar 2026 13:21:11 +0100 Subject: [PATCH 75/88] test1637: verify --fail and --retry with 502 response code It should exit with 22 after the second retry. Ref: #20771 Cloes #20780 --- tests/data/Makefile.am | 2 +- tests/data/test1637 | 58 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) create mode 100644 tests/data/test1637 diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index ecbcc28fe9..c442fa13c2 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -216,7 +216,7 @@ test1606 test1607 test1608 test1609 test1610 test1611 test1612 test1613 \ test1614 test1615 test1616 test1617 \ test1620 test1621 test1622 test1623 \ \ -test1630 test1631 test1632 test1633 test1634 test1635 test1636 \ +test1630 test1631 test1632 test1633 test1634 test1635 test1636 test1637 \ \ test1640 test1641 test1642 test1643 \ \ diff --git a/tests/data/test1637 b/tests/data/test1637 new file mode 100644 index 0000000000..1a76481a43 --- /dev/null +++ b/tests/data/test1637 @@ -0,0 +1,58 @@ + + + + +HTTP +--retry +--fail + + + +# Server-side + + +HTTP/1.1 502 Not OK +Content-Length: 6 +Content-Type: text/html + +-foo- + + + +# Client-side + + +http + + +HTTP 502 with --fail and --retry 2 + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER --fail --retry 2 --retry-delay 0.1 + + + +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +User-Agent: curl/%VERSION +Accept: */* + + + +22 + + + From 7fe5b933d862af72d4e7e5a95933c8c707b53dc9 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 2 Mar 2026 09:09:10 +0100 Subject: [PATCH 76/88] TODO: drop the alt-svc fallback Let's return to this subject if someone actually needs this for their specific use case. See #17152 Closes #20786 --- docs/TODO.md | 8 -------- 1 file changed, 8 deletions(-) diff --git a/docs/TODO.md b/docs/TODO.md index fbf6092043..6bd63da6b5 100644 --- a/docs/TODO.md +++ b/docs/TODO.md @@ -331,14 +331,6 @@ line. Additionally this should be implemented for proxy base URLs as well. -## alt-svc should fallback if alt-svc does not work - -The `alt-svc:` header provides a set of alternative services for curl to use -instead of the original. If the first attempted one fails, it should try the -next etc and if all alternatives fail go back to the original. - -See [curl issue 4908](https://github.com/curl/curl/issues/4908) - ## Require HTTP version X or higher curl and libcurl provide options for trying higher HTTP versions (for example From da6fbb12a6598a7c9e9e54d66e1454973ffc888e Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 1 Mar 2026 04:46:39 +0100 Subject: [PATCH 77/88] http1: fix potential NULL dereference in `Curl_h1_req_parse_read()` Reported by clang-tidy v22 with `clang-analyzer-*` explicitly enabled: ``` lib/http1.c:89:31: error: Subtraction of a non-null pointer (from variable 'line_end') and a null pointer (via field 'line') results in undefined behavior [clang-analyzer-core.NullPointerArithm] 89 | parser->line_len = line_end - parser->line + 1; | ^ ``` Ref: https://github.com/curl/curl/actions/runs/22534731241/job/65279952830?pr=20778#step:11:85 Ref: #20778 Closes #20779 --- lib/http1.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/http1.c b/lib/http1.c index 9e584248be..60ad32ce89 100644 --- a/lib/http1.c +++ b/lib/http1.c @@ -269,6 +269,11 @@ CURLcode Curl_h1_req_parse_read(struct h1_req_parser *parser, size_t nread; *pnread = 0; + + DEBUGASSERT(buf); + if(!buf) + return CURLE_BAD_FUNCTION_ARGUMENT; + while(!parser->done) { result = next_line(parser, buf, buflen, options, &nread); if(result) { From 7a77884a66be59eca14dc468e115d008010a7129 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 1 Mar 2026 04:03:15 +0100 Subject: [PATCH 78/88] clang-tidy: enable `clang-analyzer-*` checks explicitly, fix fallout v22.1.0 disabled them by default. Fix fallout: - http: check NULL to silence false positives in `HD_VAL()`. Ref: https://releases.llvm.org/22.1.0/tools/clang/tools/extra/docs/ReleaseNotes.html#improvements-to-clang-tidy Follow-up to da6fbb12a6598a7c9e9e54d66e1454973ffc888e #20779 Follow-up to ce4db9c2efca0bd89e556e231d940c988d84a606 #20751 Closes #20778 --- .clang-tidy.yml | 1 + lib/http.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.clang-tidy.yml b/.clang-tidy.yml index c82a8f29ba..83052420de 100644 --- a/.clang-tidy.yml +++ b/.clang-tidy.yml @@ -6,6 +6,7 @@ # https://clang.llvm.org/extra/clang-tidy/checks/list.html Checks: + - clang-analyzer-* - -clang-analyzer-optin.performance.Padding - -clang-analyzer-security.ArrayBound # due to false positives with clang-tidy v21.1.0 - -clang-analyzer-security.insecureAPI.bzero # for FD_ZERO() (seen on macOS) diff --git a/lib/http.c b/lib/http.c index 61d426d9f5..e9ef131f8e 100644 --- a/lib/http.c +++ b/lib/http.c @@ -3185,7 +3185,7 @@ static statusline checkprotoprefix(struct Curl_easy *data, (((hdlen) >= (sizeof(n) - 1)) && curl_strnequal(n, hd, sizeof(n) - 1)) #define HD_VAL(hd, hdlen, n) \ - ((((hdlen) >= (sizeof(n) - 1)) && \ + ((((hdlen) >= (sizeof(n) - 1)) && (hd) && \ curl_strnequal(n, hd, sizeof(n) - 1)) ? ((hd) + (sizeof(n) - 1)) : NULL) /* HTTP header has field name `n` (a string constant) and contains `v` From fcde8d7e3745df3b4d83c86d0a1f0caef398511b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 28 Feb 2026 19:28:42 +0100 Subject: [PATCH 79/88] cmake: minor improvements to integration test framework - add support for separate provider / consumer cmake options in `find_package` tests. To help test more integration scenarios. Refs: #20784 #20729 #20764 - dump generated curl config files in `find_package` tests. (cmake CONFIG source, `libcurl.pc`, `curl-config`. - test.sh: use `sha256sum` (was: `openssl`). Closes #20773 --- tests/cmake/test.sh | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/tests/cmake/test.sh b/tests/cmake/test.sh index a871372ab6..ef49aa632d 100755 --- a/tests/cmake/test.sh +++ b/tests/cmake/test.sh @@ -44,7 +44,7 @@ runresults() { if [ "${mode}" = 'all' ] || [ "${mode}" = 'ExternalProject' ]; then (cd "${src}"; git archive --format=tar HEAD) | gzip > source.tar.gz src="${PWD}/source.tar.gz" - sha="$(openssl dgst -sha256 "${src}" | grep -a -i -o -E '[0-9a-f]{64}$')" + sha="$(sha256sum "${src}" | grep -a -i -o -w -E '[0-9a-f]{64}')" bldc='bld-externalproject' rm -rf "${bldc}" if [ -n "${cmake_consumer_modern:-}" ]; then # 3.15+ @@ -106,7 +106,7 @@ if [ "${mode}" = 'all' ] || [ "${mode}" = 'find_package' ]; then prefix="${PWD}/${bldp}/_pkg" rm -rf "${bldp}" if [ -n "${cmake_provider_modern:-}" ]; then # 3.15+ - "${cmake_provider}" -B "${bldp}" -S "${src}" -G "${gen}" ${cmake_opts} -DCMAKE_UNITY_BUILD=ON ${TEST_CMAKE_FLAGS:-} "$@" \ + "${cmake_provider}" -B "${bldp}" -S "${src}" -G "${gen}" ${cmake_opts} -DCMAKE_UNITY_BUILD=ON ${TEST_CMAKE_FLAGS:-} ${TEST_CMAKE_FLAGS_PROVIDER:-} "$@" \ -DBUILD_SHARED_LIBS=ON \ -DBUILD_STATIC_LIBS=ON \ -DCMAKE_INSTALL_PREFIX="${prefix}" @@ -114,7 +114,7 @@ if [ "${mode}" = 'all' ] || [ "${mode}" = 'find_package' ]; then "${cmake_provider}" --install "${bldp}" else mkdir "${bldp}"; cd "${bldp}" - "${cmake_provider}" "${src}" -G "${gen}" ${cmake_opts} ${TEST_CMAKE_FLAGS:-} "$@" \ + "${cmake_provider}" "${src}" -G "${gen}" ${cmake_opts} ${TEST_CMAKE_FLAGS:-} ${TEST_CMAKE_FLAGS_PROVIDER:-} "$@" \ -DBUILD_SHARED_LIBS=ON \ -DBUILD_STATIC_LIBS=ON \ -DCMAKE_INSTALL_PREFIX="${prefix}" @@ -122,16 +122,19 @@ if [ "${mode}" = 'all' ] || [ "${mode}" = 'find_package' ]; then make install cd .. fi + echo '::group::libcurl.pc'; cat "${prefix}"/lib/pkgconfig/*.pc || true; echo '::endgroup::' + echo '::group::curl-config.cmake'; cat "${prefix}"/lib/cmake/CURL/CURL* || true; echo '::endgroup::' + echo '::group::curl-config'; cat "${prefix}"/bin/curl-config || true; echo '::endgroup::' bldc='bld-find_package' rm -rf "${bldc}" if [ -n "${cmake_consumer_modern:-}" ]; then # 3.15+ - "${cmake_consumer}" -B "${bldc}" -G "${gen}" ${TEST_CMAKE_FLAGS:-} \ + "${cmake_consumer}" -B "${bldc}" -G "${gen}" ${TEST_CMAKE_FLAGS:-} ${TEST_CMAKE_FLAGS_CONSUMER:-} \ -DTEST_INTEGRATION_MODE=find_package \ -DCMAKE_PREFIX_PATH="${prefix}/lib/cmake/CURL" "${cmake_consumer}" --build "${bldc}" --verbose else mkdir "${bldc}"; cd "${bldc}" - "${cmake_consumer}" .. -G "${gen}" ${TEST_CMAKE_FLAGS:-} \ + "${cmake_consumer}" .. -G "${gen}" ${TEST_CMAKE_FLAGS:-} ${TEST_CMAKE_FLAGS_CONSUMER:-} \ -DTEST_INTEGRATION_MODE=find_package \ -DCMAKE_PREFIX_PATH="${prefix}/lib/cmake/CURL" VERBOSE=1 "${cmake_consumer}" --build . From a5c6a4067ab797e8962d8279c1677918aee42384 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Wed, 18 Feb 2026 14:24:00 +0100 Subject: [PATCH 80/88] clang-tidy: fix `readability-suspicious-call-argument` Also: - curlx/strerr: avoid a false positive by dropping an interim variable. - enable this check. Ref: #20627 (initial attempt) Closes #20777 --- .clang-tidy.yml | 1 + lib/curlx/strerr.c | 4 +--- tests/libtest/cli_hx_download.c | 12 ++++++------ tests/libtest/cli_hx_upload.c | 12 ++++++------ 4 files changed, 14 insertions(+), 15 deletions(-) diff --git a/.clang-tidy.yml b/.clang-tidy.yml index 83052420de..b22fdc6a4f 100644 --- a/.clang-tidy.yml +++ b/.clang-tidy.yml @@ -39,6 +39,7 @@ Checks: - readability-redundant-function-ptr-dereference - readability-redundant-parentheses - readability-redundant-preprocessor + - readability-suspicious-call-argument - readability-uppercase-literal-suffix CheckOptions: diff --git a/lib/curlx/strerr.c b/lib/curlx/strerr.c index e3e838d8c0..91a329e915 100644 --- a/lib/curlx/strerr.c +++ b/lib/curlx/strerr.c @@ -44,7 +44,6 @@ static const char *get_winsock_error(int err, char *buf, size_t len) { VERBOSE(const char *p); - VERBOSE(size_t alen); if(!len) return NULL; @@ -221,8 +220,7 @@ static const char *get_winsock_error(int err, char *buf, size_t len) default: return NULL; } - alen = strlen(p); - curlx_strcopy(buf, len, p, alen); + curlx_strcopy(buf, len, p, strlen(p)); return buf; #endif } diff --git a/tests/libtest/cli_hx_download.c b/tests/libtest/cli_hx_download.c index 9c4d99e499..5817e06756 100644 --- a/tests/libtest/cli_hx_download.c +++ b/tests/libtest/cli_hx_download.c @@ -85,10 +85,10 @@ static size_t my_write_d_cb(char *buf, size_t nitems, size_t buflen, void *userdata) { struct transfer_d *t = userdata; - size_t blen = (nitems * buflen); + curl_off_t blen = nitems * buflen; size_t nwritten; - curl_mfprintf(stderr, "[t-%zu] RECV %zu bytes, " + curl_mfprintf(stderr, "[t-%zu] RECV %" CURL_FORMAT_CURL_OFF_T " bytes, " "total=%" CURL_FORMAT_CURL_OFF_T ", " "pause_at=%" CURL_FORMAT_CURL_OFF_T "\n", t->idx, blen, t->recv_size, t->pause_at); @@ -108,19 +108,19 @@ static size_t my_write_d_cb(char *buf, size_t nitems, size_t buflen, return CURL_WRITEFUNC_PAUSE; } - nwritten = fwrite(buf, nitems, buflen, t->out); - if(nwritten < blen) { + nwritten = fwrite(buf, buflen, nitems, t->out); + if(nwritten < nitems) { curl_mfprintf(stderr, "[t-%zu] write failure\n", t->idx); return 0; } - t->recv_size += (curl_off_t)nwritten; + t->recv_size += blen; if(t->fail_at > 0 && t->recv_size >= t->fail_at) { curl_mfprintf(stderr, "[t-%zu] FAIL by write callback at " "%" CURL_FORMAT_CURL_OFF_T " bytes\n", t->idx, t->recv_size); return CURL_WRITEFUNC_ERROR; } - return nwritten; + return (size_t)blen; } static int my_progress_d_cb(void *userdata, diff --git a/tests/libtest/cli_hx_upload.c b/tests/libtest/cli_hx_upload.c index b5fd1c642c..a0575c24e4 100644 --- a/tests/libtest/cli_hx_upload.c +++ b/tests/libtest/cli_hx_upload.c @@ -64,10 +64,10 @@ static size_t my_write_u_cb(char *buf, size_t nitems, size_t buflen, void *userdata) { struct transfer_u *t = userdata; - size_t blen = (nitems * buflen); + curl_off_t blen = nitems * buflen; size_t nwritten; - curl_mfprintf(stderr, "[t-%zu] RECV %zu bytes, " + curl_mfprintf(stderr, "[t-%zu] RECV %" CURL_FORMAT_CURL_OFF_T " bytes, " "total=%" CURL_FORMAT_CURL_OFF_T ", " "pause_at=%" CURL_FORMAT_CURL_OFF_T "\n", t->idx, blen, t->recv_size, t->pause_at); @@ -79,13 +79,13 @@ static size_t my_write_u_cb(char *buf, size_t nitems, size_t buflen, return 0; } - nwritten = fwrite(buf, nitems, buflen, t->out); - if(nwritten < blen) { + nwritten = fwrite(buf, buflen, nitems, t->out); + if(nwritten < nitems) { curl_mfprintf(stderr, "[t-%zu] write failure\n", t->idx); return 0; } - t->recv_size += (curl_off_t)nwritten; - return nwritten; + t->recv_size += blen; + return (size_t)blen; } static size_t my_read_cb(char *buf, size_t nitems, size_t buflen, From b83ade783d8dca498ababcac9b749e35c1711037 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sat, 28 Feb 2026 22:43:19 +0100 Subject: [PATCH 81/88] multi: fix unreachable code compiler warning ``` lib/multi.c:305:5: error: code will never be executed [clang-diagnostic-unreachable-code] 305 | goto error; | ^~~~~~~~~~ ``` Cherry-picked from #20774 Closes #20788 --- lib/multi.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/multi.c b/lib/multi.c index 5642978842..e6a952334b 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -301,8 +301,10 @@ struct Curl_multi *Curl_multi_handle(uint32_t xfer_table_size, } #endif +#ifdef USE_IPV6 if(Curl_probeipv6(multi)) goto error; +#endif return multi; From 64f28b8f8859fc80816f7db3b5c4b6f2fd84bd27 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 27 Feb 2026 16:43:16 +0100 Subject: [PATCH 82/88] curlx: add local `snprintf()` helper that always nul-terminates (Windows) Make the helper use `vsnprintf()` internally on all supported Windows toolchains (dropping `_snprintf()` and `snprintf()`), ensure to nul-terminate. Omit the return value to avoid complexity. Use the helper from `mprintf.c` / `out_double()`, from tests/server code and the tests/server-specific build of `curlx_inet_ntop()`, `curlx_strerror()` functions. In the single call (in tests) where the returned length was used previously, determine it with `strlen()`. Refs: https://github.com/libssh2/libssh2/blob/libssh2-1.11.1/src/misc.c#L57-L79 https://learn.microsoft.com/cpp/c-runtime-library/reference/snprintf-snprintf-snprintf-l-snwprintf-snwprintf-l https://learn.microsoft.com/cpp/c-runtime-library/reference/vsnprintf-vsnprintf-vsnprintf-l-vsnwprintf-vsnwprintf-l Assisted-by: Jay Satiro Follow-up to fa8bd1cc09125b368d4295c19331bf33e2d0c602 #20761 Follow-up to 8ab468c8aa2e3b7b2354f0e9545859ca631f4457 #15997 Closes #20765 --- lib/Makefile.inc | 1 + lib/curl_setup.h | 2 +- lib/curlx/snprintf.c | 49 +++++++++++++++++++++++++++++++++++++++ lib/curlx/snprintf.h | 13 +++++++++-- lib/mprintf.c | 19 ++++++--------- tests/server/Makefile.inc | 1 + tests/server/first.h | 6 ++--- tests/server/tftpd.c | 5 ++-- 8 files changed, 76 insertions(+), 20 deletions(-) create mode 100644 lib/curlx/snprintf.c diff --git a/lib/Makefile.inc b/lib/Makefile.inc index 366ddb8a18..84b4e5425b 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -32,6 +32,7 @@ LIB_CURLX_CFILES = \ curlx/inet_pton.c \ curlx/multibyte.c \ curlx/nonblock.c \ + curlx/snprintf.c \ curlx/strcopy.c \ curlx/strdup.c \ curlx/strerr.c \ diff --git a/lib/curl_setup.h b/lib/curl_setup.h index 4629f79fb9..6e65697408 100644 --- a/lib/curl_setup.h +++ b/lib/curl_setup.h @@ -90,7 +90,7 @@ /* Disable Visual Studio warnings: 4127 "conditional expression is constant" */ #pragma warning(disable:4127) #ifndef _CRT_SECURE_NO_WARNINGS -#define _CRT_SECURE_NO_WARNINGS /* for _snprintf(), getenv(), sscanf() */ +#define _CRT_SECURE_NO_WARNINGS /* for getenv(), sscanf() */ #endif #endif /* _MSC_VER */ diff --git a/lib/curlx/snprintf.c b/lib/curlx/snprintf.c new file mode 100644 index 0000000000..c7332520e7 --- /dev/null +++ b/lib/curlx/snprintf.c @@ -0,0 +1,49 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +#include "curlx/snprintf.h" + +#ifdef _WIN32 +#include + +/* Simplified wrapper for the Windows platform to use the correct symbol and + ensuring null-termination. Omit returning a length to keep it simple. */ +void curlx_win32_snprintf(char *buf, size_t maxlen, const char *fmt, ...) +{ + va_list ap; + if(!maxlen) + return; + va_start(ap, fmt); +#if defined(__GNUC__) || defined(__clang__) +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wformat-nonliteral" +#endif + /* !checksrc! disable BANNEDFUNC 1 */ + (void)vsnprintf(buf, maxlen, fmt, ap); +#if defined(__GNUC__) || defined(__clang__) +#pragma GCC diagnostic pop +#endif + buf[maxlen - 1] = 0; + va_end(ap); +} +#endif /* _WIN32 */ diff --git a/lib/curlx/snprintf.h b/lib/curlx/snprintf.h index 266ea137fa..d6260e4e39 100644 --- a/lib/curlx/snprintf.h +++ b/lib/curlx/snprintf.h @@ -1,3 +1,5 @@ +#ifndef HEADER_CURLX_SNPRINTF_H +#define HEADER_CURLX_SNPRINTF_H /*************************************************************************** * _ _ ____ _ * Project ___| | | | _ \| | @@ -21,12 +23,18 @@ * SPDX-License-Identifier: curl * ***************************************************************************/ +#include "curl_setup.h" /* Raw snprintf() for curlx */ +#ifdef _WIN32 +void curlx_win32_snprintf(char *buf, size_t maxlen, const char *fmt, ...) + CURL_PRINTF(3, 4); +#endif + #ifdef WITHOUT_LIBCURL /* when built for the test servers */ -#if defined(_MSC_VER) && (_MSC_VER < 1900) /* adjust for old MSVC */ -#define SNPRINTF _snprintf +#ifdef _WIN32 +#define SNPRINTF curlx_win32_snprintf #else #define SNPRINTF snprintf #endif @@ -34,3 +42,4 @@ #include #define SNPRINTF curl_msnprintf #endif /* WITHOUT_LIBCURL */ +#endif /* HEADER_CURLX_SNPRINTF_H */ diff --git a/lib/mprintf.c b/lib/mprintf.c index b00f16e34b..18eb421ba1 100644 --- a/lib/mprintf.c +++ b/lib/mprintf.c @@ -26,6 +26,7 @@ #include "curlx/dynbuf.h" #include "curl_printf.h" #include "curlx/strparse.h" +#include "curlx/snprintf.h" /* for curlx_win32_snprintf() */ #define BUFFSIZE 326 /* buffer for long-to-str and float-to-str calcs, should fit negative DBL_MAX (317 letters) */ @@ -671,29 +672,23 @@ static bool out_double(void *userp, /* NOTE NOTE NOTE!! Not all sprintf implementations return number of output characters */ -#ifdef HAVE_SNPRINTF #if defined(__GNUC__) || defined(__clang__) #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wformat-nonliteral" #endif +#ifdef _WIN32 + curlx_win32_snprintf(work, BUFFSIZE, formatbuf, dnum); +#elif defined(HAVE_SNPRINTF) /* !checksrc! disable BANNEDFUNC 1 */ /* !checksrc! disable LONGLINE */ /* NOLINTNEXTLINE(clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling) */ snprintf(work, BUFFSIZE, formatbuf, dnum); -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif -#ifdef _WIN32 - /* Old versions of the Windows CRT do not terminate the snprintf output - buffer if it reaches the max size so we do that here. */ - work[BUFFSIZE - 1] = 0; -#endif -#elif defined(_MSC_VER) && (_MSC_VER < 1900) - _snprintf(work, BUFFSIZE, formatbuf, dnum); - work[BUFFSIZE - 1] = 0; #else /* float and double outputs do not work without snprintf support */ work[0] = 0; +#endif +#if defined(__GNUC__) || defined(__clang__) +#pragma GCC diagnostic pop #endif DEBUGASSERT(strlen(work) < BUFFSIZE); while(*work) { diff --git a/tests/server/Makefile.inc b/tests/server/Makefile.inc index 96da26d643..1b7bb1af94 100644 --- a/tests/server/Makefile.inc +++ b/tests/server/Makefile.inc @@ -40,6 +40,7 @@ CURLX_C = \ ../../lib/curlx/inet_pton.c \ ../../lib/curlx/multibyte.c \ ../../lib/curlx/nonblock.c \ + ../../lib/curlx/snprintf.c \ ../../lib/curlx/strcopy.c \ ../../lib/curlx/strerr.c \ ../../lib/curlx/strparse.c \ diff --git a/tests/server/first.h b/tests/server/first.h index 1de5f43a64..39feb64d62 100644 --- a/tests/server/first.h +++ b/tests/server/first.h @@ -64,9 +64,9 @@ extern const struct entry_s s_entries[]; #include -/* adjust for old MSVC */ -#if defined(_MSC_VER) && (_MSC_VER < 1900) -# define snprintf _snprintf +#ifdef _WIN32 +#include +#define snprintf curlx_win32_snprintf #endif #ifdef _WIN32 diff --git a/tests/server/tftpd.c b/tests/server/tftpd.c index aff8e3a1d6..44e7976f1c 100644 --- a/tests/server/tftpd.c +++ b/tests/server/tftpd.c @@ -606,8 +606,9 @@ static int validate_access(struct testcase *test, if(!strncmp("verifiedserver", filename, 14)) { char weare[128]; - size_t count = snprintf(weare, sizeof(weare), "WE ROOLZ: %ld\r\n", - (long)our_getpid()); + size_t count; + snprintf(weare, sizeof(weare), "WE ROOLZ: %ld\r\n", (long)our_getpid()); + count = strlen(weare); logmsg("Are-we-friendly question received"); test->buffer = curlx_strdup(weare); From 30ec220a68dcb24dc53d5348045ee82801d2aed1 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 2 Mar 2026 21:56:05 +0100 Subject: [PATCH 83/88] mprintf: silence clang-tidy `readability-suspicious-call-argument` Follow-up to 64f28b8f8859fc80816f7db3b5c4b6f2fd84bd27 #20765 Closes #20791 --- lib/mprintf.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/mprintf.c b/lib/mprintf.c index 18eb421ba1..cf30e41c88 100644 --- a/lib/mprintf.c +++ b/lib/mprintf.c @@ -608,9 +608,9 @@ static bool out_double(void *userp, double dnum, char *work, int *donep) { - char formatbuf[32] = "%"; - char *fptr = &formatbuf[1]; - size_t left = sizeof(formatbuf) - strlen(formatbuf); + char fmt[32] = "%"; + char *fptr = &fmt[1]; + size_t left = sizeof(fmt) - strlen(fmt); int flags = p->flags; int width = p->width; int prec = p->prec; @@ -677,12 +677,12 @@ static bool out_double(void *userp, #pragma GCC diagnostic ignored "-Wformat-nonliteral" #endif #ifdef _WIN32 - curlx_win32_snprintf(work, BUFFSIZE, formatbuf, dnum); + curlx_win32_snprintf(work, BUFFSIZE, fmt, dnum); #elif defined(HAVE_SNPRINTF) /* !checksrc! disable BANNEDFUNC 1 */ /* !checksrc! disable LONGLINE */ /* NOLINTNEXTLINE(clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling) */ - snprintf(work, BUFFSIZE, formatbuf, dnum); + snprintf(work, BUFFSIZE, fmt, dnum); #else /* float and double outputs do not work without snprintf support */ work[0] = 0; From d557c06b529dd6b0f583350e6fc0c471f415c66f Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 2 Mar 2026 21:47:38 +0100 Subject: [PATCH 84/88] build: drop unused `snprintf()` feature check on Windows Follow-up to 64f28b8f8859fc80816f7db3b5c4b6f2fd84bd27 #20765 Closes #20790 --- CMake/win32-cache.cmake | 6 ------ CMakeLists.txt | 6 +----- configure.ac | 2 +- lib/config-win32.h | 5 ----- 4 files changed, 2 insertions(+), 17 deletions(-) diff --git a/CMake/win32-cache.cmake b/CMake/win32-cache.cmake index 60d638f2d9..77535a6367 100644 --- a/CMake/win32-cache.cmake +++ b/CMake/win32-cache.cmake @@ -33,7 +33,6 @@ if(MINGW) set(HAVE_GETTIMEOFDAY 1) set(HAVE_LIBGEN_H 1) set(HAVE_OPENDIR 1) - set(HAVE_SNPRINTF 1) set(HAVE_STDBOOL_H 1) set(HAVE_STDDEF_H 1) # detected by CMake internally in check_type_size() set(HAVE_STDINT_H 1) # detected by CMake internally in check_type_size() @@ -60,11 +59,6 @@ else() set(HAVE_STDBOOL_H 0) endif() set(HAVE_BOOL_T "${HAVE_STDBOOL_H}") - if(MSVC_VERSION GREATER_EQUAL 1900) - set(HAVE_SNPRINTF 1) - else() - set(HAVE_SNPRINTF 0) - endif() set(HAVE_BASENAME 0) endif() endif() diff --git a/CMakeLists.txt b/CMakeLists.txt index 43fb01a48a..96d409b556 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1633,6 +1633,7 @@ if(NOT WIN32) check_function_exists("if_nametoindex" HAVE_IF_NAMETOINDEX) # net/if.h check_function_exists("realpath" HAVE_REALPATH) check_function_exists("sched_yield" HAVE_SCHED_YIELD) + check_function_exists("snprintf" HAVE_SNPRINTF) # to match detection method in ./configure check_symbol_exists("strcasecmp" "string.h" HAVE_STRCASECMP) check_symbol_exists("stricmp" "string.h" HAVE_STRICMP) check_symbol_exists("strcmpi" "string.h" HAVE_STRCMPI) @@ -1646,11 +1647,6 @@ if(NOT _ssl_enabled) check_symbol_exists("arc4random" "${CURL_INCLUDES};stdlib.h" HAVE_ARC4RANDOM) endif() -if(NOT MSVC) - check_function_exists("snprintf" HAVE_SNPRINTF) # to match detection method in ./configure -elseif(MSVC_VERSION GREATER_EQUAL 1900) # Earlier MSVC compilers had faulty snprintf implementations - check_symbol_exists("snprintf" "stdio.h" HAVE_SNPRINTF) # snprintf may be a compatibility macro, not an exported function -endif() if(APPLE) check_function_exists("mach_absolute_time" HAVE_MACH_ABSOLUTE_TIME) endif() diff --git a/configure.ac b/configure.ac index d345f5f354..f924054c67 100644 --- a/configure.ac +++ b/configure.ac @@ -4190,7 +4190,6 @@ AC_CHECK_FUNCS([\ sendmsg \ setlocale \ setrlimit \ - snprintf \ utime \ utimes \ ]) @@ -4200,6 +4199,7 @@ if test "$curl_cv_native_windows" != "yes"; then if_nametoindex \ realpath \ sched_yield \ + snprintf \ ]) CURL_CHECK_FUNC_INET_NTOP CURL_CHECK_FUNC_INET_PTON diff --git a/lib/config-win32.h b/lib/config-win32.h index dd93c04579..c62ba8fc5a 100644 --- a/lib/config-win32.h +++ b/lib/config-win32.h @@ -159,11 +159,6 @@ /* Define to the function return type for send. */ #define SEND_TYPE_RETV int -/* Define to 1 if you have the snprintf function. */ -#if (defined(_MSC_VER) && (_MSC_VER >= 1900)) || defined(__MINGW32__) -#define HAVE_SNPRINTF 1 -#endif - /* Must always use local implementations on Windows. */ /* Define to 1 if you have an IPv6 capable working inet_ntop function. */ /* #undef HAVE_INET_NTOP */ From 3aa63896ae7a745fc50fa9cfa0bef0adb74462f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20D=C3=ADaz?= Date: Fri, 27 Feb 2026 15:07:01 -0600 Subject: [PATCH 85/88] mbedtls: guard TLS 1.3 + session tickets usage inside ifdef If TLS 1.3 is not supported, the call to `mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets()` fails during compilation: ``` curl-8.18.0/lib/vtls/mbedtls.c: In function 'mbed_connect_step1': curl-8.18.0/lib/vtls/mbedtls.c:809:3: error: implicit declaration of function 'mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets' [-Werror=implicit-function-declaration] mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets(&backend->config, ^ curl-8.18.0/lib/vtls/mbedtls.c:809:3: warning: nested extern declaration of 'mbedtls_ssl_conf_tls13_enable_signal_new_session_tickets' [-Wnested-externs] ``` Protect this call inside the `#ifdef` block by making sure that support for TLS 1.3 is defined. Closes #20789 --- lib/vtls/mbedtls.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c index f37dc81944..ce9f3ac6bb 100644 --- a/lib/vtls/mbedtls.c +++ b/lib/vtls/mbedtls.c @@ -814,6 +814,7 @@ static CURLcode mbed_configure_ssl(struct Curl_cfilter *cf, #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && \ + defined(MBEDTLS_SSL_PROTO_TLS1_3) && \ MBEDTLS_VERSION_NUMBER >= 0x03060100 && \ MBEDTLS_VERSION_NUMBER < 0x04000000 /* New in mbedTLS 3.6.1, need to enable, default is now disabled. 4.0.0 From 86a2a6b5477b848f405f9c93d7a56343349d6e4b Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 2 Mar 2026 22:47:06 +0100 Subject: [PATCH 86/88] cmake: stop disabling C4774 after replacing `snprintf()`, update comment (MSVC) - update comment for `-wd4710` option. Ref: https://ci.appveyor.com/project/curlorg/curl/builds/53627545 - stop suppressing C4774. Not triggered by the replacement call `vsnprintf()`, as also confirmed by local tests. Follow-up to https://github.com/curl/curl/commit/192b9214a7cf9082665ce460617308cb4836850b Ref: https://devblogs.microsoft.com/cppblog/format-specifiers-checking/ Ref: https://learn.microsoft.com/cpp/error-messages/compiler-warnings/compiler-warnings-c4600-through-c4799 Follow-up to 64f28b8f8859fc80816f7db3b5c4b6f2fd84bd27 #20765 Closes #20792 --- CMake/PickyWarnings.cmake | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/CMake/PickyWarnings.cmake b/CMake/PickyWarnings.cmake index b3fdad46d5..1b67b0be7c 100644 --- a/CMake/PickyWarnings.cmake +++ b/CMake/PickyWarnings.cmake @@ -406,12 +406,11 @@ if(PICKY_COMPILER) list(APPEND _picky "-wd4548") # expression before comma has no effect; expected expression with side-effect (in FD_SET()) list(APPEND _picky "-wd4574") # 'M' is defined to be '0': did you mean to use '#if M'? (in ws2tcpip.h) list(APPEND _picky "-wd4668") # 'M' is not defined as a preprocessor macro, replacing with '0' for '#if/#elif' (in winbase.h) - list(APPEND _picky "-wd4710") # 'snprintf': function not inlined + list(APPEND _picky "-wd4710") # 'fprintf'/'printf'/'sscanf': function not inlined (in tests, with VS2022+ Release) list(APPEND _picky "-wd4711") # function 'A' selected for automatic inline expansion # volatile access of '' is subject to /volatile: setting; # consider using __iso_volatile_load/store intrinsic functions (ARM64) list(APPEND _picky "-wd4746") - list(APPEND _picky "-wd4774") # 'snprintf': format string expected in argument 3 is not a string literal list(APPEND _picky "-wd4820") # 'A': 'N' bytes padding added after data member 'B' if(MSVC_VERSION GREATER_EQUAL 1900) list(APPEND _picky "-wd5045") # Compiler will insert Spectre mitigation for memory load if /Qspectre switch specified From 4b583b7585c178e46bbe5f51d6da85230f53bde0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 24 Feb 2026 21:28:38 +0000 Subject: [PATCH 87/88] Dockerfile: update debian:bookworm-slim digest to 74d56e3 Closes #20714 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5fe8750190..ec04852a39 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,7 +24,7 @@ # $ ./scripts/maketgz 8.7.1 # To update, get the latest digest e.g. from https://hub.docker.com/_/debian/tags -FROM debian:bookworm-slim@sha256:98f4b71de414932439ac6ac690d7060df1f27161073c5036a7553723881bffbe +FROM debian:bookworm-slim@sha256:74d56e3931e0d5a1dd51f8c8a2466d21de84a271cd3b5a733b803aa91abf4421 RUN apt-get update -qq && apt-get install -qq -y --no-install-recommends \ build-essential make autoconf automake libtool git perl zip zlib1g-dev gawk && \ From 268cee2efbec2c9527220646db127ff53220dcf5 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 10 Feb 2026 08:54:14 +0100 Subject: [PATCH 88/88] rtmp: drop support - librtmp has no test cases, makes no proper releases and has not had a single commit within the last year - librtmp parses the URL itself and requires non-compliant URLs for this - we have no RTMP tests - RTMP is barely used by curl users (2.2% self-identified in the 2025 survey) Closes #20673 --- .github/labeler.yml | 8 - .github/scripts/cmp-config.pl | 1 - .github/workflows/codeql.yml | 6 +- .github/workflows/linux-old.yml | 8 +- .github/workflows/linux.yml | 10 +- .github/workflows/macos.yml | 12 +- CMake/FindLibrtmp.cmake | 116 ------- CMake/curl-config.in.cmake | 4 - CMakeLists.txt | 9 - Makefile.am | 1 - README.md | 4 +- configure.ac | 85 ----- docs/DEPRECATE.md | 13 +- docs/FAQ.md | 4 +- docs/HISTORY.md | 4 + docs/INSTALL-CMAKE.md | 3 - docs/INSTALL.md | 1 - docs/URL-SYNTAX.md | 24 +- docs/cmdline-opts/_DESCRIPTION.md | 4 +- docs/cmdline-opts/_PROTOCOLS.md | 3 - docs/libcurl/opts/CURLOPT_PROTOCOLS_STR.md | 8 +- .../opts/CURLOPT_REDIR_PROTOCOLS_STR.md | 4 +- docs/libcurl/symbols-in-versions | 12 +- lib/Makefile.inc | 2 - lib/curl_config-cmake.h.in | 3 - lib/curl_rtmp.c | 326 ------------------ lib/curl_rtmp.h | 36 -- lib/url.c | 63 ++-- lib/urldata.h | 3 - lib/version.c | 28 -- projects/vms/generate_config_vms_h_curl.com | 3 - scripts/cd2nroff | 2 - scripts/ciconfig.pl | 1 - scripts/schemetable.c | 6 - src/tool_help.c | 5 +- 35 files changed, 77 insertions(+), 745 deletions(-) delete mode 100644 CMake/FindLibrtmp.cmake delete mode 100644 lib/curl_rtmp.c delete mode 100644 lib/curl_rtmp.h diff --git a/.github/labeler.yml b/.github/labeler.yml index 4a73d014ab..d619d51148 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -369,14 +369,6 @@ POP3: lib/pop3.*\ }" -RTMP: - - all: - - changed-files: - - any-glob-to-all-files: "{\ - CMake/FindLibrtmp.cmake,\ - lib/curl_rtmp.*\ - }" - RTSP: - all: - changed-files: diff --git a/.github/scripts/cmp-config.pl b/.github/scripts/cmp-config.pl index eef6b24927..89a99491b0 100755 --- a/.github/scripts/cmp-config.pl +++ b/.github/scripts/cmp-config.pl @@ -53,7 +53,6 @@ my %remove = ( '#define HAVE_LDAP_SSL 1' => 1, '#define HAVE_LIBBROTLIDEC 1' => 1, '#define HAVE_LIBPSL_H 1' => 1, - '#define HAVE_LIBRTMP_RTMP_H 1' => 1, '#define HAVE_LIBSOCKET 1' => 1, '#define HAVE_LIBSSH' => 1, '#define HAVE_LIBSSH2 1' => 1, diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 815ad772b7..17fffca857 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -74,7 +74,7 @@ jobs: sudo rm -f /etc/apt/sources.list.d/{azure-cli.sources,microsoft-prod.list,ondrej-ubuntu-php-noble.sources} sudo apt-get -o Dpkg::Use-Pty=0 update sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libssh-dev \ - libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev libwolfssl-dev + libnghttp2-dev libldap-dev libkrb5-dev libgnutls28-dev libwolfssl-dev HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install c-ares gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -110,7 +110,7 @@ jobs: export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix c-ares)/lib/pkgconfig:$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig" cmake -B _bld1 -G Ninja -DCURL_DISABLE_TYPECHECK=ON -DCURL_WERROR=ON -DENABLE_DEBUG=ON \ -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \ - -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DUSE_ECH=ON -DENABLE_ARES=ON \ + -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DUSE_ECH=ON -DENABLE_ARES=ON \ -DCURL_DISABLE_VERBOSE_STRINGS=ON cmake --build _bld1 cmake --build _bld1 --target testdeps @@ -121,7 +121,7 @@ jobs: cmake -B _bld2 -G Ninja -DCURL_DISABLE_TYPECHECK=ON -DCURL_WERROR=ON \ -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR="$(brew --prefix openssl)" -DUSE_NGTCP2=ON \ -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON \ - -DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON + -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON cmake --build _bld2 cmake --build _bld2 --target testdeps cmake --build _bld2 --target curl-examples-build diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index af51acb73c..e11cc79fa1 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -69,7 +69,7 @@ jobs: sha256sum freexian-archive-keyring_2022.06.08_all.deb && dpkg -i freexian-archive-keyring_2022.06.08_all.deb echo 'deb http://deb.freexian.com/extended-lts stretch-lts main contrib non-free' | tee /etc/apt/sources.list.d/extended-lts.list apt-get -o Dpkg::Use-Pty=0 update - apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libc-ares-dev libkrb5-dev libldap2-dev librtmp-dev stunnel4 + apt-get -o Dpkg::Use-Pty=0 install -y --no-install-suggests --no-install-recommends make automake autoconf libtool gcc pkg-config libpsl-dev libzstd-dev zlib1g-dev libc-ares-dev libkrb5-dev libldap2-dev stunnel4 # GitHub's actions/checkout needs newer glibc and libstdc++. The latter also depends on # gcc-8-base, but it does not actually seem used in our situation and is not available in # the main repo, so force the install. @@ -97,7 +97,7 @@ jobs: mkdir bld-1 cd bld-1 ~/cmake/bin/cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \ - -DCURL_ENABLE_SSL=OFF -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON + -DCURL_ENABLE_SSL=OFF -DENABLE_ARES=OFF -DCURL_ZSTD=OFF -DCURL_USE_GSSAPI=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF - name: 'CM build-only build' run: VERBOSE=1 make -C bld-1 install @@ -121,7 +121,7 @@ jobs: mkdir bld-cares cd bld-cares ~/cmake/bin/cmake .. -DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON -DBUILD_SHARED_LIBS=ON \ - -DCURL_ENABLE_SSL=OFF -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_LIBRTMP=ON \ + -DCURL_ENABLE_SSL=OFF -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF \ -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON - name: 'CM configure log' @@ -160,7 +160,7 @@ jobs: cd bld-am ../configure --prefix="$PWD"/../curl-install-am --enable-unity --enable-warnings --enable-werror --disable-shared \ --disable-dependency-tracking --enable-option-checking=fatal \ - --without-ssl --enable-ares --without-libssh2 --with-zstd --with-gssapi --with-librtmp + --without-ssl --enable-ares --without-libssh2 --with-zstd --with-gssapi - name: 'AM configure log' if: ${{ !cancelled() }} diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 57dec5a0dd..6177a61666 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -232,7 +232,7 @@ jobs: --with-openssl --enable-debug --disable-unity --disable-dict --disable-gopher --disable-ldap --disable-telnet --disable-imap --disable-pop3 --disable-smtp - --without-librtmp --disable-rtsp + --disable-rtsp --without-libssh2 --without-libssh --disable-tftp --disable-ftp --disable-file --disable-smb @@ -249,14 +249,14 @@ jobs: generate: -DCURL_USE_OPENSSL=ON -DENABLE_DEBUG=ON -DENABLE_ARES=ON - name: 'openssl i686' - install_packages: gcc-14-i686-linux-gnu libssl-dev:i386 librtmp-dev:i386 libssh2-1-dev:i386 libidn2-dev:i386 libc-ares-dev:i386 zlib1g-dev:i386 + install_packages: gcc-14-i686-linux-gnu libssl-dev:i386 libssh2-1-dev:i386 libidn2-dev:i386 libc-ares-dev:i386 zlib1g-dev:i386 configure: >- PKG_CONFIG_PATH=/usr/lib/i386-linux-gnu/pkgconfig CC=i686-linux-gnu-gcc-14 CPPFLAGS=-I/usr/include/i386-linux-gnu LDFLAGS=-L/usr/lib/i386-linux-gnu --host=i686-linux-gnu - --with-openssl --with-librtmp --with-libssh2 --with-libidn2 --enable-ares --enable-debug + --with-openssl --with-libssh2 --with-libidn2 --enable-ares --enable-debug - name: '!ssl !http !smtp !imap' image: ubuntu-24.04-arm @@ -275,7 +275,7 @@ jobs: -DCURL_DISABLE_LDAP=ON -DUSE_LIBIDN2=OFF -DCURL_USE_LIBSSH2=OFF - name: 'clang-tidy' - install_packages: clang-20 clang-tidy-20 libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev + install_packages: clang-20 clang-tidy-20 libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev libgnutls28-dev install_steps: skiprun mbedtls-latest-intel rustls wolfssl-opensslextra-intel install_steps_brew: gsasl CC: clang-20 @@ -283,7 +283,7 @@ jobs: PKG_CONFIG_PATH: /home/runner/wolfssl-opensslextra/lib/pkgconfig:/home/runner/mbedtls/lib/pkgconfig:/home/runner/rustls/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/gsasl/lib/pkgconfig generate: >- -DCURL_USE_OPENSSL=ON -DCURL_USE_WOLFSSL=ON -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON - -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON + -DCURL_USE_GSASL=ON -DUSE_ECH=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/usr/bin/clang-tidy-20 diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index d8f827e72a..1953366b42 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -240,7 +240,7 @@ jobs: -DCURL_ENABLE_SSL=OFF -DHTTP_ONLY=ON -DCURL_DISABLE_NTLM=ON -DCURL_DISABLE_ALTSVC=ON -DENABLE_UNIX_SOCKETS=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=OFF -DUSE_NGHTTP2=OFF - -DCURL_USE_GSSAPI=OFF -DUSE_LIBIDN2=OFF -DCURL_USE_LIBPSL=OFF -DUSE_LIBRTMP=OFF + -DCURL_USE_GSSAPI=OFF -DUSE_LIBIDN2=OFF -DCURL_USE_LIBPSL=OFF -DCURL_BROTLI=OFF -DCURL_ZLIB=OFF -DCURL_ZSTD=OFF -DBUILD_STATIC_LIBS=ON -DBUILD_SHARED_LIBS=OFF @@ -265,19 +265,19 @@ jobs: compiler: clang generate: -DENABLE_DEBUG=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_BROTLI=OFF -DCURL_ZSTD=OFF -DCURL_USE_LIBSSH2=OFF tflags: '--test-event --min=1300' - - name: 'OpenSSL gsasl rtmp AppleIDN SecTrust +examples' + - name: 'OpenSSL gsasl AppleIDN SecTrust +examples' compiler: clang - install: libnghttp3 libngtcp2 gsasl rtmpdump - generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON -DCURL_DISABLE_VERBOSE_STRINGS=ON -DUSE_APPLE_SECTRUST=ON + install: libnghttp3 libngtcp2 gsasl + generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON -DCURL_DISABLE_VERBOSE_STRINGS=ON -DUSE_APPLE_SECTRUST=ON - name: 'MultiSSL AppleIDN clang-tidy +examples' image: macos-26 compiler: clang - install: llvm gnutls nettle libressl krb5 mbedtls gsasl rustls-ffi rtmpdump libssh fish + install: llvm gnutls nettle libressl krb5 mbedtls gsasl rustls-ffi libssh fish install_steps: skiprun chkprefill: _chkprefill generate: >- -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/libressl -DCURL_DEFAULT_SSL_BACKEND=openssl - -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON + -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON -DUSE_APPLE_IDN=ON -DUSE_SSLS_EXPORT=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5 -DCURL_BROTLI=ON -DCURL_ZSTD=ON diff --git a/CMake/FindLibrtmp.cmake b/CMake/FindLibrtmp.cmake deleted file mode 100644 index 853ba63ad0..0000000000 --- a/CMake/FindLibrtmp.cmake +++ /dev/null @@ -1,116 +0,0 @@ -#*************************************************************************** -# _ _ ____ _ -# Project ___| | | | _ \| | -# / __| | | | |_) | | -# | (__| |_| | _ <| |___ -# \___|\___/|_| \_\_____| -# -# Copyright (C) Daniel Stenberg, , et al. -# -# This software is licensed as described in the file COPYING, which -# you should have received as part of this distribution. The terms -# are also available at https://curl.se/docs/copyright.html. -# -# You may opt to use, copy, modify, merge, publish, distribute and/or sell -# copies of the Software, and permit persons to whom the Software is -# furnished to do so, under the terms of the COPYING file. -# -# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -# KIND, either express or implied. -# -# SPDX-License-Identifier: curl -# -########################################################################### -# Find the librtmp library -# -# Input variables: -# -# - `LIBRTMP_INCLUDE_DIR`: Absolute path to librtmp include directory. -# - `LIBRTMP_LIBRARY`: Absolute path to `librtmp` library. -# -# Defines: -# -# - `LIBRTMP_FOUND`: System has librtmp. -# - `LIBRTMP_VERSION`: Version of librtmp. -# - `CURL::librtmp`: librtmp library target. - -set(_librtmp_pc_requires "librtmp") - -if(CURL_USE_PKGCONFIG AND - NOT DEFINED LIBRTMP_INCLUDE_DIR AND - NOT DEFINED LIBRTMP_LIBRARY) - find_package(PkgConfig QUIET) - pkg_check_modules(_librtmp ${_librtmp_pc_requires}) -endif() - -if(_librtmp_FOUND AND _librtmp_INCLUDE_DIRS) - set(Librtmp_FOUND TRUE) - set(LIBRTMP_FOUND TRUE) - set(LIBRTMP_VERSION ${_librtmp_VERSION}) - message(STATUS "Found Librtmp (via pkg-config): ${_librtmp_INCLUDE_DIRS} (found version \"${LIBRTMP_VERSION}\")") -else() - find_path(LIBRTMP_INCLUDE_DIR NAMES "librtmp/rtmp.h") - find_library(LIBRTMP_LIBRARY NAMES "rtmp") - - unset(LIBRTMP_VERSION CACHE) - if(LIBRTMP_INCLUDE_DIR AND EXISTS "${LIBRTMP_INCLUDE_DIR}/librtmp/rtmp.h") - set(_version_regex "#[\t ]*define[\t ]+RTMP_LIB_VERSION[\t ]+0x([0-9a-fA-F][0-9a-fA-F])([0-9a-fA-F][0-9a-fA-F]).*") - file(STRINGS "${LIBRTMP_INCLUDE_DIR}/librtmp/rtmp.h" _version_str REGEX "${_version_regex}") - string(REGEX REPLACE "${_version_regex}" "\\1" _version_str1 "${_version_str}") - string(REGEX REPLACE "${_version_regex}" "\\2" _version_str2 "${_version_str}") - if(CMAKE_VERSION VERSION_LESS 3.13) - # No support for hex version numbers, just strip leading zeroes - string(REGEX REPLACE "^0" "" _version_str1 "${_version_str1}") - string(REGEX REPLACE "^0" "" _version_str2 "${_version_str2}") - else() - math(EXPR _version_str1 "0x${_version_str1}" OUTPUT_FORMAT DECIMAL) - math(EXPR _version_str2 "0x${_version_str2}" OUTPUT_FORMAT DECIMAL) - endif() - set(LIBRTMP_VERSION "${_version_str1}.${_version_str2}") - unset(_version_regex) - unset(_version_str1) - unset(_version_str2) - endif() - - include(FindPackageHandleStandardArgs) - find_package_handle_standard_args(Librtmp - REQUIRED_VARS - LIBRTMP_INCLUDE_DIR - LIBRTMP_LIBRARY - VERSION_VAR - LIBRTMP_VERSION - ) - - if(LIBRTMP_FOUND) - set(_librtmp_INCLUDE_DIRS ${LIBRTMP_INCLUDE_DIR}) - set(_librtmp_LIBRARIES ${LIBRTMP_LIBRARY}) - endif() - - mark_as_advanced(LIBRTMP_INCLUDE_DIR LIBRTMP_LIBRARY) - - # Necessary when linking a static librtmp - find_package(OpenSSL) - if(OpenSSL_FOUND) - list(APPEND _librtmp_LIBRARIES OpenSSL::SSL OpenSSL::Crypto) - endif() -endif() - -if(LIBRTMP_FOUND) - if(WIN32) - list(APPEND _librtmp_LIBRARIES "winmm") - endif() - - if(CMAKE_VERSION VERSION_LESS 3.13) - link_directories(${_librtmp_LIBRARY_DIRS}) - endif() - - if(NOT TARGET CURL::librtmp) - add_library(CURL::librtmp INTERFACE IMPORTED) - set_target_properties(CURL::librtmp PROPERTIES - INTERFACE_LIBCURL_PC_MODULES "${_librtmp_pc_requires}" - INTERFACE_COMPILE_OPTIONS "${_librtmp_CFLAGS}" - INTERFACE_INCLUDE_DIRECTORIES "${_librtmp_INCLUDE_DIRS}" - INTERFACE_LINK_DIRECTORIES "${_librtmp_LIBRARY_DIRS}" - INTERFACE_LINK_LIBRARIES "${_librtmp_LIBRARIES}") - endif() -endif() diff --git a/CMake/curl-config.in.cmake b/CMake/curl-config.in.cmake index 62134cbcd8..af018df757 100644 --- a/CMake/curl-config.in.cmake +++ b/CMake/curl-config.in.cmake @@ -93,10 +93,6 @@ if("@USE_LIBPSL@") find_dependency(Libpsl) list(APPEND _curl_libs CURL::libpsl) endif() -if("@USE_LIBRTMP@") - find_dependency(Librtmp) - list(APPEND _curl_libs CURL::librtmp) -endif() if("@USE_LIBSSH@") find_dependency(Libssh) list(APPEND _curl_libs CURL::libssh) diff --git a/CMakeLists.txt b/CMakeLists.txt index 96d409b556..c5b9eee067 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1338,12 +1338,6 @@ if(CURL_USE_LIBUV) set(HAVE_UV_H ON) endif() -option(USE_LIBRTMP "Enable librtmp from rtmpdump" OFF) -if(USE_LIBRTMP) - find_package(Librtmp REQUIRED) - list(APPEND CURL_LIBS CURL::librtmp) -endif() - option(ENABLE_UNIX_SOCKETS "Enable Unix domain sockets support" ON) if(ENABLE_UNIX_SOCKETS) if(WIN32 OR DOS) @@ -1982,7 +1976,6 @@ curl_add_if("SFTP" USE_LIBSSH2 OR USE_LIBSSH) curl_add_if("IPFS" NOT CURL_DISABLE_IPFS) curl_add_if("IPNS" NOT CURL_DISABLE_IPFS) curl_add_if("RTSP" NOT CURL_DISABLE_RTSP) -curl_add_if("RTMP" USE_LIBRTMP) curl_add_if("MQTT" NOT CURL_DISABLE_MQTT) curl_add_if("MQTTS" NOT CURL_DISABLE_MQTT AND _ssl_enabled) curl_add_if("WS" NOT CURL_DISABLE_WEBSOCKETS) @@ -2365,7 +2358,6 @@ if(NOT CURL_DISABLE_INSTALL) # USE_GNUTLS # USE_GSASL # USE_LIBPSL - # USE_LIBRTMP # USE_LIBSSH # USE_LIBSSH2 # USE_LIBUV @@ -2402,7 +2394,6 @@ if(NOT CURL_DISABLE_INSTALL) "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibgsasl.cmake" "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibidn2.cmake" "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibpsl.cmake" - "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibrtmp.cmake" "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibssh.cmake" "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibssh2.cmake" "${CMAKE_CURRENT_SOURCE_DIR}/CMake/FindLibuv.cmake" diff --git a/Makefile.am b/Makefile.am index 1913f5d007..bb1e7759f7 100644 --- a/Makefile.am +++ b/Makefile.am @@ -40,7 +40,6 @@ CMAKE_DIST = \ CMake/FindLibgsasl.cmake \ CMake/FindLibidn2.cmake \ CMake/FindLibpsl.cmake \ - CMake/FindLibrtmp.cmake \ CMake/FindLibssh.cmake \ CMake/FindLibssh2.cmake \ CMake/FindLibuv.cmake \ diff --git a/README.md b/README.md index 8834e48485..9f77de607b 100644 --- a/README.md +++ b/README.md @@ -8,8 +8,8 @@ SPDX-License-Identifier: curl curl is a command-line tool for transferring data from or to a server using URLs. It supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, -HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTMP, RTMPS, -RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. +HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTSP, SCP, +SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. Learn how to use curl by reading [the man page](https://curl.se/docs/manpage.html) or [everything diff --git a/configure.ac b/configure.ac index f924054c67..83e0cfc71f 100644 --- a/configure.ac +++ b/configure.ac @@ -165,7 +165,6 @@ curl_unix_sockets_msg="no (--enable-unix-sockets)" curl_ldaps_msg="no (--enable-ldaps)" curl_ipfs_msg="no (--enable-ipfs)" curl_rtsp_msg="no (--enable-rtsp)" - curl_rtmp_msg="no (--with-librtmp)" curl_psl_msg="no (--with-libpsl)" curl_altsvc_msg="enabled (--disable-alt-svc)" curl_headers_msg="enabled (--disable-headers-api)" @@ -2691,86 +2690,6 @@ if test "$CURL_DISABLE_LDAPS" != "1"; then curl_ldaps_msg="enabled" fi -dnl ********************************************************************** -dnl Check for the presence of LIBRTMP libraries and headers -dnl ********************************************************************** - -dnl Default to compiler & linker defaults for LIBRTMP files & libraries. -OPT_LIBRTMP=off -AC_ARG_WITH(librtmp,dnl -AS_HELP_STRING([--with-librtmp=PATH],[Where to look for librtmp, PATH points to the LIBRTMP installation; when possible, set the PKG_CONFIG_PATH environment variable instead of using this option]) -AS_HELP_STRING([--without-librtmp], [disable LIBRTMP]), - OPT_LIBRTMP=$withval) - -if test "x$OPT_LIBRTMP" != "xno"; then - dnl backup the pre-librtmp variables - CLEANLDFLAGS="$LDFLAGS" - CLEANLDFLAGSPC="$LDFLAGSPC" - CLEANCPPFLAGS="$CPPFLAGS" - CLEANLIBS="$LIBS" - - case "$OPT_LIBRTMP" in - yes) - dnl --with-librtmp (without path) used - CURL_CHECK_PKGCONFIG(librtmp) - - if test "$PKGCONFIG" != "no"; then - LIB_RTMP=`$PKGCONFIG --libs-only-l librtmp` - LD_RTMP=`$PKGCONFIG --libs-only-L librtmp` - CPP_RTMP=`$PKGCONFIG --cflags-only-I librtmp` - version=`$PKGCONFIG --modversion librtmp` - DIR_RTMP=`echo $LD_RTMP | $SED -e 's/^-L//'` - else - dnl To avoid link errors, we do not allow --librtmp without - dnl a pkgconfig file - AC_MSG_ERROR([--librtmp was specified but could not find librtmp pkgconfig file.]) - fi - ;; - off) - dnl no --with-librtmp option given, just check default places - LIB_RTMP="-lrtmp" - ;; - *) - dnl use the given --with-librtmp spot - LIB_RTMP="-lrtmp" - PREFIX_RTMP=$OPT_LIBRTMP - ;; - esac - - dnl if given with a prefix, we set -L and -I based on that - if test -n "$PREFIX_RTMP"; then - LD_RTMP=-L${PREFIX_RTMP}/lib$libsuff - CPP_RTMP=-I${PREFIX_RTMP}/include - DIR_RTMP=${PREFIX_RTMP}/lib$libsuff - fi - - LDFLAGS="$LDFLAGS $LD_RTMP" - LDFLAGSPC="$LDFLAGSPC $LD_RTMP" - CPPFLAGS="$CPPFLAGS $CPP_RTMP" - LIBS="$LIB_RTMP $LIBS" - - AC_CHECK_LIB(rtmp, RTMP_Init, - [ - AC_CHECK_HEADERS(librtmp/rtmp.h, - curl_rtmp_msg="enabled (librtmp)" - AC_DEFINE(USE_LIBRTMP, 1, [if librtmp is in use]) - USE_LIBRTMP=1 - LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE librtmp" - ) - ], - dnl not found, revert back to clean variables - LDFLAGS=$CLEANLDFLAGS - LDFLAGSPC=$CLEANLDFLAGSPC - CPPFLAGS=$CLEANCPPFLAGS - LIBS=$CLEANLIBS - ) - - if test "x$OPT_LIBRTMP" != "xoff" && - test "$USE_LIBRTMP" != "1"; then - AC_MSG_ERROR([librtmp libs and/or directories were not found where specified!]) - fi -fi - dnl ********************************************************************** dnl Check for linker switch for versioned symbols dnl ********************************************************************** @@ -5406,9 +5325,6 @@ fi if test "$CURL_DISABLE_RTSP" != "1"; then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS RTSP" fi -if test "$USE_LIBRTMP" = "1"; then - SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS RTMP" -fi if test "$CURL_DISABLE_WEBSOCKETS" != "1"; then SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS WS" if test "$SSL_ENABLED" = "1"; then @@ -5520,7 +5436,6 @@ AC_MSG_NOTICE([Configured to build curl/libcurl: LDAPS: ${curl_ldaps_msg} IPFS/IPNS: ${curl_ipfs_msg} RTSP: ${curl_rtsp_msg} - RTMP: ${curl_rtmp_msg} PSL: ${curl_psl_msg} Alt-svc: ${curl_altsvc_msg} Headers API: ${curl_headers_msg} diff --git a/docs/DEPRECATE.md b/docs/DEPRECATE.md index a040842baf..2ec587d21e 100644 --- a/docs/DEPRECATE.md +++ b/docs/DEPRECATE.md @@ -16,18 +16,6 @@ how your use case cannot be satisfied properly using a workaround. In March 2026, we drop support for all c-ares versions before 1.16.0. -## RTMP - -RTMP in curl is powered by the 3rd party library librtmp. - -- RTMP is barely used by curl users (2.2% in the 2025 survey) -- librtmp has no test cases, makes no proper releases and has not had a single - commit within the last year -- librtmp parses the URL itself and requires non-compliant URLs for this -- we have no RTMP tests - -Support for RTMP in libcurl gets removed in April 2026. - ## CMake 3.17 and earlier We remove support for CMake <3.18 in April 2026. @@ -65,3 +53,4 @@ TLS-SRP support gets removed in August 2026. - OpenSSL 1.1.1 and older (removed in 8.18.0) - Support for Windows XP (removed in 8.19.0) - OpenSSL-QUIC (removed in 8.19.0) +- RTMP (removed in 8.20.0) diff --git a/docs/FAQ.md b/docs/FAQ.md index d2cf9c8312..b5be1a1d42 100644 --- a/docs/FAQ.md +++ b/docs/FAQ.md @@ -21,8 +21,8 @@ The curl project produces two products: ### libcurl A client-side URL transfer library, supporting DICT, FILE, FTP, FTPS, GOPHER, -GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTMP, -RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. +GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, +RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading, Kerberos, SPNEGO, HTTP form based upload, proxies, cookies, user+password diff --git a/docs/HISTORY.md b/docs/HISTORY.md index 1816697500..c9ddb7dc62 100644 --- a/docs/HISTORY.md +++ b/docs/HISTORY.md @@ -492,3 +492,7 @@ We drop support for krb-ftp, Heimdal, wolfSSH and the winbuild build system. Add support for Apple SecTrust, native CA certs on Apple systems. December 15: the website served 78 TB over the last month. + +## 2026 + +April: removed support for RTMP diff --git a/docs/INSTALL-CMAKE.md b/docs/INSTALL-CMAKE.md index 9c92e4b4ca..08827b411e 100644 --- a/docs/INSTALL-CMAKE.md +++ b/docs/INSTALL-CMAKE.md @@ -380,7 +380,6 @@ Details via CMake - `USE_APPLE_IDN`: Use Apple built-in IDN support. Default: `OFF` - `USE_APPLE_SECTRUST`: Use Apple OS-native certificate verification. Default: `OFF` - `USE_LIBIDN2`: Use libidn2 for IDN support. Default: `ON` -- `USE_LIBRTMP`: Enable librtmp from rtmpdump. Default: `OFF` - `USE_NGHTTP2`: Use nghttp2 library. Default: `ON` - `USE_NGTCP2`: Use ngtcp2 and nghttp3 libraries for HTTP/3 support. Default: `OFF` - `USE_QUICHE`: Use quiche library for HTTP/3 support. Default: `OFF` @@ -431,8 +430,6 @@ Details via CMake - `LIBIDN2_LIBRARY`: Absolute path to `libidn2` library. - `LIBPSL_INCLUDE_DIR`: Absolute path to libpsl include directory. - `LIBPSL_LIBRARY`: Absolute path to `libpsl` library. -- `LIBRTMP_INCLUDE_DIR`: Absolute path to librtmp include directory. -- `LIBRTMP_LIBRARY`: Absolute path to `librtmp` library. - `LIBSSH_INCLUDE_DIR`: Absolute path to libssh include directory. - `LIBSSH_LIBRARY`: Absolute path to `libssh` library. - `LIBSSH_USE_STATIC_LIBS`: Configure for static libssh libraries. (experimental) diff --git a/docs/INSTALL.md b/docs/INSTALL.md index 8563f4af0f..d457c3a358 100644 --- a/docs/INSTALL.md +++ b/docs/INSTALL.md @@ -619,7 +619,6 @@ disabling support for some features (run `./configure --help` to see them all): - `--without-ngtcp2` (HTTP/2 using ngtcp2) - `--without-zstd` (Zstd on-the-fly decompression) - `--without-libidn2` (internationalized domain names) -- `--without-librtmp` (RTMP) - `--without-ssl` (SSL/TLS) - `--without-zlib` (gzip/deflate on-the-fly decompression) diff --git a/docs/URL-SYNTAX.md b/docs/URL-SYNTAX.md index 26b8ffaa12..097341f256 100644 --- a/docs/URL-SYNTAX.md +++ b/docs/URL-SYNTAX.md @@ -141,9 +141,8 @@ curl supports the following schemes on URLs specified to transfer. They are matched case insensitively: `dict`, `file`, `ftp`, `ftps`, `gopher`, `gophers`, `http`, `https`, `imap`, -`imaps`, `ldap`, `ldaps`, `mqtt`, `pop3`, `pop3s`, `rtmp`, `rtmpe`, `rtmps`, -`rtmpt`, `rtmpte`, `rtmpts`, `rtsp`, `smb`, `smbs`, `smtp`, `smtps`, `telnet`, -`tftp` +`imaps`, `ldap`, `ldaps`, `mqtt`, `pop3`, `pop3s`, `rtsp`, `smb`, `smbs`, +`smtp`, `smtps`, `telnet`, `tftp` When the URL is specified to identify a proxy, curl recognizes the following schemes: @@ -209,10 +208,9 @@ only if the URL starts with a scheme. If the port number is not specified in the URL, curl uses a default port number based on the provide scheme: -DICT 2628, FTP 21, FTPS 990, GOPHER 70, GOPHERS 70, HTTP 80, HTTPS 443, -IMAP 143, IMAPS 993, LDAP 389, LDAPS 636, MQTT 1883, POP3 110, POP3S 995, -RTMP 1935, RTMPS 443, RTMPT 80, RTSP 554, SCP 22, SFTP 22, SMB 445, SMBS 445, -SMTP 25, SMTPS 465, TELNET 23, TFTP 69 +DICT 2628, FTP 21, FTPS 990, GOPHER 70, GOPHERS 70, HTTP 80, HTTPS 443, IMAP +143, IMAPS 993, LDAP 389, LDAPS 636, MQTT 1883, POP3 110, POP3S 995, RTSP 554, +SCP 22, SFTP 22, SMB 445, SMBS 445, SMTP 25, SMTPS 465, TELNET 23, TFTP 69 # Scheme specific behaviors @@ -381,15 +379,3 @@ machine's fully qualified domain name, which you might have obtained from an external function such as gethostname or getaddrinfo. The default smtp port is 25. Some servers use port 587 as an alternative. - -## RTMP - -There is no official URL spec for RTMP so libcurl uses the URL syntax supported -by the underlying librtmp library. It has a syntax where it wants a -traditional URL, followed by a space and a series of space-separated -`name=value` pairs. - -While space is not typically a "legal" letter, libcurl accepts them. When a -user wants to pass in a `#` (hash) character it is treated as a fragment and -it gets cut off by libcurl if provided literally. You have to escape it by -providing it as backslash and its ASCII value in hexadecimal: `\23`. diff --git a/docs/cmdline-opts/_DESCRIPTION.md b/docs/cmdline-opts/_DESCRIPTION.md index 65ef69eec2..bb21f0ba32 100644 --- a/docs/cmdline-opts/_DESCRIPTION.md +++ b/docs/cmdline-opts/_DESCRIPTION.md @@ -4,8 +4,8 @@ **curl** is a tool for transferring data from or to a server using URLs. It supports these protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, -IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, -SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. +IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTSP, SCP, SFTP, SMB, +SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. curl is powered by libcurl for all transfer-related features. See *libcurl(3)* for details. diff --git a/docs/cmdline-opts/_PROTOCOLS.md b/docs/cmdline-opts/_PROTOCOLS.md index 76fa79676e..831b944d24 100644 --- a/docs/cmdline-opts/_PROTOCOLS.md +++ b/docs/cmdline-opts/_PROTOCOLS.md @@ -30,9 +30,6 @@ supported (yet). ## POP3(S) Downloading from a pop3 server means getting an email. With or without using TLS. -## RTMP(S) -The **Realtime Messaging Protocol** is primarily used to serve streaming media -and curl can download it. ## RTSP curl supports RTSP 1.0 downloads. ## SCP diff --git a/docs/libcurl/opts/CURLOPT_PROTOCOLS_STR.md b/docs/libcurl/opts/CURLOPT_PROTOCOLS_STR.md index 8de66099e1..7044dc8d81 100644 --- a/docs/libcurl/opts/CURLOPT_PROTOCOLS_STR.md +++ b/docs/libcurl/opts/CURLOPT_PROTOCOLS_STR.md @@ -42,8 +42,8 @@ set, it returns error. These are the available protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, -MQTT, MQTTS, POP3, POP3S, RTMP, RTMPE, RTMPS, RTMPT, RTMPTE, RTMPTS, RTSP, -SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS, WSS +MQTT, MQTTS, POP3, POP3S, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, +TFTP, WS, WSS You can set "ALL" as a short-cut to enable all protocols. Note that by setting all, you may enable protocols that were not supported the day you write this @@ -81,6 +81,10 @@ int main(int argc, char **argv) } ~~~ +# HISTORY + +RTMP and its related protocol schemes are not supported since curl 8.20.0 + # %AVAILABILITY% # RETURN VALUE diff --git a/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS_STR.md b/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS_STR.md index 2323829408..88d3620306 100644 --- a/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS_STR.md +++ b/docs/libcurl/opts/CURLOPT_REDIR_PROTOCOLS_STR.md @@ -46,8 +46,8 @@ By default libcurl allows HTTP, HTTPS, FTP and FTPS on redirects (since These are the available protocols: DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, -MQTT, MQTTS, POP3, POP3S, RTMP, RTMPE, RTMPS, RTMPT, RTMPTE, RTMPTS, RTSP, -SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS, WSS +MQTT, MQTTS, POP3, POP3S, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, +TFTP, WS, WSS You can set "ALL" as a short-cut to enable all protocols. Note that by setting all, you may enable protocols that were not supported the day you write this diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index d88d45504a..cdfb0169f8 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -971,12 +971,12 @@ CURLPROTO_MQTT 7.71.0 CURLPROTO_MQTTS 8.19.0 CURLPROTO_POP3 7.20.0 CURLPROTO_POP3S 7.20.0 -CURLPROTO_RTMP 7.21.0 -CURLPROTO_RTMPE 7.21.0 -CURLPROTO_RTMPS 7.21.0 -CURLPROTO_RTMPT 7.21.0 -CURLPROTO_RTMPTE 7.21.0 -CURLPROTO_RTMPTS 7.21.0 +CURLPROTO_RTMP 7.21.0 8.20.0 +CURLPROTO_RTMPE 7.21.0 8.20.0 +CURLPROTO_RTMPS 7.21.0 8.20.0 +CURLPROTO_RTMPT 7.21.0 8.20.0 +CURLPROTO_RTMPTE 7.21.0 8.20.0 +CURLPROTO_RTMPTS 7.21.0 8.20.0 CURLPROTO_RTSP 7.20.0 CURLPROTO_SCP 7.19.4 CURLPROTO_SFTP 7.19.4 diff --git a/lib/Makefile.inc b/lib/Makefile.inc index 84b4e5425b..dc96bf6660 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -172,7 +172,6 @@ LIB_CFILES = \ curl_memrchr.c \ curl_ntlm_core.c \ curl_range.c \ - curl_rtmp.c \ curl_sasl.c \ curl_sha512_256.c \ curl_share.c \ @@ -304,7 +303,6 @@ LIB_HFILES = \ curl_ntlm_core.h \ curl_printf.h \ curl_range.h \ - curl_rtmp.h \ curl_sasl.h \ curl_setup.h \ curl_sha256.h \ diff --git a/lib/curl_config-cmake.h.in b/lib/curl_config-cmake.h.in index 1dcab9d897..ad73c496de 100644 --- a/lib/curl_config-cmake.h.in +++ b/lib/curl_config-cmake.h.in @@ -706,9 +706,6 @@ ${SIZEOF_TIME_T_CODE} /* if AmiSSL is in use */ #cmakedefine USE_AMISSL 1 -/* if librtmp/rtmpdump is in use */ -#cmakedefine USE_LIBRTMP 1 - /* if GSASL is in use */ #cmakedefine USE_GSASL 1 diff --git a/lib/curl_rtmp.c b/lib/curl_rtmp.c deleted file mode 100644 index 75b80913d8..0000000000 --- a/lib/curl_rtmp.c +++ /dev/null @@ -1,326 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) Daniel Stenberg, , et al. - * Copyright (C) Howard Chu, - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * SPDX-License-Identifier: curl - * - ***************************************************************************/ -#include "curl_setup.h" - -#include "curl_rtmp.h" -#include "urldata.h" - -#ifdef USE_LIBRTMP - -#include "url.h" -#include "curlx/nonblock.h" -#include "progress.h" /* for Curl_pgrsSetUploadSize */ -#include "transfer.h" -#include "bufref.h" - -#include - -#if defined(USE_WINSOCK) || defined(LWIP_SO_SNDRCVTIMEO_NONSTANDARD) -#define SET_RCVTIMEO(tv, s) int tv = s * 1000 -#else -#define SET_RCVTIMEO(tv, s) struct timeval tv = { s, 0 } -#endif - -#define DEF_BUFTIME (2 * 60 * 60 * 1000) /* 2 hours */ - -/* meta key for storing RTMP* at connection */ -#define CURL_META_RTMP_CONN "meta:proto:rtmp:conn" - -static Curl_recv rtmp_recv; -static Curl_send rtmp_send; - -static void rtmp_conn_dtor(void *key, size_t klen, void *entry) -{ - RTMP *r = entry; - (void)key; - (void)klen; - RTMP_Close(r); - RTMP_Free(r); -} - -static CURLcode rtmp_setup_connection(struct Curl_easy *data, - struct connectdata *conn) -{ - RTMP *r = RTMP_Alloc(); - if(!r || - Curl_conn_meta_set(conn, CURL_META_RTMP_CONN, r, rtmp_conn_dtor)) - return CURLE_OUT_OF_MEMORY; - - RTMP_Init(r); - RTMP_SetBufferMS(r, DEF_BUFTIME); - if(!RTMP_SetupURL(r, CURL_UNCONST(Curl_bufref_ptr(&data->state.url)))) - /* rtmp_conn_dtor() performs the cleanup */ - return CURLE_URL_MALFORMAT; - return CURLE_OK; -} - -static CURLcode rtmp_connect(struct Curl_easy *data, bool *done) -{ - struct connectdata *conn = data->conn; - RTMP *r = Curl_conn_meta_get(conn, CURL_META_RTMP_CONN); - SET_RCVTIMEO(tv, 10); - - if(!r) - return CURLE_FAILED_INIT; - - if(conn->sock[FIRSTSOCKET] > INT_MAX) { - /* The socket value is invalid for rtmp. */ - return CURLE_FAILED_INIT; - } - - r->m_sb.sb_socket = (int)conn->sock[FIRSTSOCKET]; - - /* We have to know if it is a write before we send the - * connect request packet - */ - if(data->state.upload) - r->Link.protocol |= RTMP_FEATURE_WRITE; - - /* For plain streams, use the buffer toggle trick to keep data flowing */ - if(!(r->Link.lFlags & RTMP_LF_LIVE) && - !(r->Link.protocol & RTMP_FEATURE_HTTP)) - r->Link.lFlags |= RTMP_LF_BUFX; - - (void)curlx_nonblock(r->m_sb.sb_socket, FALSE); - setsockopt(r->m_sb.sb_socket, SOL_SOCKET, SO_RCVTIMEO, - (char *)&tv, sizeof(tv)); - - if(!RTMP_Connect1(r, NULL)) - return CURLE_FAILED_INIT; - - /* Clients must send a periodic BytesReceived report to the server */ - r->m_bSendCounter = TRUE; - - *done = TRUE; - conn->recv[FIRSTSOCKET] = rtmp_recv; - conn->send[FIRSTSOCKET] = rtmp_send; - return CURLE_OK; -} - -static CURLcode rtmp_do(struct Curl_easy *data, bool *done) -{ - struct connectdata *conn = data->conn; - RTMP *r = Curl_conn_meta_get(conn, CURL_META_RTMP_CONN); - - if(!r || !RTMP_ConnectStream(r, 0)) - return CURLE_FAILED_INIT; - - if(data->state.upload) { - Curl_pgrsSetUploadSize(data, data->state.infilesize); - Curl_xfer_setup_send(data, FIRSTSOCKET); - } - else - Curl_xfer_setup_recv(data, FIRSTSOCKET, -1); - *done = TRUE; - return CURLE_OK; -} - -static CURLcode rtmp_done(struct Curl_easy *data, CURLcode status, - bool premature) -{ - (void)data; - (void)status; - (void)premature; - - return CURLE_OK; -} - -static CURLcode rtmp_disconnect(struct Curl_easy *data, - struct connectdata *conn, - bool dead_connection) -{ - RTMP *r = Curl_conn_meta_get(conn, CURL_META_RTMP_CONN); - (void)data; - (void)dead_connection; - if(r) - Curl_conn_meta_remove(conn, CURL_META_RTMP_CONN); - return CURLE_OK; -} - -static CURLcode rtmp_recv(struct Curl_easy *data, int sockindex, char *buf, - size_t len, size_t *pnread) -{ - struct connectdata *conn = data->conn; - RTMP *r = Curl_conn_meta_get(conn, CURL_META_RTMP_CONN); - CURLcode result = CURLE_OK; - ssize_t rv; - - (void)sockindex; - *pnread = 0; - if(!r) - return CURLE_FAILED_INIT; - - rv = RTMP_Read(r, buf, curlx_uztosi(len)); - if(!curlx_sztouz(rv, pnread)) { - if(r->m_read.status == RTMP_READ_COMPLETE || - r->m_read.status == RTMP_READ_EOF) { - data->req.size = data->req.bytecount; - } - else - result = CURLE_RECV_ERROR; - } - - return result; -} - -static CURLcode rtmp_send(struct Curl_easy *data, int sockindex, - const uint8_t *buf, size_t len, bool eos, - size_t *pnwritten) -{ - struct connectdata *conn = data->conn; - RTMP *r = Curl_conn_meta_get(conn, CURL_META_RTMP_CONN); - ssize_t rv; - - (void)sockindex; - (void)eos; - *pnwritten = 0; - if(!r) - return CURLE_FAILED_INIT; - - rv = RTMP_Write(r, (const char *)buf, curlx_uztosi(len)); - if(!curlx_sztouz(rv, pnwritten)) - return CURLE_SEND_ERROR; - - return CURLE_OK; -} - -void Curl_rtmp_version(char *version, size_t len) -{ - char suff[2]; - if(RTMP_LIB_VERSION & 0xff) { - suff[0] = (RTMP_LIB_VERSION & 0xff) + 'a' - 1; - suff[1] = '\0'; - } - else - suff[0] = '\0'; - - curl_msnprintf(version, len, "librtmp/%d.%d%s", - RTMP_LIB_VERSION >> 16, (RTMP_LIB_VERSION >> 8) & 0xff, - suff); -} - -/* - * RTMP protocol handler.h, based on https://rtmpdump.mplayerhq.hu/ - */ - -static const struct Curl_protocol Curl_protocol_rtmp = { - rtmp_setup_connection, /* setup_connection */ - rtmp_do, /* do_it */ - rtmp_done, /* done */ - ZERO_NULL, /* do_more */ - rtmp_connect, /* connect_it */ - ZERO_NULL, /* connecting */ - ZERO_NULL, /* doing */ - ZERO_NULL, /* proto_pollset */ - ZERO_NULL, /* doing_pollset */ - ZERO_NULL, /* domore_pollset */ - ZERO_NULL, /* perform_pollset */ - rtmp_disconnect, /* disconnect */ - ZERO_NULL, /* write_resp */ - ZERO_NULL, /* write_resp_hd */ - ZERO_NULL, /* connection_check */ - ZERO_NULL, /* attach connection */ - ZERO_NULL, /* follow */ -}; - -#endif /* USE_LIBRTMP */ - -const struct Curl_scheme Curl_scheme_rtmp = { - "rtmp", /* scheme */ -#ifndef USE_LIBRTMP - ZERO_NULL, -#else - &Curl_protocol_rtmp, -#endif - CURLPROTO_RTMP, /* protocol */ - CURLPROTO_RTMP, /* family */ - PROTOPT_NONE, /* flags */ - PORT_RTMP, /* defport */ -}; - -const struct Curl_scheme Curl_scheme_rtmpt = { - "rtmpt", /* scheme */ -#ifndef USE_LIBRTMP - ZERO_NULL, -#else - &Curl_protocol_rtmp, -#endif - CURLPROTO_RTMPT, /* protocol */ - CURLPROTO_RTMPT, /* family */ - PROTOPT_NONE, /* flags */ - PORT_RTMPT, /* defport */ -}; - -const struct Curl_scheme Curl_scheme_rtmpe = { - "rtmpe", /* scheme */ -#ifndef USE_LIBRTMP - ZERO_NULL, -#else - &Curl_protocol_rtmp, -#endif - CURLPROTO_RTMPE, /* protocol */ - CURLPROTO_RTMPE, /* family */ - PROTOPT_NONE, /* flags */ - PORT_RTMP, /* defport */ -}; - -const struct Curl_scheme Curl_scheme_rtmpte = { - "rtmpte", /* scheme */ -#ifndef USE_LIBRTMP - ZERO_NULL, -#else - &Curl_protocol_rtmp, -#endif - CURLPROTO_RTMPTE, /* protocol */ - CURLPROTO_RTMPTE, /* family */ - PROTOPT_NONE, /* flags */ - PORT_RTMPT, /* defport */ -}; - -const struct Curl_scheme Curl_scheme_rtmps = { - "rtmps", /* scheme */ -#ifndef USE_LIBRTMP - ZERO_NULL, -#else - &Curl_protocol_rtmp, -#endif - CURLPROTO_RTMPS, /* protocol */ - CURLPROTO_RTMP, /* family */ - PROTOPT_NONE, /* flags */ - PORT_RTMPS, /* defport */ -}; - -const struct Curl_scheme Curl_scheme_rtmpts = { - "rtmpts", /* scheme */ -#ifndef USE_LIBRTMP - ZERO_NULL, -#else - &Curl_protocol_rtmp, -#endif - CURLPROTO_RTMPTS, /* protocol */ - CURLPROTO_RTMPT, /* family */ - PROTOPT_NONE, /* flags */ - PORT_RTMPS, /* defport */ -}; diff --git a/lib/curl_rtmp.h b/lib/curl_rtmp.h deleted file mode 100644 index e57d20c33a..0000000000 --- a/lib/curl_rtmp.h +++ /dev/null @@ -1,36 +0,0 @@ -#ifndef HEADER_CURL_RTMP_H -#define HEADER_CURL_RTMP_H -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) Howard Chu, - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - * SPDX-License-Identifier: curl - * - ***************************************************************************/ -extern const struct Curl_scheme Curl_scheme_rtmp; -extern const struct Curl_scheme Curl_scheme_rtmpt; -extern const struct Curl_scheme Curl_scheme_rtmpe; -extern const struct Curl_scheme Curl_scheme_rtmpte; -extern const struct Curl_scheme Curl_scheme_rtmps; -extern const struct Curl_scheme Curl_scheme_rtmpts; -#ifdef USE_LIBRTMP -void Curl_rtmp_version(char *version, size_t len); -#endif - -#endif /* HEADER_CURL_RTMP_H */ diff --git a/lib/url.c b/lib/url.c index 495de2297c..9ee5b08bf5 100644 --- a/lib/url.c +++ b/lib/url.c @@ -112,7 +112,6 @@ #include "imap.h" #include "url.h" #include "connect.h" -#include "curl_rtmp.h" #include "gopher.h" #include "mqtt.h" #include "rtsp.h" @@ -1485,55 +1484,49 @@ const struct Curl_scheme *Curl_getn_scheme(const char *scheme, size_t len) 6. make sure this function uses the same hash function that worked for schemetable.c */ - static const struct Curl_scheme * const all_schemes[67] = { - &Curl_scheme_file, - &Curl_scheme_mqtts, NULL, - &Curl_scheme_gophers, NULL, - &Curl_scheme_rtmpe, - &Curl_scheme_smtp, - &Curl_scheme_sftp, - &Curl_scheme_smb, - &Curl_scheme_smtps, - &Curl_scheme_telnet, - &Curl_scheme_gopher, - &Curl_scheme_tftp, NULL, NULL, NULL, - &Curl_scheme_ftps, - &Curl_scheme_http, - &Curl_scheme_imap, - &Curl_scheme_rtmps, - &Curl_scheme_rtmpt, NULL, NULL, NULL, - &Curl_scheme_ldaps, - &Curl_scheme_wss, - &Curl_scheme_https, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, - &Curl_scheme_rtsp, - &Curl_scheme_smbs, - &Curl_scheme_scp, NULL, NULL, NULL, - &Curl_scheme_pop3, NULL, NULL, - &Curl_scheme_rtmp, NULL, NULL, NULL, - &Curl_scheme_rtmpte, NULL, NULL, NULL, - &Curl_scheme_dict, NULL, NULL, NULL, + static const struct Curl_scheme * const all_schemes[47] = { &Curl_scheme_mqtt, + &Curl_scheme_smtp, + &Curl_scheme_tftp, + &Curl_scheme_imap, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, + &Curl_scheme_ldaps, + &Curl_scheme_dict, NULL, + &Curl_scheme_file, NULL, &Curl_scheme_pop3s, - &Curl_scheme_imaps, NULL, - &Curl_scheme_ws, NULL, - &Curl_scheme_rtmpts, - &Curl_scheme_ldap, NULL, NULL, &Curl_scheme_ftp, + &Curl_scheme_scp, + &Curl_scheme_mqtts, + &Curl_scheme_imaps, + &Curl_scheme_ldap, + &Curl_scheme_http, + &Curl_scheme_smb, NULL, NULL, + &Curl_scheme_telnet, + &Curl_scheme_https, + &Curl_scheme_gopher, + &Curl_scheme_rtsp, NULL, NULL, + &Curl_scheme_wss, NULL, + &Curl_scheme_gophers, + &Curl_scheme_smtps, + &Curl_scheme_pop3, + &Curl_scheme_ws, NULL, NULL, + &Curl_scheme_sftp, + &Curl_scheme_ftps, NULL, + &Curl_scheme_smbs, NULL, }; if(len && (len <= 7)) { const char *s = scheme; size_t l = len; const struct Curl_scheme *h; - unsigned int c = 978; + unsigned int c = 792; while(l) { - c <<= 5; + c <<= 4; c += (unsigned int)Curl_raw_tolower(*s); s++; l--; } - h = all_schemes[c % 67]; + h = all_schemes[c % 47]; if(h && curl_strnequal(scheme, h->name, len) && !h->name[len]) return h; } diff --git a/lib/urldata.h b/lib/urldata.h index b437771517..e8168a194b 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -45,9 +45,6 @@ #define PORT_SMTP 25 #define PORT_SMTPS 465 /* sometimes called SSMTP */ #define PORT_RTSP 554 -#define PORT_RTMP 1935 -#define PORT_RTMPT PORT_HTTP -#define PORT_RTMPS PORT_HTTPS #define PORT_GOPHER 70 #define PORT_MQTT 1883 #define PORT_MQTTS 8883 diff --git a/lib/version.c b/lib/version.c index 7ccd875dc8..97bccee9c4 100644 --- a/lib/version.c +++ b/lib/version.c @@ -46,11 +46,6 @@ #include #endif -#ifdef USE_LIBRTMP -#include -#include "curl_rtmp.h" -#endif - #ifdef HAVE_LIBZ #include #endif @@ -178,9 +173,6 @@ char *curl_version(void) #if !defined(CURL_DISABLE_HTTP) && defined(USE_HTTP3) char h3_version[30]; #endif -#ifdef USE_LIBRTMP - char rtmp_version[30]; -#endif #ifdef USE_GSASL char gsasl_buf[30]; #endif @@ -244,10 +236,6 @@ char *curl_version(void) Curl_quic_ver(h3_version, sizeof(h3_version)); src[i++] = h3_version; #endif -#ifdef USE_LIBRTMP - Curl_rtmp_version(rtmp_version, sizeof(rtmp_version)); - src[i++] = rtmp_version; -#endif #ifdef USE_GSASL curl_msnprintf(gsasl_buf, sizeof(gsasl_buf), "libgsasl/%s", gsasl_check_version(NULL)); @@ -350,14 +338,6 @@ static const char * const supported_protocols[] = { #if defined(USE_SSL) && !defined(CURL_DISABLE_POP3) "pop3s", #endif -#ifdef USE_LIBRTMP - "rtmp", - "rtmpe", - "rtmps", - "rtmpt", - "rtmpte", - "rtmpts", -#endif #ifndef CURL_DISABLE_RTSP "rtsp", #endif @@ -694,13 +674,5 @@ curl_version_info_data *curl_version_info(CURLversion stamp) feature_names[n] = NULL; /* Terminate array. */ version_info.features = features; -#ifdef USE_LIBRTMP - { - static char rtmp_version[30]; - Curl_rtmp_version(rtmp_version, sizeof(rtmp_version)); - version_info.rtmp_version = rtmp_version; - } -#endif - return &version_info; } diff --git a/projects/vms/generate_config_vms_h_curl.com b/projects/vms/generate_config_vms_h_curl.com index 245d072d20..8757a2982e 100644 --- a/projects/vms/generate_config_vms_h_curl.com +++ b/projects/vms/generate_config_vms_h_curl.com @@ -315,9 +315,6 @@ $write cvh "#endif" $write cvh "#ifdef USE_GNUTLS" $write cvh "#undef USE_GNUTLS" $write cvh "#endif" -$write cvh "#ifdef USE_LIBRTMP" -$write cvh "#undef USE_LIBRTMP" -$write cvh "#endif" $write cvh "#ifdef USE_MANUAL" $write cvh "#undef USE_MANUAL" $write cvh "#endif" diff --git a/scripts/cd2nroff b/scripts/cd2nroff index adc66216d7..598422e268 100755 --- a/scripts/cd2nroff +++ b/scripts/cd2nroff @@ -166,8 +166,6 @@ my %knownprotos = ( 'MQTT' => 1, 'POP3' => 1, 'POP3S' => 1, - 'RTMP' => 1, - 'RTMPS' => 1, 'RTSP' => 1, 'SCP' => 1, 'SFTP' => 1, diff --git a/scripts/ciconfig.pl b/scripts/ciconfig.pl index a02dfb768f..380fdfde7d 100755 --- a/scripts/ciconfig.pl +++ b/scripts/ciconfig.pl @@ -100,7 +100,6 @@ my %defaulton = ( 'ca-path' => 1, 'libssh2' => 1, 'nghttp2' => 1, - 'librtmp' => 1, 'libidn2' => 1, 'sysroot' => 1, 'lber-lib' => 1, diff --git a/scripts/schemetable.c b/scripts/schemetable.c index 49660c94d3..afa54c39af 100644 --- a/scripts/schemetable.c +++ b/scripts/schemetable.c @@ -46,12 +46,6 @@ static const char *scheme[] = { "mqtts", "pop3", "pop3s", - "rtmp", - "rtmpt", - "rtmpe", - "rtmpte", - "rtmps", - "rtmpts", "rtsp", "scp", "sftp", diff --git a/src/tool_help.c b/src/tool_help.c index 50cca52705..e2fa82636a 100644 --- a/src/tool_help.c +++ b/src/tool_help.c @@ -341,10 +341,7 @@ void tool_version_info(void) #endif /* !CURL_DISABLE_IPFS */ curl_mprintf("Protocols:"); for(builtin = built_in_protos; *builtin; ++builtin) { - /* Special case: do not list rtmp?* protocols. - They may only appear together with "rtmp" */ - if(!curl_strnequal(*builtin, "rtmp", 4) || !builtin[0][4]) - curl_mprintf(" %s", *builtin); + curl_mprintf(" %s", *builtin); #ifndef CURL_DISABLE_IPFS if(insert && insert == *builtin) { curl_mprintf(" ipfs ipns");